Closed
Bug 766304
Opened 11 years ago
Closed 11 years ago
ScopedGfxFeatureReporter uses preference service off the main thread
Categories
(Core :: Graphics, defect)
Tracking
()
RESOLVED
FIXED
mozilla16
| Tracking | Status | |
|---|---|---|
| firefox14 | --- | fixed |
| firefox15 | --- | fixed |
| firefox-esr10 | --- | unaffected |
| blocking-fennec1.0 | --- | .N+ |
| fennec | 14+ | --- |
People
(Reporter: blassey, Assigned: blassey)
References
Details
(Keywords: sec-moderate, Whiteboard: [advisory-tracking+])
Attachments
(1 file)
|
4.20 KB,
patch
|
joe
:
review+
akeybl
:
approval-mozilla-aurora+
akeybl
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
seeing this in the log: I/Gecko ( 890): ###!!! ASSERTION: Using observer service off the main thread!: 'Error', file /home/blassey/src/mozilla-central/xpcom/ds/nsObserverService.cpp, line 95 not seeing it with this patch
Attachment #634585 -
Flags: review?(joe)
|
||
Updated•11 years ago
|
Summary: ScopedGfxFeatureReporter accesses the preferences on the wrong thread → ScopedGfxFeatureReporter uses observer service off the main thread
|
||
Updated•11 years ago
|
Attachment #634585 -
Flags: review?(joe) → review+
|
Assignee | |
Comment 1•11 years ago
|
||
Comment on attachment 634585 [details] [diff] [review] patch [Approval Request Comment] Bug caused by (feature/regressing bug #): User impact if declined: Testing completed (on m-c, etc.): Risk to taking this patch (and alternatives if risky): String or UUID changes made by this patch:
Attachment #634585 -
Flags: approval-mozilla-beta?
Attachment #634585 -
Flags: approval-mozilla-aurora?
|
|
Assignee | |
Comment 2•11 years ago
|
||
landed on inbound https://hg.mozilla.org/integration/mozilla-inbound/rev/7bcd7c51ce46 and a follow up to fix windows https://hg.mozilla.org/integration/mozilla-inbound/rev/77804de74060
|
||
Comment 3•11 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/7bcd7c51ce46 https://hg.mozilla.org/mozilla-central/rev/77804de74060
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla16
|
|
Assignee | |
Updated•11 years ago
|
Summary: ScopedGfxFeatureReporter uses observer service off the main thread → ScopedGfxFeatureReporter uses preference service off the main thread
|
|
Assignee | |
Updated•11 years ago
|
tracking-fennec: ? → 14+
blocking-fennec1.0: ? → .N+
|
||
Updated•11 years ago
|
Group: core-security
|
|
||
Comment 4•11 years ago
|
||
jst believes this could be exploitable. Approving for Aurora 15 and Beta 14 (tip only, not the release branch).
|
|
||
Updated•11 years ago
|
Attachment #634585 -
Flags: approval-mozilla-beta?
Attachment #634585 -
Flags: approval-mozilla-beta+
Attachment #634585 -
Flags: approval-mozilla-aurora?
Attachment #634585 -
Flags: approval-mozilla-aurora+
|
||
Updated•11 years ago
|
status-firefox-esr10:
--- → unaffected
|
|
||
Comment 5•11 years ago
|
||
Sending over to you, Brad, since you requested the approval.
Assignee: nobody → blassey.bugs
|
|
Assignee | |
Comment 6•11 years ago
|
||
https://hg.mozilla.org/releases/mozilla-beta/rev/bc28779c3dab https://hg.mozilla.org/releases/mozilla-beta/rev/a93c4915208a https://hg.mozilla.org/releases/mozilla-aurora/rev/3717bb23ff0f https://hg.mozilla.org/releases/mozilla-aurora/rev/ca8bf9e97234
status-firefox14:
--- → fixed
status-firefox15:
--- → fixed
|
||
Updated•11 years ago
|
Whiteboard: [advisory-tracking+]
|
|
||
Updated•11 years ago
|
Keywords: sec-moderate
|
|
||
Updated•11 years ago
|
Group: core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•