Closed Bug 1660816 Opened 5 years ago Closed 5 years ago

Make PBackgroundIDBCursor protocol refcounted

Categories

(Core :: Storage: IndexedDB, task)

Product:
Core
Component:
Storage: IndexedDB
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
82 Branch
Tracking Flags:
Tracking Status
firefox-esr68 - wontfix
firefox-esr78 81+ fixed
firefox79 --- wontfix
firefox80 - wontfix
firefox81 + fixed
firefox82 + fixed

People

(Reporter: sg, Assigned: sg)

References

Details

Attachments

(1 file)

Bug 1660816 - Make PBackgroundIDBCursor protocol refcounted. r=#dom-workers-and-storage
47 bytes, text/x-phabricator-request
RyanVM
: approval-mozilla-beta+
RyanVM
: approval-mozilla-esr78+
Details | Review
No description provided.
Pushed by rvandermeulen@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/7b9687fb7d41 Make PBackgroundIDBCursor protocol refcounted. r=dom-workers-and-storage-reviewers,asuth
Pushed by rvandermeulen@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/f16b2746e674 Make PBackgroundIDBCursor protocol refcounted. r=dom-workers-and-storage-reviewers,asuth

(In reply to Tom Ritter [:tjr] (ni? for response to sec-[advisories/bounties/ratings/cves]) from comment #2)

Required for blocker uplift which I think we should do...

This'll need an approval request then too.

Flags: needinfo?(sgiesecke)

https://hg.mozilla.org/mozilla-central/rev/f16b2746e674

Status: ASSIGNED → RESOLVED
Closed: 5 years ago
status-firefox82: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → 82 Branch

Comment on attachment 9171916 [details]
Bug 1660816 - Make PBackgroundIDBCursor protocol refcounted. r=#dom-workers-and-storage

Beta/Release Uplift Approval Request

  • User impact if declined: Prerequisite for fixing sec-high bug 1660800 easily
  • Is this code covered by automated tests?: Yes
  • Has the fix been verified in Nightly?: Yes
  • Needs manual test from QE?: No
  • If yes, steps to reproduce:
  • List of other uplifts needed: None
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): The fix is marking an IPDL protocol as refcounted, which means that the existing internal refcount is exposed to user code. Manual deallocation is removed, which removes the potential for misuses, without introducing new ones.
  • String changes made/needed:

ESR Uplift Approval Request

  • If this is not a sec:{high,crit} bug, please state case for ESR consideration: Prerequisite for fixing sec-high bug 1660800 easily
  • User impact if declined: Exposure to UAF as described in bug 1660800
  • Fix Landed on Version: 82
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): The fix is marking an IPDL protocol as refcounted, which means that the existing internal refcount is exposed to user code. Manual deallocation is removed, which removes the potential for misuses, without introducing new ones.
  • String or UUID changes made by this patch:
Flags: needinfo?(sgiesecke)
Attachment #9171916 - Flags: approval-mozilla-release?
Attachment #9171916 - Flags: approval-mozilla-esr78?
Attachment #9171916 - Flags: approval-mozilla-beta?

Comment on attachment 9171916 [details]
Bug 1660816 - Make PBackgroundIDBCursor protocol refcounted. r=#dom-workers-and-storage

Approved for 81.0b6 and 78.3esr.

Attachment #9171916 - Flags: approval-mozilla-release?
Attachment #9171916 - Flags: approval-mozilla-esr78?
Attachment #9171916 - Flags: approval-mozilla-esr78+
Attachment #9171916 - Flags: approval-mozilla-beta?
Attachment #9171916 - Flags: approval-mozilla-beta+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: