Mojo core: use safe numerics library for input validation |
||||||
Issue descriptionWe do a lot of pointer arithmetic to check sanity of untrusted message inputs. //base/numeric can make us safer and we should use it.
,
May 29 2017
Moving to available bug set so that someone can eventually re-audit the code and figure out what's left to convert, but I'll also note that as I'm refactoring many of the internals I am also switching input validation code to use safe numerics where appropriate.
,
May 29 2018
This issue has been Available for over a year. If it's no longer important or seems unlikely to be fixed, please consider closing it out. If it is important, please re-triage the issue. Sorry for the inconvenience if the bug really should have been left as Available. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 17
,
Nov 14
Triaging, still valid. We have more code using safe numerics now, but there's more we could do.
,
Nov 14
|
||||||
►
Sign in to add a comment |
||||||
Comment 1 by och...@chromium.org
, May 17 2016