Closed Bug 766304 Opened 13 years ago Closed 13 years ago

ScopedGfxFeatureReporter uses preference service off the main thread

Categories

(Core :: Graphics, defect)

ARM
Android
defect
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla16
Tracking Status
firefox14 --- fixed
firefox15 --- fixed
firefox-esr10 --- unaffected
blocking-fennec1.0 --- .N+
fennec 14+ ---

People

(Reporter: blassey, Assigned: blassey)

References

Details

(Keywords: sec-moderate, Whiteboard: [advisory-tracking+])

Attachments

(1 file)

Attached patch patchSplinter Review
seeing this in the log: I/Gecko ( 890): ###!!! ASSERTION: Using observer service off the main thread!: 'Error', file /home/blassey/src/mozilla-central/xpcom/ds/nsObserverService.cpp, line 95 not seeing it with this patch
Attachment #634585 - Flags: review?(joe)
Summary: ScopedGfxFeatureReporter accesses the preferences on the wrong thread → ScopedGfxFeatureReporter uses observer service off the main thread
Attachment #634585 - Flags: review?(joe) → review+
Comment on attachment 634585 [details] [diff] [review] patch [Approval Request Comment] Bug caused by (feature/regressing bug #): User impact if declined: Testing completed (on m-c, etc.): Risk to taking this patch (and alternatives if risky): String or UUID changes made by this patch:
Attachment #634585 - Flags: approval-mozilla-beta?
Attachment #634585 - Flags: approval-mozilla-aurora?
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla16
Summary: ScopedGfxFeatureReporter uses observer service off the main thread → ScopedGfxFeatureReporter uses preference service off the main thread
tracking-fennec: ? → 14+
blocking-fennec1.0: ? → .N+
Group: core-security
jst believes this could be exploitable. Approving for Aurora 15 and Beta 14 (tip only, not the release branch).
Attachment #634585 - Flags: approval-mozilla-beta?
Attachment #634585 - Flags: approval-mozilla-beta+
Attachment #634585 - Flags: approval-mozilla-aurora?
Attachment #634585 - Flags: approval-mozilla-aurora+
Sending over to you, Brad, since you requested the approval.
Assignee: nobody → blassey.bugs
Whiteboard: [advisory-tracking+]
Group: core-security
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: