Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(104)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 260253002: Proposed fix for Object.observe access checks (Closed)

Created:
6 years, 7 months ago by adamk
Modified:
6 years, 7 months ago
Reviewers:
dcarney
CC:
v8-dev
Base URL:
https://chromium.googlesource.com/external/v8.git@master
Visibility:
Public.

Description

Proposed fix for Object.observe access checks BUG=367817

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+10 lines, -17 lines) Patch
M src/runtime.cc View 1 chunk +10 lines, -17 lines 0 comments Download

Messages

Total messages: 2 (0 generated)
dcarney
looks ok, but we want to have all the cross-origin checks go through a chokepoint, ...
6 years, 7 months ago (2014-04-29 06:28:03 UTC) #1
adamk
6 years, 7 months ago (2014-04-29 15:31:27 UTC) #2 
On 2014/04/29 06:28:03, dcarney wrote:
> looks ok, but we want to have all the cross-origin checks go through a
> chokepoint, like MayAccessPreCheck (by having the relevant bit moved to
another
> function with a better name)

Indeed, thanks for taking a look. I should have said "proof of concept" fix,
this isn't actually the patch I'd want to land, it was just the minimal set of
code changes necessary to avoid the posted exploits.

There are also some loose ends that need to be tied up around
Object.getNotifier() that I need to tie up in the same patch.

Powered by Google App Engine
This is Rietveld 408576698