263187 – Make all senstitive $vm properties not enumerable by Object.getOwnPropertyNames.

RESOLVED FIXED263187

Make all senstitive $vm properties not enumerable by Object.getOwnPropertyNames.

https://bugs.webkit.org/show_bug.cgi?id=263187

Summary Make all senstitive $vm properties not enumerable by Object.getOwnPropertyNames.

Mark Lam

Reported 2023-10-16 00:08:28 PDT

$vm functions are not meant to be enumerable. That's why all of them have the DontEnum attribute. However, Object.getOwnPropertyNames does not honor this by default. As a result, this can trip up fuzzers that happens to enumerate it with Object.getOwnPropertyNames. rdar://112814894

Attachments
Add attachment proposed patch, testcase, etc.

Mark Lam

Comment 1 2023-10-16 00:20:01 PDT

Pull request: https://github.com/WebKit/WebKit/pull/19104

EWS

Comment 2 2023-10-16 07:28:47 PDT

Committed 269361@main (86513355ed9f): <https://commits.webkit.org/269361@main> Reviewed commits have been landed. Closing PR #19104 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component JavaScriptCore

Assignee

Mark Lam

Reported

2023-10-16 00:08 PDT

Modified

2023-10-16 07:28 PDT History

CC List

1 user Show

URL

Keywords InRadar

Depends on

Blocks