Closed Bug 459948 Opened 17 years ago Closed 17 years ago

Workers: update workers based on security review feedback

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla1.9.1b2

People

(Reporter: bent.mozilla, Assigned: bent.mozilla)

References

Details

Attachments

(1 file, 1 obsolete file)

Patch 17 years ago Ben Turner (not reading bugmail, use the needinfo flag!) 4.03 KB, patch		Details \| Diff \| Splinter Review
Patch, v2 17 years ago Ben Turner (not reading bugmail, use the needinfo flag!) 6.81 KB, patch	sicking : review+ sicking : superreview+	Details \| Diff \| Splinter Review

Ben Turner (not reading bugmail, use the needinfo flag!)

Assignee

Description

•

17 years ago

Attached patch Patch (obsolete) — Details — Splinter Review

Patch attached.

Attachment #343133 - Flags: superreview?(jonas)

Attachment #343133 - Flags: review?(jonas)

Daniel Veditz [:dveditz]

Comment 1

•

17 years ago

Pretty vague bug summary :-) Looks like this does the first three bullets at https://wiki.mozilla.org/Firefox3.1/Web_Workers_Security_Review#Review_comments that is, clearing regexp statics on context reuse, asserting attempts to use the stub security manager, and testing recursion. Don't think the bug needs to be hidden since 1) the issues are public, and 2) this is getting fixed before we've released with the problems. It'd be nice to get a verification test for clearing the regexp statics, some test that shows bleed-through values before the fix and doesn't after.

Group: core-security

Ben Turner (not reading bugmail, use the needinfo flag!)

Assignee

Comment 2

•

17 years ago

Attached patch Patch, v2 — Details — Splinter Review

Thanks Dan, Jonas had a similar concern, so here is a patch with an additional test.

Attachment #343133 - Attachment is obsolete: true

Attachment #343146 - Flags: superreview?(jonas)

Attachment #343146 - Flags: review?(jonas)

Attachment #343133 - Flags: superreview?(jonas)

Attachment #343133 - Flags: review?(jonas)

Jonas Sicking (:sicking) No longer reading bugmail consistently

Updated

•

17 years ago

Attachment #343146 - Flags: superreview?(jonas)

Attachment #343146 - Flags: superreview+

Attachment #343146 - Flags: review?(jonas)

Attachment #343146 - Flags: review+

Ben Turner (not reading bugmail, use the needinfo flag!)

Assignee

Comment 3

•

17 years ago

Pushed last night.

Status: ASSIGNED → RESOLVED

Closed: 17 years ago

Resolution: --- → FIXED

Serge Gautherie (:sgautherie)

Updated

•

17 years ago

Depends on: 483967

Nobody; OK to take it and work on it

Updated

•

13 years ago

Component: DOM: Mozilla Extensions → DOM

Nobody; OK to take it and work on it

Updated

•

7 years ago

Component: DOM → DOM: Core & HTML

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Workers: update workers based on security review feedback

Categories

(Core :: DOM: Core & HTML, defect)

Tracking

()

People

(Reporter: bent.mozilla, Assigned: bent.mozilla)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file, 1 obsolete file)

Description

Comment 1

Comment 2

Updated

Comment 3

Updated

Updated

Updated

Attachment

General

Description

File Name

Content Type