Privacy Violation with SSN

Skip to first unread message

Eric Lee

Apr 11, 2023, 2:35:58 PM4/11/23
to GWT Users
We hava a GWT project, and user use WebInspect to scan, then they found a critial issue as below in the file 30.cache.js

What's the "133333119" ?
Is that bacause GWT obfuscate ?
Sorry we don't have the source codes of this GWT project (We just have WAR file only)

Many thx.

Colin Alworth

Apr 11, 2023, 3:25:55 PM4/11/23
to GWT Users
I haven't seen this come up before in a scan like this, thanks for sharing!

This is due to the compiler, but rather than obfuscation, this is due to the compiler solving for a constant value rather than doing the math at runtime. This same constant appears in the GWT showcase as well, at in the file.

function Hmc(a,b,c,d,e,f){Gmc();this.a=e;Th(a,Dwc(b,c,d,e,f));a.db==-1?(Sbc(),Idc(a.hb,133333119|(a.hb.__eventBits||0))):(a.db|=133333119)}

This is slightly different from yours, and not just in the obfuscation - I suspect that you have emulated stack traces enabled, which should allow you to check the value of the NWl and RWk constants to confirm - they should be the "stack trace element" information, like class+method name, line number etc.

In this case, that particular line comes from's constructor. That calls the constructor of the inner class UnclippedState, which has these lines:
    UnclippedState(Image image) {
      // We are working around an IE race condition that can make the image
      // incorrectly cache itself if the load event is assigned at the same time
      // as the image is added to the dom.
      Event.sinkEvents(image.getElement(), Event.ONLOAD);

      // Todo(ecc) this could be more efficient overall.
      image.sinkEvents(Event.ONCLICK | Event.ONDBLCLICK | Event.MOUSEEVENTS | Event.ONLOAD

That chained | expression results in the number you're seeing. Then, that value is passed to Widget.sinkEvents(), which looks like this:
  public void sinkEvents(int eventBitsToAdd) {
    if (isOrWasAttached()) {
    } else {
      eventsToSink |= eventBitsToAdd;

The isOrWasAttached() call is a comparison of a field to -1, and a ternary is used instead of an if/else for this:
a.db==-1 ?

Now it becomes clear that "this.eventsToSink" is "a.db", and "eventBitsToAdd" is the constant int 133333119.

Links to github source to confirm:

So - this is not a SSN, but just happens to have the same number of digits.
Reply all
Reply to author
0 new messages