Closed Bug 678264 Opened 14 years ago Closed 13 years ago

Assignments to innerHTML from function return values are ignored.

Tracking

(Not tracked)

Status:

RESOLVED FIXED

Milestone:

2012-09-06

People

(Reporter: kmag, Unassigned)

Details

Kris Maglione [:kmag]

Reporter

Description

•

14 years ago

Lines like the following, which should be flagged, are ignored: foo.innerHTML = bar(); I've come across quite a lot of these recently but hadn't gotten around to tracking them down. The last one was a major remote chrome code execution vulnerability, so it would be nice to have this fixed soon.

Matt Basta [:basta]

Comment 1

•

13 years ago

Fixed: https://github.com/mozilla/amo-validator/commit/f04ea51e27c5e25e24d3ef17b82fcc2a987abdce

Status: NEW → RESOLVED

Closed: 13 years ago

Resolution: --- → FIXED

Matt Basta [:basta]

Updated

•

13 years ago

Target Milestone: --- → 2012-09-06

Nobody; OK to take it and work on it

Assignee

Updated

•

9 years ago

Product: addons.mozilla.org → addons.mozilla.org Graveyard

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Assignments to innerHTML from function return values are ignored.

Categories

(addons.mozilla.org Graveyard :: Add-on Validation, defect)

Tracking

(Not tracked)

People

(Reporter: kmag, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Updated

Updated