New issue
Advanced search Search tips

Issue 673422 link

Starred by 4 users
Status: Available
Owner: ----
Cc:
rockot@google.com
tsepez@chromium.org
dcheng@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 2
Type: Bug



Sign in to add a comment

Add simple range constraints to Mojo IDL

Project Member Reported by jsc...@chromium.org, Dec 12 2016 
This would make security auditing tremendously simpler. The basic idea is optional annotations for a maximum length on strings, vectors, and buffers. We should also be able to specify an optional max and min for any numeric values.

These constraints would then be enforced by mojo at the marshalling level, probably on both ends in debug builds and on the receiving end only in release builds.

Comment 1 by ranjitkan@chromium.org, Dec 13 2016

Labels: TE-NeedsTriageHelp

Comment 2 by yzshen@chromium.org, Jan 9 2017

Components: -Internals>Mojo Internals>Mojo>Bindings

Comment 3 by roc...@chromium.org, May 29 2017

Cc: roc...@chromium.org
Owner: ----
Status: Available (was: Unconfirmed)
Project Member

Comment 4 by sheriffbot@chromium.org, May 29 2018

Labels: Hotlist-Recharge-Cold
Status: Untriaged (was: Available)
This issue has been Available for over a year. If it's no longer important or seems unlikely to be fixed, please consider closing it out. If it is important, please re-triage the issue.

Sorry for the inconvenience if the bug really should have been left as Available.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 5 by roc...@chromium.org, Oct 17

Cc: -roc...@chromium.org rockot@google.com

Comment 6 by rockot@google.com, Nov 15

Cc: -yzshen@chromium.org
Labels: -Pri-3 -Hotlist-Recharge-Cold -TE-NeedsTriageHelp Pri-2
Status: Available (was: Untriaged)
Something to consider for near future work.

Sign in to add a comment