Skip to content

fix(url): validate name in URLSearchParams.append()#320

Open
watilde wants to merge 1 commit into
bytecodealliance:mainfrom
watilde:fix/urlsearchparams-append-name-validation
Open

fix(url): validate name in URLSearchParams.append()#320
watilde wants to merge 1 commit into
bytecodealliance:mainfrom
watilde:fix/urlsearchparams-append-name-validation

Conversation

@watilde

@watilde watilde commented Jun 27, 2026

Copy link
Copy Markdown

URLSearchParams.append() never checked whether stringifying the name argument succeeded. For a non-stringifiable name (a Symbol, or an object whose toString throws), core::encode_spec_string returns a SpecString with a null data pointer and a pending exception, which append handed straight to the Rust params_append — crashing the process in slice::from_raw_parts (UB in release) instead of throwing.

Null-check the encoded name and propagate the pending exception, exactly as delete()/has()/get()/set() already do. Add an integration test.

URLSearchParams.append() never checked whether stringifying the name
argument succeeded. For a non-stringifiable name (a Symbol, or an
object whose toString throws), core::encode_spec_string returns a
SpecString with a null data pointer and a pending exception, which
append handed straight to the Rust params_append — crashing the process
in slice::from_raw_parts (UB in release) instead of throwing.

Null-check the encoded name and propagate the pending exception, exactly
as delete()/has()/get()/set() already do. Add an integration test.

Signed-off-by: Daijiro Wachi <daijiro.wachi@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant