### Security Approval Request * **How easily could an exploit be constructed based on the patch?**: * **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: Yes * **Which older supported branches are affected by this flaw?**: * **If not all supported branches, which bug introduced the flaw?**: None * **Do you have backports for the affected branches?**: Yes * **If not, how different, hard to create, and risky will they be?**: * **How likely is this patch to cause regressions; how much testing does it need?**:
Bug 1640416 Comment 21 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
We should hold off landing the test part until questions about exploitability are answered. If it's really sec-high then a gtest is not a good idea. If the approval request in comment 18 is correct then it could be fine. Jan-Ivar: can you still trigger this in a Release build, and if so will you do so, report the crash, and link the crash report back here? Thanks.