Closed
Bug 791278
Opened 12 years ago
Closed 12 years ago
WebRTC crash [@sipcc::PeerConnectionImpl::SetLocalDescription]
Categories
(Core :: WebRTC: Signaling, defect)
Tracking
()
VERIFIED
FIXED
mozilla19
| Tracking | Status | |
|---|---|---|
| firefox18 | --- | affected |
People
(Reporter: posidron, Assigned: ehugg)
References
Details
(Keywords: crash, testcase, Whiteboard: [WebRTC], [blocking-webrtc+])
Attachments
(4 files, 3 obsolete files)
|
268 bytes,
text/html
|
Details | |
|
9.06 KB,
text/plain
|
Details | |
|
1.49 KB,
patch
|
jesup
:
review+
|
Details | Diff | Splinter Review |
|
1.17 KB,
patch
|
jesup
:
review+
|
Details | Diff | Splinter Review |
The parameter of SetLocalDescription() is not properly validated.
|
Reporter | |
Comment 1•12 years ago
|
||
|
|
Reporter | |
Comment 2•12 years ago
|
||
Attachment #661251 -
Attachment is obsolete: true
|
|
Reporter | |
Comment 3•12 years ago
|
||
Attachment #661252 -
Attachment is obsolete: true
|
|
Reporter | |
Updated•12 years ago
|
Blocks: fuzzing-webrtc
|
||
Updated•12 years ago
|
Whiteboard: [WebRTC] → [WebRTC], [blocking-webrtc+]
|
Assignee | |
Comment 4•12 years ago
|
||
|
|
Assignee | |
Comment 5•12 years ago
|
||
Comment on attachment 669772 [details] [diff] [review] Protect setLocal/RemoteDesc from NULL input [checked-in] I was unable to duplicate this one, but from the callstack (aSDP null) it appears it needs the same fix as 791270. I changed both setLocal and setRemote.
Attachment #669772 -
Flags: review?(rjesup)
|
||
Updated•12 years ago
|
Attachment #669772 -
Flags: review?(rjesup) → review+
|
|
||
Updated•12 years ago
|
status-firefox18:
--- → affected
|
||
Comment 7•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/7e871133c607
Assignee: nobody → ethanhugg
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla19
|
|
||
Comment 8•12 years ago
|
||
Wait a sec, I didn't test this right.
Status: VERIFIED → RESOLVED
Closed: 12 years ago → 12 years ago
|
|
||
Comment 9•12 years ago
|
||
Verified. Definitely a candidate for a crash test.
|
|
||
Comment 10•12 years ago
|
||
(In reply to Jason Smith [:jsmith] from comment #9) > Verified. Definitely a candidate for a crash test. Henrik - Since you are already doing bug 791270, would you be interested in doing this one as well? If not, I'll wait for your patch there to land and then I'll get a patch out. You basically need a crash test that does: var pc = new mozRTCPeerConnection(); pc.setLocalDescription(function() {});
|
||
Comment 11•12 years ago
|
||
Crashtest which tests both setLocalDescription and setRemoteDescription for invalid callbacks.
Attachment #671971 -
Flags: review?(rjesup)
|
|
||
Comment 12•12 years ago
|
||
Comment on attachment 671971 [details] [diff] [review] Crashtest v1 Review of attachment 671971 [details] [diff] [review]: ----------------------------------------------------------------- No actual crashtest attached...
Attachment #671971 -
Flags: review?(rjesup) → review-
|
|
||
Comment 13•12 years ago
|
||
Sorry, I missed to hg qref the addition of the test.
Attachment #671971 -
Attachment is obsolete: true
Attachment #672177 -
Flags: review?(rjesup)
|
|
||
Updated•12 years ago
|
Attachment #672177 -
Flags: review?(rjesup) → review+
|
|
||
Updated•12 years ago
|
Attachment #669772 -
Attachment description: Protect setLocal/RemoteDesc from NULL input → Protect setLocal/RemoteDesc from NULL input [checked-in]
|
|
||
Updated•12 years ago
|
Keywords: checkin-needed
|
||
Comment 14•12 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/5a94cbed4b7a
Flags: in-testsuite? → in-testsuite+
Keywords: checkin-needed
You need to log in
before you can comment on or make changes to this bug.
Description
•