### Security Approval Request * **How easily could an exploit be constructed based on the patch?**: From the fix and a line of the comment above, people might suspect this bug is related to the object itself was freed when its member function is called. However, it's still not clear for them, how to reproduce the bug. (I think the comment should be fine, but please help me to confirm. If you think it looks too obvious, I can change it.) * **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: Unknown * **Which older supported branches are affected by this flaw?**: esr 68 (53; it seems this issue can happen since bug 1267903) * **If not all supported branches, which bug introduced the flaw?**: None * **Do you have backports for the affected branches?**: No * **If not, how different, hard to create, and risky will they be?**: (To be clear, I will request uplift to beta and esr68) That shouldn't be hard to do that, but the priority for doing that is not so high since: - I haven't seen a bug/crash report that seems to be related to this issue/in the event source. - To reproduce this issue, a worker needs to terminate itself before creating an event source with an invalid scheme. So, that should be rare to occur in general script. * **How likely is this patch to cause regressions; how much testing does it need?**: It should be hard to cause regressions since this patch only holds a `RefPtr` to itself
Bug 1614339 Comment 8 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
### Security Approval Request * **How easily could an exploit be constructed based on the patch?**: From the fix and a line of the comment above, people might suspect this bug is related to the object itself was freed when its member function is called. However, it's still not clear for them, how to reproduce the bug. (I think the comment should be fine, but please help me to confirm. If you think it looks too obvious, I can change it.) * **Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?**: Unknown * **Which older supported branches are affected by this flaw?**: esr 68 (53; it seems this issue can happen since bug 1267903) * **If not all supported branches, which bug introduced the flaw?**: None * **Do you have backports for the affected branches?**: No * **If not, how different, hard to create, and risky will they be?**: (To be clear, I will request uplift to beta and esr68) That shouldn't be hard to do that, but the priority for doing that is not so high since: - I haven't seen a bug/crash report that seems to be related to this issue/in the event source. - To reproduce this issue, a worker needs to terminate itself before creating an event source with an invalid scheme. So, that should be rare to occur in general script. * **How likely is this patch to cause regressions; how much testing does it need?**: It should be hard to cause regressions since this patch only makes `EventSourceImpl` holds itself in `CloseInternal` function to ensure itself alive until the function is completed.