Closed
Bug 1480090
Opened 6 years ago
Closed 6 years ago
WebRTC: Type Confusion when processing H264 NAL packet
Categories
(Core :: WebRTC: Audio/Video, defect, P2)
Core
WebRTC: Audio/Video
Tracking
()
RESOLVED
FIXED
mozilla65
Tracking | Status | |
---|---|---|
firefox-esr52 | --- | unaffected |
firefox-esr60 | --- | unaffected |
firefox62 | --- | unaffected |
firefox63 | --- | wontfix |
firefox64 | --- | wontfix |
firefox65 | --- | fixed |
People
(Reporter: posidron, Assigned: dminor)
References
Details
(Keywords: sec-high, Whiteboard: [post-critsmash-triage][adv-main65+])
From Google's Project Zero:
WebRTC: Type Confusion when processing H264 NAL packet
https://bugs.chromium.org/p/project-zero/issues/detail?id=1571
Comment 1•6 years ago
|
||
This is chrome bug https://bugs.chromium.org/p/chromium/issues/detail?id=840536
The patch appears to be https://webrtc.googlesource.com/src.git/+/09133af36fba93691a22151765097c0bd581c1fa
Are we affected by this one? I know we use OpenH264 but maybe this is during the transmission and not decoding?
Group: core-security → media-core-security
Flags: needinfo?(drno)
Comment 2•6 years ago
|
||
I don't see any of the affected code being used in Firefox now. Which is probably because we are still using webrtc.org version 57. So I would say we are not affected.
One question is if we are going to be affected with the upcoming update to webrtc.org version 64.
Flags: needinfo?(drno)
Comment 3•6 years ago
|
||
Dan can you please check if through the update the webrtc.org 64 we are going to be affected by this issue?
Flags: needinfo?(dminor)
Assignee | ||
Comment 4•6 years ago
|
||
We will be affected by this after the 64 update. The upstream patch is only two lines, I can cherrypick it for the update with no problems.
Flags: needinfo?(dminor)
Comment 5•6 years ago
|
||
Calling this sec-high assuming we planned to take the webrtc-64 update in fx63. Please make this "block" the update bug.
status-firefox62:
--- → unaffected
status-firefox-esr52:
--- → unaffected
status-firefox-esr60:
--- → unaffected
Keywords: sec-high
Assignee | ||
Comment 6•6 years ago
|
||
It's more likely that the webrtc.org 64 update will land in fx64. I'm still working through test failures and have not begun asking for reviews yet.
Blocks: 1376873
Assignee | ||
Updated•6 years ago
|
Assignee: nobody → dminor
Rank: 15
Priority: -- → P2
Assignee | ||
Comment 7•6 years ago
|
||
The fix for this landed as part of the update in Bug 1376873:
https://hg.mozilla.org/integration/mozilla-inbound/rev/cca0a311c33b
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Updated•6 years ago
|
Group: media-core-security → core-security-release
status-firefox64:
--- → wontfix
status-firefox65:
--- → fixed
Target Milestone: --- → mozilla65
Updated•6 years ago
|
Updated•6 years ago
|
Flags: qe-verify-
Whiteboard: [post-critsmash-triage]
Updated•6 years ago
|
Whiteboard: [post-critsmash-triage] → [post-critsmash-triage][adv-main65+]
Updated•5 years ago
|
Group: core-security-release
You need to log in
before you can comment on or make changes to this bug.
Description
•