Closed Bug 815589 Opened 7 years ago Closed 4 years ago

[homescreen] Vulnerability analysis issues - page.js

Categories

(Firefox OS Graveyard :: Gaia::Homescreen, defect)

ARM
Gonk (Firefox OS)
defect
Not set

Tracking

(Not tracked)

RESOLVED WONTFIX

People

(Reporter: macajc, Unassigned)

References

Details

We have run an automated vulnerability analysis on the Gaia code. 
After manually filtering the results we have found the following possible issue on the Feedback app:

* js/page.js

Line 167 might have a problem. Allowing user input to control resource identifiers could enable an attacker to access or modify otherwise protected system resources.

Source: page.js:155 Read ~localScope.~parent.xhr.response()

153     return;
154   }
155   self.loadImageData(xhr.response);
156 };

Sink: page.js:167 createObjectURL(0)
165 var img = new Image();
166 if (blob) {
167   var url = window.URL.createObjectURL(blob);
168   img.src = url;
169 } else {

This might be a problem. We haven't checked what images are actually loaded but if they aren't sanitized beforehand this might lead into problems.
 Philipp, could you take a look to this issue? As far as I know you implemented this. thanks a lot
Mass update: Resolve wontfix all issues with legacy homescreens.

As of 2.6 we have a new homescreen and having these issues open is confusing. All issues will block bug 1231115 so we can use that to re-visit any of these if needed.
Blocks: 1231115
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.