263506 – Make sensitive jsc global namespace properties not enumerable by Object.getOwnPropertyNames.

RESOLVED FIXED263506

Make sensitive jsc global namespace properties not enumerable by Object.getOwnPropertyNames.

https://bugs.webkit.org/show_bug.cgi?id=263506

Summary Make sensitive jsc global namespace properties not enumerable by Object.getOw...

Mark Lam

Reported 2023-10-21 22:58:55 PDT

Some functions in the jsc shell GlobalObject are only added as debugging aids. They are meant to be used carefully under controlled conditions for test development. Though they are added as DontEnum, Object.getOwnPropertyNames() still enumerates them. We should filter out all DontEnum properties of this GlobalObject so as not to trip up fuzzers that try to fuzz with Object.getOwnPropertyNames. rdar://112815258

Attachments
Add attachment proposed patch, testcase, etc.

Mark Lam

Comment 1 2023-10-21 23:31:45 PDT

Pull request: https://github.com/WebKit/WebKit/pull/19399

EWS

Comment 2 2023-10-22 20:54:06 PDT

Committed 269639@main (15477a1fd6b5): <https://commits.webkit.org/269639@main> Reviewed commits have been landed. Closing PR #19399 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component JavaScriptCore

Assignee

Mark Lam

Reported

2023-10-21 22:58 PDT

Modified

2023-10-22 20:54 PDT History

CC List

1 user Show

URL

Keywords InRadar

Depends on

Blocks