Possible early principal change on video stream
Categories
(Core :: Audio/Video: Playback, defect)
Tracking
()
People
(Reporter: karlt, Assigned: karlt)
Details
(Keywords: csectype-sop, sec-moderate, Whiteboard: [adv-main132+] [adv-esr128.4+] [adv-esr115.17+])
Attachments
(6 files)
|
48 bytes,
text/x-phabricator-request
|
Details | Review | |
|
48 bytes,
text/x-phabricator-request
|
Details | Review | |
|
48 bytes,
text/x-phabricator-request
|
Details | Review | |
|
48 bytes,
text/x-phabricator-request
|
phab-bot
:
approval-mozilla-esr115+
|
Details | Review |
|
48 bytes,
text/x-phabricator-request
|
phab-bot
:
approval-mozilla-esr128+
|
Details | Review |
|
120 bytes,
text/plain
|
Details |
When an existing set of images (oldImages) has last frame with ID matching mFrameIDForPendingPrincipalHandle - 1, VideoFrameContainer::SetCurrentFrames() will notify PrincipalHandleChangedForVideoFrameContainer() even when a replacement set of frames (aFrames) contains a frame with the same ID.
This is earlier than the intended "when all FrameIDs prior to aFrameID have been flushed out."
Having replacement frame sets with some of the some frames from the previous set seems plausible because the addition of new frames does not usually directly expire all old frames. Overlapping frame sets are usually expected by VideoFrameContainer and ImageContainer so that the compositor can choose the presentation timing.
|
Assignee | |
Comment 1•1 year ago
|
||
This looks like it could provide content access to a cross origin video frame. Perhaps factors such as timestamps on frames might make such access difficult, but content can slow frame rates to give it a better chance.
|
||
Updated•1 year ago
|
|
||
Updated•1 year ago
|
|
|
Assignee | |
Comment 2•1 year ago
|
||
This was never called because SetCurrentFrame() callers all pass non-null
aImage, but the logic is retained.
|
|
Assignee | |
Comment 3•1 year ago
|
||
The logic should be equivalent when frame IDs on aImages are contiguously
increasing from IDs on previously set frames.
There are currently no callers passing empty aImages, but the logic in this
case would now be as described in the documentation of
UpdatePrincipalHandleForFrameID():
We will notify mElement that aPrincipalHandle has been applied when all
FrameIDs prior to aFrameID have been flushed out.
|
|
Assignee | |
Comment 4•1 year ago
|
||
|
|
||
Comment 6•1 year ago
|
||
https://hg.mozilla.org/mozilla-central/rev/a76ec056139f
https://hg.mozilla.org/mozilla-central/rev/91eddc0bb6d9
|
||
Updated•1 year ago
|
|
|
Assignee | |
Comment 7•1 year ago
|
||
The logic should be equivalent when frame IDs on aImages are contiguously
increasing from IDs on previously set frames.
There are currently no callers passing empty aImages, but the logic in this
case would now be as described in the documentation of
UpdatePrincipalHandleForFrameID():
We will notify mElement that aPrincipalHandle has been applied when all
FrameIDs prior to aFrameID have been flushed out.
Original Revision: https://phabricator.services.mozilla.com/D223922
|
||
Updated•1 year ago
|
|
|
Assignee | |
Comment 8•1 year ago
|
||
The logic should be equivalent when frame IDs on aImages are contiguously
increasing from IDs on previously set frames.
There are currently no callers passing empty aImages, but the logic in this
case would now be as described in the documentation of
UpdatePrincipalHandleForFrameID():
We will notify mElement that aPrincipalHandle has been applied when all
FrameIDs prior to aFrameID have been flushed out.
Original Revision: https://phabricator.services.mozilla.com/D223922
|
|
||
Updated•1 year ago
|
|
|
||
Comment 9•1 year ago
|
||
esr115 Uplift Approval Request
- User impact if declined: leak of video content across origins
- Code covered by automated testing: yes
- Fix verified in Nightly: yes
- Needs manual QE test: no
- Steps to reproduce for manual QE testing: n/a
- Risk associated with taking this patch: low
- Explanation of risk level: small patch with local influence, affecting only an unusal situation: video content from more than one domain
- String changes made/needed: none
- Is Android affected?: yes
|
|
||
Comment 10•1 year ago
|
||
esr128 Uplift Approval Request
- User impact if declined: leak of video content across origins
- Code covered by automated testing: yes
- Fix verified in Nightly: yes
- Needs manual QE test: no
- Steps to reproduce for manual QE testing: n/a
- Risk associated with taking this patch: low
- Explanation of risk level: small patch with local influence, affecting only an unusal situation: video content from more than one domain
- String changes made/needed: none
- Is Android affected?: yes
|
||
Updated•1 year ago
|
|
|
||
Updated•1 year ago
|
|
|
||
Updated•1 year ago
|
|
||
Comment 11•1 year ago
|
||
| uplift | ||
|
||
Updated•1 year ago
|
|
|
||
Comment 12•1 year ago
|
||
| uplift | ||
|
|
||
Updated•1 year ago
|
|
||
Updated•1 year ago
|
|
|
||
Comment 13•1 year ago
|
||
|
||
Updated•1 year ago
|
|
||
Updated•8 months ago
|
|
|
||
Comment 14•7 months ago
|
||
|
||
Comment 15•7 months ago
|
||
| bugherder | ||
|
|
Assignee | |
Updated•7 months ago
|
Description
•