Closed Bug 1455075 Opened 6 years ago Closed 6 years ago

ContentParent::RecvShowAlert null-ptr-defers is aAlert is null

Categories

(Core :: DOM: Content Processes, defect, P1)

defect

Tracking

()

RESOLVED FIXED
mozilla61
Tracking Status
firefox61 --- fixed

People

(Reporter: Alex_Gaynor, Assigned: Alex_Gaynor)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

It derefs the argument unconditionally. Prior to bug 1443954 the value was passed as a const reference, so it couldn't be null, but that change made it nullable.

Fuzzing triggers the null deref crash pretty easily.
Comment on attachment 8969014 [details]
Bug 1455075 - handle a null argument in ContentParent::RecvShowAlert;

https://reviewboard.mozilla.org/r/237702/#review243762
Attachment #8969014 - Flags: review?(nika) → review+
Keywords: checkin-needed
Pushed by ryanvm@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/4261c7933ce9
handle a null argument in ContentParent::RecvShowAlert; r=mystor
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/4261c7933ce9
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla61
You need to log in before you can comment on or make changes to this bug.