Closed Bug 1765973 Opened 2 years ago Closed 2 years ago

fix a few lifetime issues in APZTaskRunnable

Categories

(Core :: Panning and Zooming, defect)

defect

Tracking

()

RESOLVED FIXED
102 Branch
Tracking Status
firefox-esr91 --- unaffected
firefox100 --- wontfix
firefox101 + fixed
firefox102 + fixed

People

(Reporter: tnikkel, Assigned: tnikkel)

Details

(Keywords: sec-audit, Whiteboard: [post-critsmash-triage][adv-main101+r])

Attachments

(1 file)

I found these while reading the code for bug 1764878, however I can't see how they would cause bug 1764878. Still good to fix them though.

Assignee: nobody → tnikkel
Status: NEW → ASSIGNED
Group: core-security → gfx-core-security
Attachment #9273428 - Attachment description: Bug 1765973. r?hiro → Bug 1765973. Hold a GeckoContentController reference for RepaintContentRepaint calls. r?hiro

Comment on attachment 9273428 [details]
Bug 1765973. Hold a GeckoContentController reference for RepaintContentRepaint calls. r?hiro

Security Approval Request

  • How easily could an exploit be constructed based on the patch?: holding a refptr during a call points to what call might be destroying things
  • Do comments in the patch, the check-in comment, or tests included in the patch paint a bulls-eye on the security problem?: No
  • Which older supported branches are affected by this flaw?: 95 and newer
  • If not all supported branches, which bug introduced the flaw?: Bug 1730998
  • Do you have backports for the affected branches?: Yes
  • If not, how different, hard to create, and risky will they be?: trivial
  • How likely is this patch to cause regressions; how much testing does it need?: not likely, just holding strong pointers to things during calls that can destroy things
  • Is Android affected?: Yes
Attachment #9273428 - Flags: sec-approval?
Keywords: sec-audit

Comment on attachment 9273428 [details]
Bug 1765973. Hold a GeckoContentController reference for RepaintContentRepaint calls. r?hiro

Approved to land and uplift

Attachment #9273428 - Flags: sec-approval?
Attachment #9273428 - Flags: sec-approval+
Attachment #9273428 - Flags: approval-mozilla-beta+
Group: gfx-core-security → core-security-release
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → 102 Branch
Flags: qe-verify-
Whiteboard: [post-critsmash-triage]
Whiteboard: [post-critsmash-triage] → [post-critsmash-triage][adv-main101+r]
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: