-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stronger checks for invalid sync codes #19200
Comments
cc: @jsecretan |
Not sure about
|
That's right, it already defaults to 32. The change I'm asking for is just to enforce that in the function. It could be as adding:
at the beginning of that function to crash the browser should this function ever get misused in the future. |
@fmarier thanks When having |
PR is opened for review |
Verified
Steps:
Verification PASSED on
|
Verification PASSED on
Verification passed on Brave v1.32.106 on Samsung Galaxy Tab S5e (Android 10.0) Verified test plan from brave/brave-core#10960
|
Here are a few small improvements that came up during a review of the Sync code:
None of these were found to be exploitable, but we'd like this code to be extra-paranoid about key-generation errors.
The text was updated successfully, but these errors were encountered: