Review browser JS for dangerous eval()'s

RESOLVED DUPLICATE of bug 1473549

Status

()

defect
P3
normal
RESOLVED DUPLICATE of bug 1473549
18 years ago
20 days ago

People

(Reporter: security-bugs, Assigned: dveditz)

Tracking

(Depends on 1 bug)

Trunk
x86
Windows NT
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(2 attachments)

As Brendan warned in bug 87980, there may be other places where eval() or new
Function calls may allow the running of unescaped or otherwise dangerous code.
Jesse, please do an lxr search on the calls Brendan mentioned and look for
potentially dangerous usages.

Updated

18 years ago
Priority: -- → P3
Target Milestone: --- → mozilla0.9.4

Updated

18 years ago
Target Milestone: mozilla0.9.4 → mozilla0.9.3

Updated

18 years ago
Target Milestone: mozilla0.9.3 → mozilla0.9.4
r=mstoltz. Let's check it in!

Comment 4

18 years ago
jat checked in the eval fix above for me because I was having trouble checking 
in.  I'll do setTimeout next.  (I didn't get all the evals, since I couldn't 
figure out what it was being used for in every case.)

Updated

18 years ago
Target Milestone: mozilla0.9.4 → mozilla0.9.5

Updated

18 years ago
Target Milestone: mozilla0.9.5 → mozilla0.9.7
Less important bugs retargeted to 0.9.9
Target Milestone: mozilla0.9.7 → mozilla0.9.9
Mozilla1.0
Target Milestone: mozilla0.9.9 → mozilla1.0

Updated

17 years ago
Depends on: 159605

Updated

17 years ago
Target Milestone: mozilla1.0 → mozilla1.2beta

Updated

16 years ago
Depends on: 192317

Updated

16 years ago
Depends on: 191817

Updated

15 years ago
Depends on: 247606

Updated

15 years ago
Target Milestone: mozilla1.2beta → ---
I was just thinking about eval() in chrome.  Is anyone still interested in this 
bug?
Search for /."/ (slashes delimit the text to find) in attachment 155057 [details] and you
will find more than a few bogus evals.  The first one is this:

  eval( "gICalLib."+functionToRun+"( calendarEvent, Server )" );

It should be done away with like so:

  gICalLib[functionToRun]( calendarEvent, Server );

And so on for the rest.

/be

Updated

15 years ago
Assignee: jruderman → dveditz
QA Contact: ckritzer

Updated

13 years ago
Depends on: 246720
QA Contact: toolkit

Comment 10

20 days ago

We're taking care of this in bug 1473549 now.

Status: NEW → RESOLVED
Last Resolved: 20 days ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1473549
You need to log in before you can comment on or make changes to this bug.