Bug 1400019 - Don't assert on illegal WebAuthn algo names r?keeler
The algorithm names provided to the WebAuthn methods have to either be a
string, or (potentially) a WebCrypto object. Right now we only work with
strings, but there's no good reason to assert that, we can just let the
action fail.
This patch removes the assert to help out the fuzzing team.
MozReview-Commit-ID: 9dc8m0a2gZK
--- a/dom/webauthn/WebAuthnManager.cpp
+++ b/dom/webauthn/WebAuthnManager.cpp
@@ -51,18 +51,16 @@ NS_IMPL_ISUPPORTS(WebAuthnManager, nsIIP
* Utility Functions
**********************************************************************/
template<class OOS>
static nsresult
GetAlgorithmName(const OOS& aAlgorithm,
/* out */ nsString& aName)
{
- MOZ_ASSERT(aAlgorithm.IsString()); // TODO: remove assertion when we coerce.
-
if (aAlgorithm.IsString()) {
// If string, then treat as algorithm name
aName.Assign(aAlgorithm.GetAsString());
} else {
// TODO: Coerce to string and extract name. See WebCryptoTask.cpp
}
// Only ES256 is currently supported