Closed Bug 1242909 Opened 4 years ago Closed 4 years ago
Firefox crash : malformed CSP report-uri directive
Attachment #8712095 - Attachment mime type: text/x-log → text/plain
https://crash-stats.mozilla.com/report/index/e8c3bfab-c74c-48b6-8200-8c5172160126 AFAICT this is a nullptr crash (at least on ff44 beta, where I tested) and so it might not need to be sec-sensitive.
Group: firefox-core-security → core-security
Status: UNCONFIRMED → NEW
Component: Untriaged → DOM: Security
Ever confirmed: true
Product: Firefox → Core
This code: https://dxr.mozilla.org/mozilla-central/rev/aa90f482e16db77cdb7dea84564ea1cbd8f7f6b3/dom/security/nsCSPContext.cpp#917-919 should actually continue; if uploadChannel is null.
This should do the trick.
Assignee: nobody → gijskruitbosch+bugs
Status: NEW → ASSIGNED
Now without random leftovers from another bit of work - sorry for the bugspam.
Attachment #8712101 - Flags: review?(mozilla)
Comment on attachment 8712101 [details] [diff] [review] Patch v0.2 Review of attachment 8712101 [details] [diff] [review]: ----------------------------------------------------------------- Thanks Gijs, that is indeed the right fix. I also don't think this needs to be security sensitive - feel free to open it up.
Attachment #8712101 - Flags: review?(mozilla) → review+
Ryan, can you un-sec-sensitive this, please? Thanks!
Comment on attachment 8712101 [details] [diff] [review] Patch v0.2 Approval Request Comment [Feature/regressing bug #]: CSP parsing [User impact if declined]: crashes! [Describe test coverage new/current, TreeHerder]: https://dxr.mozilla.org/mozilla-central/source/dom/security/test/csp and various other tests, but nothing specifically for this issue, it seems [Risks and why]: very low, essentially just a nullcheck [String/UUID change made/needed]: nope
Comment on attachment 8712101 [details] [diff] [review] Patch v0.2 Fix a crash, taking it.
Should be in 45 beta 2
You need to log in before you can comment on or make changes to this bug.