[fix] leaky functions and globals #10

Merged
merged 1 commit into from Jan 2, 2012

Projects

None yet

1 participant

@bmeck
Collaborator
bmeck commented Jan 2, 2012

This should fix the following:

Function constructor attack (use a comm channel instead of naive function).
Leaking global attack (easy Function wrapper).
Type coercion attack (serialize inside the sandbox, though you may want to add a circular dependency serializer inside the sandbox).
Function.caller attack (fixed by strict mode).
Function.arguments attack (fixed by strict mode).
Native prototype attack (fixed by lack of leaks from others, hooking Function.prototype.call from leaked function for example).

I added some basic examples.

@bmeck bmeck referenced this pull request Jan 2, 2012
Closed

Leak + "use strict" #9

@bmeck bmeck merged commit 5dcb4b4 into gf3:master Jan 2, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment