Closed
Bug 1363431
Opened 7 years ago
Closed 7 years ago
wasm: Check maximum size of br_table
Categories
(Core :: JavaScript Engine: JIT, defect)
Core
JavaScript Engine: JIT
Tracking
()
RESOLVED
FIXED
mozilla55
People
(Reporter: bbouvier, Assigned: bbouvier)
References
Details
Attachments
(1 file)
59 bytes,
text/x-review-board-request
|
luke
:
review+
gchang
:
approval-mozilla-aurora-
gchang
:
approval-mozilla-beta+
|
Details |
This somehow disappeared recently and :decoder found it during fuzzing. Let's fix it. I need to check whether it should be uplifted as well.
Comment hidden (mozreview-request) |
Comment 2•7 years ago
|
||
mozreview-review |
Comment on attachment 8865922 [details] Bug 1363431: wasm: Check for maximum br_table size; https://reviewboard.mozilla.org/r/137512/#review141104 Weird; I wonder where it went?
Attachment #8865922 -
Flags: review?(luke) → review+
Pushed by bbouvier@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/eb5cc2b22ef0 wasm: Check for maximum br_table size; r=luke
Assignee | ||
Comment 4•7 years ago
|
||
Comment on attachment 8865922 [details] Bug 1363431: wasm: Check for maximum br_table size; Approval Request Comment [Feature/Bug causing the regression]: wasm (?) [User impact if declined]: error reporting issue in the best case, browser DOS in the worst case (triggers a very long memory allocation that can exhaust memory, eventually causing a crash) [Is this code covered by automated tests?]: no [Has the fix been verified in Nightly?]: yes [Needs manual test from QE? If yes, steps to reproduce]: no [List of other uplifts needed for the feature/fix]: none [Is the change risky?]: no [Why is the change risky/not risky?]: more conservative + 2 lines fix [String changes made/needed]: none
Attachment #8865922 -
Flags: approval-mozilla-beta?
Attachment #8865922 -
Flags: approval-mozilla-aurora?
Comment 5•7 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/eb5cc2b22ef0
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
status-firefox55:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla55
Updated•7 years ago
|
status-firefox54:
--- → affected
Assignee | ||
Comment 6•7 years ago
|
||
(forgot to press enter when i set the status flags yesterday -- all versions are affected up to release)
status-firefox53:
--- → affected
Comment 7•7 years ago
|
||
Comment on attachment 8865922 [details] Bug 1363431: wasm: Check for maximum br_table size; Fix a wasm issue. Beta54+. Should be in 54 beta 8.
Attachment #8865922 -
Flags: approval-mozilla-beta?
Attachment #8865922 -
Flags: approval-mozilla-beta+
Attachment #8865922 -
Flags: approval-mozilla-aurora?
Attachment #8865922 -
Flags: approval-mozilla-aurora-
Comment 8•7 years ago
|
||
bugherder uplift |
https://hg.mozilla.org/releases/mozilla-beta/rev/1511c3039be2
Comment 9•7 years ago
|
||
(In reply to Benjamin Bouvier [:bbouvier] from comment #4) > [Is this code covered by automated tests?]: no > [Has the fix been verified in Nightly?]: yes > [Needs manual test from QE? If yes, steps to reproduce]: no Setting qe-verify- based on Benjamin's assessment on manual testing needs.
Flags: qe-verify-
Updated•7 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•