Fix an exact rooting hazard in nsScriptSecurityManger::LookupPolicy

RESOLVED FIXED in mozilla27

Status

()

defect
RESOLVED FIXED
6 years ago
6 years ago

People

(Reporter: terrence, Assigned: terrence)

Tracking

Trunk
mozilla27
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

Assignee

Description

6 years ago
This just handlifies aProperty and adds a Handle accessor to sEnabledID. Since sEnabledID is interned, it will never be collected and can safely be referred to by a handle.
Attachment #794762 - Flags: review?(continuation)
Component: JavaScript Engine → Security: CAPS
Attachment #794762 - Flags: review?(continuation) → review?(bobbyholley+bmo)
Comment on attachment 794762 [details] [diff] [review]
hazard_scriptsecman-v0.diff

Review of attachment 794762 [details] [diff] [review]:
-----------------------------------------------------------------

This will bitrot the patch in bug 905364 which does something similar, but is blocked on other stuff. That's ok though, I guess.
Attachment #794762 - Flags: review?(bobbyholley+bmo) → review+
Assignee

Comment 2

6 years ago
Looks like bug 905364 has landed, so this is ready to move forward.

https://hg.mozilla.org/integration/mozilla-inbound/rev/1c9f1b7a9899
https://hg.mozilla.org/mozilla-central/rev/1c9f1b7a9899
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla27
You need to log in before you can comment on or make changes to this bug.