Closed
Bug 1453397
Opened 7 years ago
Closed 7 years ago
Reduce unsafe usage of integer->enum casts in IPC
Categories
(Core :: DOM: UI Events & Focus Handling, enhancement, P1)
Core
DOM: UI Events & Focus Handling
Tracking
()
RESOLVED
FIXED
mozilla61
Tracking | Status | |
---|---|---|
firefox61 | --- | fixed |
People
(Reporter: Alex_Gaynor, Assigned: Alex_Gaynor)
Details
Attachments
(1 file)
IME IPC uses |static_cast<Enum>(aArg)| in a handful of places in IPC which are unsafe under an adversarial content process, because it could send values that are outside the range of valid values.
I didn't spot any codepaths where this is necessarily exploitable, but there are a lot of them, so better safe than sorry :-)
Comment hidden (mozreview-request) |
Assignee | ||
Comment 2•7 years ago
|
||
Jim, wasn't sure who the best reviewer for this would be, can you suggest someone?
Flags: needinfo?(jmathies)
Assignee | ||
Updated•7 years ago
|
Attachment #8967071 -
Flags: review?(masayuki)
Comment 4•7 years ago
|
||
mozreview-review |
Comment on attachment 8967071 [details]
Bug 1453397 - use ContiguousEnumSerializer for serialization of enums in IPC for IMEs;
https://reviewboard.mozilla.org/r/235728/#review241676
Attachment #8967071 -
Flags: review?(masayuki) → review+
Assignee | ||
Updated•7 years ago
|
Keywords: checkin-needed
Pushed by ryanvm@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/775374240991
use ContiguousEnumSerializer for serialization of enums in IPC for IMEs; r=masayuki
Keywords: checkin-needed
![]() |
||
Comment 6•7 years ago
|
||
bugherder |
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla61
Updated•6 years ago
|
Component: Event Handling → User events and focus handling
You need to log in
before you can comment on or make changes to this bug.
Description
•