Security/Tainting IPC Data: Difference between revisions

Jump to navigation Jump to search

Security/Tainting IPC Data (view source)

Revision as of 11:37, 10 July 2020

354 bytes added ,  10 July 2020
add moz validate or
m (add meta)
(add moz validate or)
Line 31: Line 31:
As you can see in the code sample above, the macro unwraps a <code>Taint&lt;T&gt;</code> and returns a <code>T</code>.
As you can see in the code sample above, the macro unwraps a <code>Taint&lt;T&gt;</code> and returns a <code>T</code>.
The second parameter of the macro should receive an boolean expression that ensures the value is within expected boundaries.
The second parameter of the macro should receive an boolean expression that ensures the value is within expected boundaries.
The value will only be unwrapped when the condition is true. If it is not, we will raise a <code>MOZ_RELEASE_ASSERT</code>.
If this is not desirable, see below.


==== <code>MOZ_VALIDATE_OR(aValue, condition, defaultValue)</code> ====
The <code>MOZ_VALIDATE_OR</code> behaves similar to the above, but returns a default value instead of raising an assert.


==== <code>MOZ_NO_VALIDATE(aValue, "justification")</code>  ====
==== <code>MOZ_NO_VALIDATE(aValue, "justification")</code>  ====
Fbraun
Confirmed users
239

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1228953"

Navigation menu