Closed Bug 973880 Opened 6 years ago Closed 6 years ago

Faulty: TextureHost should validate immediately TextureFlags consistency without assertions

Categories

(Core :: Graphics, defect)

x86_64
Linux
defect
Not set

Tracking

()

RESOLVED DUPLICATE of bug 968872

People

(Reporter: bjacob, Unassigned)

References

(Blocks 1 open bug)

Details

Attachments

(2 files)

Attached file Faulty session
Found by Christoph Diehl's "Faulty" fuzzer, see bug 777067

TextureFlags come from untrusted message params, so we must validate them immediately before creating a TextureHost, and not by an assertion.
Attachment #8378007 - Flags: review?(nical.bugzilla)
Comment on attachment 8378007 [details] [diff] [review]
ValidateTextureFlags

Review of attachment 8378007 [details] [diff] [review]:
-----------------------------------------------------------------

::: gfx/layers/CompositorTypes.h
@@ +92,5 @@
> +inline bool
> +ValidateTextureFlags(TextureFlags aFlags)
> +{
> +  if ((aFlags & TEXTURE_DEALLOCATE_CLIENT) &&
> +      (aFlags & TEXTURE_DEALLOCATE_DEFERRED))

TEXTURE_DEALLOCATE_DEFERRED is being removed by a patch from sotaro.
Attachment #8378007 - Flags: review?(nical.bugzilla)
Great, can you link to the corresponding bug?
That's bug 968872. Duping.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 968872
You need to log in before you can comment on or make changes to this bug.