Closed Bug 1266421 Opened 8 years ago Closed 8 years ago

Fix unsafe casts in the different TextureHost::SetCompositor implementations

Categories

(Core :: Graphics: Layers, defect)

Product:
Core
Component:
Graphics: Layers
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
firefox45 --- affected
firefox46 - wontfix
firefox47 - affected
firefox48 - fixed

People

(Reporter: lizzard, Unassigned)

References

Details

(Keywords: csectype-other, sec-moderate, Whiteboard: [gfx-noted][adv-main48-]) 

+++ This bug was initially created as a clone of Bug #1258768 +++
I think we end up performing a bad cast form BasicCOmpositor* -> CompositorOGL* on Mac somewhere in the bc7 tests.

Cloning this because nical suspects this could be a sec issue but didn't want to call attention to the existing bug. If it is critical we may need to uplift this (even to 46 in a dot release).
Tracking so we keep an eye on this possible security issue.
status-firefox45: --- → affected
status-firefox46: --- → affected
status-firefox47: --- → affected
status-firefox48: --- → fixed
tracking-firefox46: --- → +
tracking-firefox47: --- → +
tracking-firefox48: --- → +
Sec-moderate, I don't think we need to track this. It will be fixed in 48.
status-firefox46: affectedwontfix
tracking-firefox46: +-
tracking-firefox47: +-
tracking-firefox48: +-
Whiteboard: [gfx-noted] → [gfx-noted][adv-main48-]
:nical, was this fixed in 48?
Flags: needinfo?(nical.bugzilla)
(In reply to Milan Sreckovic [:milan] from comment #3)
> :nical, was this fixed in 48?

Yes, in 47 actually.
Status: NEW → RESOLVED
Closed: 8 years ago
Flags: needinfo?(nical.bugzilla)
Resolution: --- → FIXED
Group: gfx-core-security → core-security-release
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.