http://hg.mozilla.org/projects/electrolysis/rev/7796b2eb23c3 fixes a boneheaded bug in the deserialization of NPWindow in which a data member that was being *serialized* was not being *deserialized*, thus leaving unread data in the Message's payload buffer. To check for these errors, we should add a Pickle::EndRead(iter) method that's called after all data is supposed to have been deserialized. This method would check that the data iterator indeed pointed at the end of the payload buffer, and if not, crash noisily (that's a potential security bug). The call to this method would be inserted automatically by the IPDL compiler.
9 years ago
Summary: Check that Message's are fully deserialized → IPDL: Check that Message's are fully deserialized
Status: NEW → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.