[Webkit-unassigned] [Bug 198308] New: Correct flaky WebAuthN test cases

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue May 28 15:58:10 PDT 2019


            Bug ID: 198308
           Summary: Correct flaky WebAuthN test cases
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: bfulgham at webkit.org

A series of flaky WebAuthN crashes were due to a mistake in the implementation of the MockHidConnection test object. This code is not used in production operation, and is not a security risk.

After reserving the appropriate size for the payload, and appending the Nonce to the payload, it was grown to the size of the kHidInitResponseSize constant. Unfortunately, this also changes the value the payload Vector returns when asked for its size.

Consequently, we always began writing the CtapChannelIdSize value aafter the end of the buffer we had just allocated.

I did not find any other instances of this coding issue elsewhere.

You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190528/d40f1c03/attachment.html>

More information about the webkit-unassigned mailing list