Open Bug 1430159 Opened 2 years ago Updated 9 months ago

allow protocols to specify an argument validator that automatically gets executed

Categories

(Core :: IPC, enhancement, P3)

enhancement

Tracking

()

Fission Milestone Future

People

(Reporter: bkelly, Unassigned)

References

(Blocks 1 open bug)

Details

A common IPC protocol hardening approach is to:

1. Validate arguments in the content process before sending the message.
2. Validate again in the parent process.  If they fail at that point we know we have a spoofed message and can KillHard the child.

It would be nice if there was a hook for a protocol implementation to register a validation method that Send*() and Recv*() could automatically run to do this kind of checking.  Many protocols will need more context to do proper validation, but there are probably a lot of places where simple checks would go a long way.

For example, an API taking a URL argument could:

1. Validate the URL parses.
2. Validate the URL has the expected scheme (perhaps chrome:// only, etc.)
3. Perhaps validate other know path/file extension limitations.
Priority: -- → P3
Fission Milestone: --- → Future
You need to log in before you can comment on or make changes to this bug.