New issue
Advanced search Search tips

Issue 796581 link

Starred by 1 user
Status: Fixed
Owner: ----
Closed: Jan 2018
Cc:
engedy@chromium.org
kpaulhamus@chromium.org
agl@chromium.org
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Bug



Sign in to add a comment

Implement sane error handling in c/b/webauth

Project Member Reported by engedy@chromium.org, Dec 20 2017 
Currently, many routines just CHECK if something goes awry. Crashing the browser sounds a somewhat heavy-handed way of handling errors, though. Before the feature is moved out from behind the flag, we should come up with something nicer.
Project Member

Comment 1 by bugdroid1@chromium.org, Jan 16 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/6138b72d317e4c6d8f81c992c4c6a91f47c2245b

commit 6138b72d317e4c6d8f81c992c4c6a91f47c2245b
Author: Kim Paulhamus <kpaulhamus@chromium.org>
Date: Tue Jan 16 08:59:16 2018

Implement better error handling for parsing register responses.

Return optionals and error messages instead of crashing.
Add a fuzzer for register_response_data.

Bug:  796581 
Change-Id: I6dadc9638e0946d2918023f67b14a930cd2814db
Reviewed-on: https://chromium-review.googlesource.com/862289
Reviewed-by: Balazs Engedy <engedy@chromium.org>
Reviewed-by: Max Moroz <mmoroz@chromium.org>
Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org>
Commit-Queue: Kim Paulhamus <kpaulhamus@chromium.org>
Cr-Commit-Position: refs/heads/master@{#529384}
[modify] https://crrev.com/6138b72d317e4c6d8f81c992c4c6a91f47c2245b/device/u2f/BUILD.gn
[modify] https://crrev.com/6138b72d317e4c6d8f81c992c4c6a91f47c2245b/device/u2f/attested_credential_data.cc
[modify] https://crrev.com/6138b72d317e4c6d8f81c992c4c6a91f47c2245b/device/u2f/attested_credential_data.h
[modify] https://crrev.com/6138b72d317e4c6d8f81c992c4c6a91f47c2245b/device/u2f/ec_public_key.cc
[modify] https://crrev.com/6138b72d317e4c6d8f81c992c4c6a91f47c2245b/device/u2f/fido_attestation_statement.cc
[modify] https://crrev.com/6138b72d317e4c6d8f81c992c4c6a91f47c2245b/device/u2f/register_response_data.cc
[modify] https://crrev.com/6138b72d317e4c6d8f81c992c4c6a91f47c2245b/device/u2f/register_response_data.h
[add] https://crrev.com/6138b72d317e4c6d8f81c992c4c6a91f47c2245b/device/u2f/register_response_data_fuzzer.cc
[add] https://crrev.com/6138b72d317e4c6d8f81c992c4c6a91f47c2245b/device/u2f/response_data_fuzzer_corpus/register1
[modify] https://crrev.com/6138b72d317e4c6d8f81c992c4c6a91f47c2245b/device/u2f/u2f_register.cc
[modify] https://crrev.com/6138b72d317e4c6d8f81c992c4c6a91f47c2245b/device/u2f/u2f_register_unittest.cc

Comment 2 by kpaulhamus@chromium.org, Jan 16 2018

Status: Fixed (was: Available)

Sign in to add a comment