Closed Bug 1485463 Opened 2 years ago Closed 2 years ago

Add a fuzzer for graphics IPC

Categories

(Core :: Graphics: Layers, enhancement, P3)

enhancement

Tracking

()

RESOLVED FIXED
mozilla66
Tracking Status
firefox-esr60 --- wontfix
firefox63 --- wontfix
firefox64 --- wontfix
firefox65 --- wontfix
firefox66 --- fixed

People

(Reporter: Alex_Gaynor, Assigned: Alex_Gaynor)

References

(Blocks 1 open bug)

Details

(Keywords: sec-other, Whiteboard: [post-critsmash-triage][adv-main66-])

Attachments

(2 files, 1 obsolete file)

We should add a fuzzer for PCompositorManagerParent, in the same vein as PContentParent.

I've got a patch for this working, and am running it locally. One small finding sof ar, once it's been running for a few days with no findings I think it'll be safe to land.
Bug 1485463 - added a fuzzer for PCompositorManagerParent IPC; r?jrmuizel
Bug 1485463 - use IPC errors to handle an attempt to allocate too many PCompositorBridgeParent; r?aosmond

This cannot actually happen in the real world because this path is specific to
when the compositor process is also the parent process, and thus is not
actually IPC. However, the fuzzer can trigger this case.
Group: core-security → gfx-core-security
Keywords: sec-other
Priority: -- → P3
Comment on attachment 9003244 [details]
Bug 1485463 - added a fuzzer for PCompositorManagerParent IPC; r?jrmuizel

Andrew Osmond [:aosmond] has approved the revision.
Attachment #9003244 - Flags: review+
This cannot actually happen in the real world because this path is specific to
when the compositor process is also the parent process, and thus is not
actually IPC. However, the fuzzer can trigger this case.

Depends on D14587
Attachment #9003244 - Attachment is obsolete: true
Assignee: nobody → agaynor
Keywords: checkin-needed
Group: gfx-core-security → core-security-release
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla66
Flags: qe-verify-
Whiteboard: [post-critsmash-triage]
Whiteboard: [post-critsmash-triage] → [post-critsmash-triage][adv-main66-]
Blocks: 1605535
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.