Closed
Bug 88314
Opened 24 years ago
Closed 6 years ago
Review browser JS for dangerous eval()'s
Categories
(Core :: Security, defect, P3)
Tracking
()
RESOLVED
DUPLICATE
of bug 1473549
People
(Reporter: security-bugs, Assigned: dveditz)
References
(Depends on 1 open bug)
Details
Attachments
(2 files)
(deleted),
patch
|
Details | Diff | Splinter Review | |
(deleted),
text/plain
|
Details |
As Brendan warned in bug 87980, there may be other places where eval() or new
Function calls may allow the running of unescaped or otherwise dangerous code.
Jesse, please do an lxr search on the calls Brendan mentioned and look for
potentially dangerous usages.
Updated•24 years ago
|
Priority: -- → P3
Target Milestone: --- → mozilla0.9.4
Updated•24 years ago
|
Target Milestone: mozilla0.9.4 → mozilla0.9.3
Updated•24 years ago
|
Target Milestone: mozilla0.9.3 → mozilla0.9.4
Comment 1•23 years ago
|
||
Comment 2•23 years ago
|
||
r/sr=brendan@mozilla.org, nice.
/be
Reporter | ||
Comment 3•23 years ago
|
||
r=mstoltz. Let's check it in!
Comment 4•23 years ago
|
||
jat checked in the eval fix above for me because I was having trouble checking
in. I'll do setTimeout next. (I didn't get all the evals, since I couldn't
figure out what it was being used for in every case.)
Updated•23 years ago
|
Target Milestone: mozilla0.9.4 → mozilla0.9.5
Updated•23 years ago
|
Target Milestone: mozilla0.9.5 → mozilla0.9.7
Reporter | ||
Comment 5•23 years ago
|
||
Less important bugs retargeted to 0.9.9
Target Milestone: mozilla0.9.7 → mozilla0.9.9
Updated•22 years ago
|
Target Milestone: mozilla1.0 → mozilla1.2beta
Updated•21 years ago
|
Target Milestone: mozilla1.2beta → ---
Comment 7•20 years ago
|
||
I was just thinking about eval() in chrome. Is anyone still interested in this
bug?
Assignee | ||
Comment 8•20 years ago
|
||
Comment 9•20 years ago
|
||
Search for /."/ (slashes delimit the text to find) in attachment 155057 [details] and you
will find more than a few bogus evals. The first one is this:
eval( "gICalLib."+functionToRun+"( calendarEvent, Server )" );
It should be done away with like so:
gICalLib[functionToRun]( calendarEvent, Server );
And so on for the rest.
/be
Updated•20 years ago
|
Assignee: jruderman → dveditz
QA Contact: ckritzer
Updated•15 years ago
|
QA Contact: toolkit
Comment 10•6 years ago
|
||
We're taking care of this in bug 1473549 now.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•