Closed
Bug 1027300
Opened 10 years ago
Closed 10 years ago
UMR in stun_get_siocgifconf_addrs
Categories
(Core :: WebRTC: Networking, defect)
Tracking
()
RESOLVED
FIXED
mozilla35
People
(Reporter: bwc, Assigned: bwc)
Details
(Keywords: sec-moderate, Whiteboard: [adv-main35+])
Attachments
(1 file)
916 bytes,
patch
|
mt
:
review+
|
Details | Diff | Splinter Review |
If any failure occurs here:
http://dxr.mozilla.org/mozilla-central/source/media/mtransport/third_party/nICEr/src/stun/addrs.c?from=stun_get_siocgifconf_addrs&case=true#608
|ptr| will be left pointing at uninitialized memory. A failure in the socket call above would do this, for sure.
Comment 1•10 years ago
|
||
Note that this needs to be fixed concurrently in the nICEr repo.
Updated•10 years ago
|
Keywords: sec-moderate
Assignee | ||
Comment 2•10 years ago
|
||
Assignee | ||
Updated•10 years ago
|
Assignee: nobody → docfaraday
Status: NEW → ASSIGNED
Assignee | ||
Comment 3•10 years ago
|
||
Comment on attachment 8481567 [details] [diff] [review]
Check for ioctl error return.
Review of attachment 8481567 [details] [diff] [review]:
-----------------------------------------------------------------
https://tbpl.mozilla.org/?tree=Try&rev=002920234613
Attachment #8481567 -
Flags: review?(martin.thomson)
Updated•10 years ago
|
Attachment #8481567 -
Flags: review?(martin.thomson) → review+
Assignee | ||
Comment 5•10 years ago
|
||
Comment 6•10 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
status-firefox35:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla35
Comment 7•10 years ago
|
||
(In reply to Randell Jesup [:jesup] from comment #4)
> Before checkin, note comment 1 from ekr about upstream
byron: has this been checked-in upstream?
Flags: needinfo?(docfaraday)
Updated•10 years ago
|
status-firefox34:
--- → wontfix
status-firefox-esr31:
--- → wontfix
Updated•10 years ago
|
Whiteboard: [adv-main35+]
Updated•9 years ago
|
Group: core-security → core-security-release
Updated•9 years ago
|
Group: core-security-release
You need to log in
before you can comment on or make changes to this bug.
Description
•