Open Bug 1430159 Opened 6 years ago Updated 2 years ago

allow protocols to specify an argument validator that automatically gets executed

Tracking

()

Status:

NEW

Project Flags:

Fission Milestone

Future

People

(Reporter: bkelly, Unassigned)

References

(Blocks 1 open bug)

Details

Ben Kelly [:bkelly, not reviewing]

Reporter

Description

•

6 years ago

A common IPC protocol hardening approach is to:

1. Validate arguments in the content process before sending the message.
2. Validate again in the parent process.  If they fail at that point we know we have a spoofed message and can KillHard the child.

It would be nice if there was a hook for a protocol implementation to register a validation method that Send*() and Recv*() could automatically run to do this kind of checking.  Many protocols will need more context to do proper validation, but there are probably a lot of places where simple checks would go a long way.

For example, an API taking a URL argument could:

1. Validate the URL parses.
2. Validate the URL has the expected scheme (perhaps chrome:// only, etc.)
3. Perhaps validate other know path/file extension limitations.

Ben Kelly [:bkelly, not reviewing]

Reporter

Updated

•

6 years ago

Blocks: site-isolation

Jim Mathies [:jimm]

Updated

•

6 years ago

Priority: -- → P3

Andrew Overholt [:overholt]

Updated

•

6 years ago

Blocks: fission

Neha Kochar [:neha]

Updated

•

5 years ago

Fission Milestone: --- → Future

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

allow protocols to specify an argument validator that automatically gets executed

Categories

(Core :: IPC, enhancement, P3)

Tracking

()

People

(Reporter: bkelly, Unassigned)

References

(Blocks 1 open bug)

Details

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated

Updated

Updated