Issue 663407 link

Starred by 0 users

Issue metadata

Status:	Available
Owner:	----
Cc:	olivierrobin@chromium.org ios-bugs@chromium.org
Components:	UI>Browser>Autofill UI>Browser>Passwords
EstimatedDays:	----
NextAction:	----
OS:	iOS
Pri:	3
Type:	Task
Hotlist-TechnicalDebt

Fuzz form submission on iOS

Project Member Reported by vabr@chromium.org, Nov 8 2016

Issue description

The crash from bug 653379 might have been reproduced by a good fuzzer (we don't know, but it is likely that it was caused by weird UTF8/JSON encoding of a submitted form).

We should add a fuzzer for password manager and autofill on iOS. We should add it also on other platforms, but this bug needs a narrower scope. Also, iOS uses injected JavaScript for what other platforms have C++ in the renderer, so there are likely more vulnerabilities in the code (because the site scripts can interact more with Chromium code if that code is also in JS).

Project Member

Comment 1 by sheriffbot@chromium.org, Nov 9 2017

Labels: Hotlist-Recharge-Cold
Status: Untriaged (was: Available)

This issue has been Available for over a year. If it's no longer important or seems unlikely to be fixed, please consider closing it out. If it is important, please re-triage the issue.

Sorry for the inconvenience if the bug really should have been left as Available. If you change it back, also remove the "Hotlist-Recharge-Cold" label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot