[tbb-commits] [tor-browser] 137/311: Bug 1755621 - Check webauthn extensions r=dveditz, a=tritter
gitolite role
git at cupani.torproject.org
Tue Apr 26 15:28:57 UTC 2022
This is an automated email from the git hooks/post-receive script.
pierov pushed a commit to branch geckoview-99.0.1-11.0-1
in repository tor-browser.
commit 23507e7644c10f6bd69cc8740b21530a8865f165
Author: R. Martinho Fernandes <bugs at rmf.io>
AuthorDate: Fri Mar 11 20:32:34 2022 +0000
Bug 1755621 - Check webauthn extensions r=dveditz, a=tritter
Differential Revision: https://phabricator.services.mozilla.com/D139499
---
dom/webauthn/WinWebAuthnManager.cpp | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/dom/webauthn/WinWebAuthnManager.cpp b/dom/webauthn/WinWebAuthnManager.cpp
index c3dc129c9149b..1b7d507456d18 100644
--- a/dom/webauthn/WinWebAuthnManager.cpp
+++ b/dom/webauthn/WinWebAuthnManager.cpp
@@ -287,10 +287,12 @@ void WinWebAuthnManager::Register(
break;
}
+ if (extra.Extensions().Length() > (int)(sizeof(rgExtension) / sizeof(rgExtension[0]))) {
+ nsresult aError = NS_ERROR_DOM_INVALID_STATE_ERR;
+ MaybeAbortRegister(aTransactionId, aError);
+ return;
+ }
for (const WebAuthnExtension& ext : extra.Extensions()) {
- MOZ_ASSERT(cExtensions <
- (int)(sizeof(rgExtension) / sizeof(rgExtension[0])));
-
if (ext.type() == WebAuthnExtension::TWebAuthnExtensionHmacSecret) {
HmacCreateSecret =
ext.get_WebAuthnExtensionHmacSecret().hmacCreateSecret() == true;
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the tbb-commits
mailing list