crypto.getRandomValues should throw an exception when given a big array

https://bugs.webkit.org/show_bug.cgi?id=95269 Reviewed by Eric Seidel. Source/WebCore: The W3C Web Cryptography Working Group has taken up specifying window.crypto. The latest draft calls for getRandomValues to throw an exception when given an array that's large. Test: security/crypto-random-values-limits.html * page/Crypto.cpp: (WebCore::Crypto::getRandomValues): LayoutTests: * security/crypto-random-values-limits-expected.txt: Added. * security/crypto-random-values-limits.html: Added. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@126953 268f45cc-cd09-0410-ab3c-d52691b4dbfc
ziswiler · Aug 29, 2012 · b71b45b · b71b45b
1 parent 62a8781
commit b71b45b
Show file tree

Hide file tree

Showing 5 changed files with 74 additions and 0 deletions.
diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
@@ -1,3 +1,13 @@
+2012-08-28  Adam Barth  <[email protected]>
+
+        crypto.getRandomValues should throw an exception when given a big array
+        https://bugs.webkit.org/show_bug.cgi?id=95269
+
+        Reviewed by Eric Seidel.
+
+        * security/crypto-random-values-limits-expected.txt: Added.
+        * security/crypto-random-values-limits.html: Added.
+
 2012-08-28  Tom Sepez  <[email protected]>
 
         CSP doesn't turn off eval, etc. in Web Workers

diff --git a/LayoutTests/security/crypto-random-values-limits-expected.txt b/LayoutTests/security/crypto-random-values-limits-expected.txt
@@ -0,0 +1,12 @@
+Tests the limits of crypto.randomValues.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS 'crypto' in window is true
+PASS 'getRandomValues' in window.crypto is true
+PASS crypto.getRandomValues(largeArray) threw exception Error: QUOTA_EXCEEDED_ERR: DOM Exception 22.
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
diff --git a/LayoutTests/security/crypto-random-values-limits.html b/LayoutTests/security/crypto-random-values-limits.html
@@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script src="../fast/js/resources/js-test-pre.js"></script>
+<script src="resources/utilities.js"></script>
+</head>
+<body>
+<p id="description"></p>
+<div id="console"></div>
+<script>
+description("Tests the limits of crypto.randomValues.");
+
+if (!window.ArrayBuffer)
+    debug("This test requres ArrayBuffers to run!");
+
+shouldBe("'crypto' in window", "true");
+shouldBe("'getRandomValues' in window.crypto", "true");
+
+try {
+    var largeArray = new Uint8Array(66000);
+
+    shouldThrow("crypto.getRandomValues(largeArray)");
+} catch(ex) {
+    debug(ex);
+}
+
+</script>
+<script src="../fast/js/resources/js-test-post.js"></script>
+</body>
+</html>
+
+
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
@@ -1,3 +1,19 @@
+2012-08-28  Adam Barth  <[email protected]>
+
+        crypto.getRandomValues should throw an exception when given a big array
+        https://bugs.webkit.org/show_bug.cgi?id=95269
+
+        Reviewed by Eric Seidel.
+
+        The W3C Web Cryptography Working Group has taken up specifying
+        window.crypto. The latest draft calls for getRandomValues to throw an
+        exception when given an array that's large.
+
+        Test: security/crypto-random-values-limits.html
+
+        * page/Crypto.cpp:
+        (WebCore::Crypto::getRandomValues):
+
 2012-08-28  Tom Sepez  <[email protected]>
 
         CSP doesn't turn off eval, etc. in Web Workers

diff --git a/Source/WebCore/page/Crypto.cpp b/Source/WebCore/page/Crypto.cpp
@@ -63,6 +63,10 @@ void Crypto::getRandomValues(ArrayBufferView* array, ExceptionCode& ec)
         ec = TYPE_MISMATCH_ERR;
         return;
     }
+    if (array->byteLength() > 65536) {
+        ec = QUOTA_EXCEEDED_ERR;
+        return;
+    }
     cryptographicallyRandomValues(array->baseAddress(), array->byteLength());
 #else
     ASSERT_UNUSED(array, array);