Closed
Bug 1588579
Opened 5 years ago
Closed 5 years ago
AddressSanitizer: heap-use-after-free [@ WaylandDMABufSurface::Resize] with READ of size 4
Categories
(Core :: Widget: Gtk, defect)
Tracking
()
RESOLVED
FIXED
mozilla71
Tracking | Status | |
---|---|---|
firefox-esr60 | --- | unaffected |
firefox-esr68 | --- | unaffected |
firefox67 | --- | unaffected |
firefox68 | --- | unaffected |
firefox69 | --- | unaffected |
firefox70 | --- | unaffected |
firefox71 | --- | fixed |
People
(Reporter: decoder, Assigned: stransky)
References
(Blocks 1 open bug)
Details
(4 keywords)
Attachments
(2 files)
The attached crash information was submitted via the ASan Nightly Reporter on mozilla-central-asan-nightly revision 71.0a1-20191013213650-https://hg.mozilla.org/mozilla-central/rev/3bdfb7bc00a06a84c676d4d72ce47ea16b4b0042.
For detailed crash information, see attachment.
Reporter | ||
Comment 1•5 years ago
|
||
Assignee | ||
Comment 2•5 years ago
|
||
This is a regression from Bug 1578380 where WaylandDMABufSurface were created as ref-counted so only FF71 is affected.
Assignee: nobody → stransky
Assignee | ||
Comment 3•5 years ago
|
||
Updated•5 years ago
|
Group: core-security → gfx-core-security
status-firefox69:
--- → unaffected
status-firefox70:
--- → unaffected
Keywords: csectype-uaf,
sec-high
Assignee | ||
Updated•5 years ago
|
Keywords: checkin-needed
Comment 4•5 years ago
|
||
Keywords: checkin-needed
Updated•5 years ago
|
status-firefox-esr68:
--- → unaffected
Comment 5•5 years ago
|
||
Group: gfx-core-security → core-security-release
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla71
Updated•5 years ago
|
status-firefox67:
--- → unaffected
status-firefox68:
--- → unaffected
status-firefox-esr60:
--- → unaffected
Reporter | ||
Updated•5 years ago
|
Flags: needinfo?(choller)
Updated•4 years ago
|
Blocks: asan-maintenance
Updated•4 years ago
|
Group: core-security-release
You need to log in
before you can comment on or make changes to this bug.
Description
•