Closed
Bug 760132
Opened 12 years ago
Closed 12 years ago
TabParent may use uninitialized mFrameElement pointer
Categories
(Core :: IPC, defect)
Core
IPC
Tracking
()
RESOLVED
FIXED
mozilla15
Tracking | Status | |
---|---|---|
firefox15 | --- | fixed |
firefox-esr10 | --- | unaffected |
People
(Reporter: justin.lebar+bug, Assigned: justin.lebar+bug)
References
Details
(Keywords: sec-moderate, Whiteboard: [advisory-tracking-])
Attachments
(1 file)
816 bytes,
patch
|
cjones
:
review+
|
Details | Diff | Splinter Review |
It's possible (likely) that there's no way to trigger this in current builds, but this is bad enough that I didn't want to file a public bug. Patch in a moment.
Assignee | ||
Updated•12 years ago
|
Summary: TabChild may use uninitialized mFrameElement pointer → TabParent may use uninitialized mFrameElement pointer
Assignee | ||
Comment 1•12 years ago
|
||
Attachment #628754 -
Flags: review?(jones.chris.g)
We still ship this code.
Updated•12 years ago
|
Attachment #628754 -
Flags: review?(jones.chris.g) → review+
Assignee | ||
Comment 3•12 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/1e69f57e543a
Target Milestone: --- → mozilla15
Comment 4•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/1e69f57e543a
Assignee: nobody → justin.lebar+bug
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Comment 5•12 years ago
|
||
What is this code used for? Would it affect regular firefox builds (e.g. ESR) or can we skip it for those. Would Fennec Native need it?
status-firefox15:
--- → fixed
Keywords: sec-moderate
Assignee | ||
Comment 6•12 years ago
|
||
(In reply to Daniel Veditz [:dveditz] from comment #5) > What is this code used for? Would it affect regular firefox builds (e.g. > ESR) or can we skip it for those. Would Fennec Native need it? This bug doesn't affect builds which don't spin up OOP frames. So regular Firefox, ESR, and Fennec Native are unaffected.
Updated•12 years ago
|
status-firefox-esr10:
--- → unaffected
Updated•12 years ago
|
Whiteboard: [advisory-tracking-]
Updated•12 years ago
|
Group: core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•