Reduce unsafe usage of integer->enum casts in IPC

RESOLVED FIXED in Firefox 61

Status

()

enhancement
P1
normal
RESOLVED FIXED
Last year
Last year

People

(Reporter: Alex_Gaynor, Assigned: Alex_Gaynor)

Tracking

Trunk
mozilla61
Points:
---

Firefox Tracking Flags

(firefox61 fixed)

Details

Attachments

(1 attachment)

Graphics IPC uses |static_cast<gfx::SurfaceFormat>(aFormat)| in a handful of places in IPC which are unsafe under an adversarial content process, because it could send values that are outside the range of valid values.

I didn't spot any codepaths where this is necessarily exploitable, but there are a lot of them, so better safe than sorry :-)
Comment on attachment 8966638 [details]
Bug 1453016 - user safer enum serialization for gfx::SurfaceFormat in IPC;

https://reviewboard.mozilla.org/r/235350/#review241948
Attachment #8966638 - Flags: review+
Keywords: checkin-needed
Pushed by ccoroiu@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/3961427969b9
user safer enum serialization for gfx::SurfaceFormat in IPC; r=kats
Keywords: checkin-needed
Comment on attachment 8966638 [details]
Bug 1453016 - user safer enum serialization for gfx::SurfaceFormat in IPC;

https://reviewboard.mozilla.org/r/235350/#review242194

Kats did this already, but yay, just for good measure :)
Attachment #8966638 - Flags: review?(bas) → review+
https://hg.mozilla.org/mozilla-central/rev/3961427969b9
Status: NEW → RESOLVED
Closed: Last year
Resolution: --- → FIXED
Target Milestone: --- → mozilla61
Duplicate of this bug: 1447109
You need to log in before you can comment on or make changes to this bug.