Closed
Bug 1654803
Opened 4 years ago
Closed 4 years ago
Crash in [@ mozilla::PermissionDelegateHandler::GetPermission]
Categories
(Core :: DOM: Security, defect, P1)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
81 Branch
Tracking | Status | |
---|---|---|
firefox-esr68 | --- | unaffected |
firefox-esr78 | --- | unaffected |
firefox79 | --- | wontfix |
firefox80 | --- | wontfix |
firefox81 | --- | fixed |
People
(Reporter: sefeng, Assigned: timhuang)
References
(Regression)
Details
(Keywords: crash, regression, Whiteboard: [domsecurity-active])
Crash Data
Attachments
(1 file)
This bug is for crash report bp-b155f6af-9835-48c2-abc4-d1f080200721.
Top 10 frames of crashing thread:
0 libxul.so mozilla::PermissionDelegateHandler::GetPermission extensions/permissions/PermissionDelegateHandler.cpp:265
1 libxul.so mozilla::dom::PermissionStatus::UpdateState dom/permission/PermissionStatus.cpp:86
2 libxul.so mozilla::dom::PermissionStatus::Init dom/permission/PermissionStatus.cpp:48
3 libxul.so mozilla::dom::PermissionStatus::Create dom/permission/PermissionStatus.cpp:24
4 libxul.so mozilla::dom:: dom/permission/Permissions.cpp:55
5 libxul.so mozilla::dom::Permissions::Query dom/permission/Permissions.cpp:75
6 libxul.so mozilla::dom::Permissions_Binding::query_promiseWrapper dom/bindings/PermissionsBinding.cpp:193
7 libxul.so bool mozilla::dom::binding_detail::GenericMethod<mozilla::dom::binding_detail::NormalThisPolicy, mozilla::dom::binding_detail::ConvertExceptionsToPromises> dom/bindings/BindingUtils.cpp:3220
8 libxul.so js::InternalCallOrConstruct js/src/vm/Interpreter.cpp:576
9 libxul.so Interpret js/src/vm/Interpreter.cpp:639
This is not happening a lot, only 2 crash reports from the a single user.
Looks like we are missing a null pointer check here?
Comment 1•4 years ago
|
||
Probably this line:
if (topWC->IsInProcess()) {
should be updated to
if (topWC && topWC->IsInProcess()) {
Tim, could you take a look?
Flags: needinfo?(tihuang)
Assignee | ||
Comment 2•4 years ago
|
||
Sure thing.
Assignee: nobody → tihuang
Status: NEW → ASSIGNED
Flags: needinfo?(tihuang)
Updated•4 years ago
|
Severity: -- → S3
Priority: -- → P1
Whiteboard: [domsecurity-active]
Assignee | ||
Comment 3•4 years ago
|
||
At very rare situations, we won't be able to get the top level window
context. Perhaps, it's the case that the window has been detached from
the dom tree while checking the permission. So, we need to check the top
level window context before we really use it.
Pushed by tihuang@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/fe8a43ec580c Fixing the crash issue in PermissionDelegateHandler::GetPermission(). r=baku
Comment 5•4 years ago
|
||
bugherder |
Status: ASSIGNED → RESOLVED
Closed: 4 years ago
status-firefox81:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 81 Branch
Updated•4 years ago
|
status-firefox79:
--- → wontfix
status-firefox80:
--- → wontfix
status-firefox-esr68:
--- → unaffected
status-firefox-esr78:
--- → unaffected
Regressed by: 1587743
Updated•4 years ago
|
Has Regression Range: --- → yes
Updated•3 years ago
|
Keywords: regression
You need to log in
before you can comment on or make changes to this bug.
Description
•