Status: Assigned Owner: [email protected] CC: [email protected], [email protected] Labels: Type-Bug Pri-2 OS-All Area-BrowserBackend Security Mstone-4
New issue 25907 by [email protected]: ParamTraits<webkit_glue::FormFieldValues> can be abused by a corrupt renderer http://code.google.com/p/chromium/issues/detail?id=25907 ParamTraits<webkit_glue::FormFieldValues> can be abused by a corrupt renderer The Read function lacks the protections that the ParamTraits for std::vector has. We should not be calling resize blindly on the input given by the renderer. Over to jhawkins since he has been hacking on this code recently. I think we should fix this ParamTraits to be expressed in terms of a ParamTraits<std::vector<P> > call. That way we can avoid having to repeat the sensitive logic. -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---
