Bug 263506 - Make sensitive jsc global namespace properties not enumerable by Object.getOwnPropertyNames.
Summary: Make sensitive jsc global namespace properties not enumerable by Object.getOw...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Mark Lam
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2023-10-21 22:58 PDT by Mark Lam
Modified: 2023-10-22 20:54 PDT (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Lam 2023-10-21 22:58:55 PDT 
Some functions in the jsc shell GlobalObject are only added as debugging aids.  They are meant to be used carefully under controlled conditions for test development.  Though they are added as DontEnum, Object.getOwnPropertyNames() still enumerates them.  We should filter out all DontEnum properties of this GlobalObject so as not to trip up fuzzers that try to fuzz with Object.getOwnPropertyNames.

rdar://112815258
Comment 1 Mark Lam 2023-10-21 23:31:45 PDT 
Pull request: https://github.com/WebKit/WebKit/pull/19399
Comment 2 EWS 2023-10-22 20:54:06 PDT 
Committed 269639@main (15477a1fd6b5): <https://commits.webkit.org/269639@main>

Reviewed commits have been landed. Closing PR #19399 and removing active labels.