security.sandbox.content.level 20
Categories
(Core :: Security: Process Sandboxing, defect)
Tracking
()
People
(Reporter: nn1436401, Unassigned)
References
Details
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/93.0
Steps to reproduce:
I am aware that level 20 is experimental level.
However Firefox 93 can open almost any web site with this sandboxing level without any issues.
The only issue I encountered so far is this URL crashing FF tab:
https://accounts.google.com/AddSession?hl=en&continue=https://mail.google.com&service=mail&ec=GAlAFw
Using level 19, everything is working as expected.
Actual results:
FailFastException messages box
Expected results:
The web page opens successfully.
Comment 1•3 years ago
|
||
The Bugbug bot thinks this bug should belong to the 'Core::Security: Process Sandboxing' component, and is moving the bug to that component. Please revert this change in case you think the bot is wrong.
Updated•3 years ago
|
Comment 2•3 years ago
|
||
I tried the scenario and got this crash: https://crash-stats.mozilla.org/report/index/ba1dd724-8692-42d2-baeb-09efc0211014, which crashed when delayloading usp10.dll. In a good case, opening the accounts.google.com page loads usp10.dll in the following stack:
00 000000d9`f5ded9b8 00007ff8`d54635fe gdi32full!ScriptItemize
01 000000d9`f5ded9c0 00007ff8`d4d27a5f xul!NS_GetComplexLineBreaks+0xfe
02 000000d9`f5dedcb0 00007ff8`d4d022fd xul!mozilla::intl::LineBreaker::GetJISx4051Breaks+0xaaf
03 000000d9`f5dedd90 00007ff8`d36c7a21 xul!nsLineBreaker::FlushCurrentWord+0xbd
04 000000d9`f5deee00 00007ff8`d4f3996f xul!nsLineBreaker::Reset+0x11
05 000000d9`f5deee40 00007ff8`d4f36732 xul!BuildTextRunsScanner::FlushLineBreaks+0x3f
06 000000d9`f5deef00 00007ff8`d4cfc1ae xul!BuildTextRunsScanner::FlushFrames+0x1572
...
Comment 3•3 years ago
|
||
NS_GetComplexLineBreaks
Duping to bug 1713973.
Description
•