### Security Approval Request * **How easily could an exploit be constructed based on the patch?**: I believe it would be very hard, but would appreciate having my working checked. Access to the vulnerable APIs is gated behind [ChromeOnly](https://searchfox.org/mozilla-central/rev/ad2ffab089e4e0c0fe99a1a046ab2b1c45546bdb/dom/webidl/MediaSource.webidl#49) and [other checks](https://searchfox.org/mozilla-central/rev/ad2ffab089e4e0c0fe99a1a046ab2b1c45546bdb/dom/webidl/HTMLMediaElement.webidl#107). My understanding is because of this we don't a have a vulnerability from general JS -- though a malicious addon with the right access could trigger the race. Commit messages and code can be made even more vague if there's concern. * **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: No * **Which older supported branches are affected by this flaw?**: All * **If not all supported branches, which bug introduced the flaw?**: None * **Do you have backports for the affected branches?**: No * **If not, how different, hard to create, and risky will they be?**: I expect the code will graft cleanly if needed, but haven't verified as such. * **How likely is this patch to cause regressions; how much testing does it need?**: Unlikely to cause real world issues because the APIs are guarded. I would expect automated testing to catch if I haven't fixed all the data races. I've added some tests here to cover the APIs. I don't think further testing is needed given these are debug APIs.
Bug 1724106 Comment 11 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
### Security Approval Request * **How easily could an exploit be constructed based on the patch?**: I believe it would be very hard, but would appreciate having my working checked. Access to the vulnerable APIs is gated behind [ChromeOnly](https://searchfox.org/mozilla-central/rev/ad2ffab089e4e0c0fe99a1a046ab2b1c45546bdb/dom/webidl/MediaSource.webidl#49) and [other checks](https://searchfox.org/mozilla-central/rev/ad2ffab089e4e0c0fe99a1a046ab2b1c45546bdb/dom/webidl/HTMLMediaElement.webidl#107). My understanding is because of this we don't a have a vulnerability from general JS -- though a malicious addon with the right access could trigger the race. Commit messages and code can be made even more vague if there's concern. * **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: No * **Which older supported branches are affected by this flaw?**: All * **If not all supported branches, which bug introduced the flaw?**: All are affected. * **Do you have backports for the affected branches?**: No * **If not, how different, hard to create, and risky will they be?**: I expect the code will graft cleanly if needed, but haven't verified as such. * **How likely is this patch to cause regressions; how much testing does it need?**: Unlikely to cause real world issues because the APIs are guarded. I would expect automated testing to catch if I haven't fixed all the data races. I've added some tests here to cover the APIs. I don't think further testing is needed given these are debug APIs.