style-checker: Add UAF to the list of security words to warn about.
authorclopez@igalia.com <clopez@igalia.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 5 Mar 2020 18:07:20 +0000 (18:07 +0000)
committerclopez@igalia.com <clopez@igalia.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 5 Mar 2020 18:07:20 +0000 (18:07 +0000)
https://bugs.webkit.org/show_bug.cgi?id=208643

Reviewed by Jonathan Bedard.

UAF is a common acronym used for use after free.

* Scripts/webkitpy/style/checkers/changelog.py:
(ChangeLogChecker.check_for_unwanted_security_phrases):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@257923 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Tools/ChangeLog
Tools/Scripts/webkitpy/style/checkers/changelog.py

index 58030b2..4576b37 100644 (file)
@@ -1,3 +1,15 @@
+2020-03-05  Carlos Alberto Lopez Perez  <clopez@igalia.com>
+
+        style-checker: Add UAF to the list of security words to warn about.
+        https://bugs.webkit.org/show_bug.cgi?id=208643
+
+        Reviewed by Jonathan Bedard.
+
+        UAF is a common acronym used for use after free.
+
+        * Scripts/webkitpy/style/checkers/changelog.py:
+        (ChangeLogChecker.check_for_unwanted_security_phrases):
+
 2020-03-04  Basuke Suzuki  <basuke.suzuki@sony.com>
 
         [MSVC] Add .natvis support of WebKit types
 2020-03-04  Basuke Suzuki  <basuke.suzuki@sony.com>
 
         [MSVC] Add .natvis support of WebKit types
index 97a9040..399dacf 100644 (file)
@@ -103,7 +103,7 @@ class ChangeLogChecker(object):
             "arbitrary code execution", "buffer overflow", "buffer overrun",
             "buffer underrun", "dangling pointer", "double free", "fuzzer", "fuzzing", "fuzz test",
             "invalid cast", "jsfunfuzz", "malicious", "memory corruption", "security bug",
             "arbitrary code execution", "buffer overflow", "buffer overrun",
             "buffer underrun", "dangling pointer", "double free", "fuzzer", "fuzzing", "fuzz test",
             "invalid cast", "jsfunfuzz", "malicious", "memory corruption", "security bug",
-            "security flaw", "use after free", "use-after-free", "UXSS",
+            "security flaw", "use after free", "use-after-free", "UAF", "UXSS",
             "WTFCrashWithSecurityImplication",
             "spoof",  # Captures spoof, spoofed, spoofing
             "vulnerab",  # Captures vulnerable, vulnerability, vulnerabilities
             "WTFCrashWithSecurityImplication",
             "spoof",  # Captures spoof, spoofed, spoofing
             "vulnerab",  # Captures vulnerable, vulnerability, vulnerabilities