Open Bug 1588509 Opened 2 years ago Updated 10 months ago

IPC call flood from Content Process causes Parent to freeze or crash

Categories

(Core :: IPC, defect, P3)

defect

Tracking

()

People

(Reporter: pbz, Unassigned)

References

Details

(Keywords: csectype-dos, sec-want)

Websites can make JS calls resulting in a lot of IPC from content to parent process to the point where the parent is overloaded, becomes very slow and can freeze or crash.
See referenced bugs for examples.

To mitigate this issue, we are considering killing the content process when it sends too many IPC messages to the parent.

Component: DOM: Content Processes → IPC

The priority flag is not set for this bug.
:jld, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(jld)
Flags: needinfo?(jld)
Priority: -- → P3
Assignee: pbz → nobody
Status: ASSIGNED → NEW
You need to log in before you can comment on or make changes to this bug.