Open Bug 1315055 Opened 8 years ago Updated 2 years ago

adding checks for mUserContextId collisions when creating containers via about:containers

Tracking

()

Status:

NEW

Tracking Flags:

Tracking

Status

firefox52

---

affected

firefox57

---

fix-optional

People

(Reporter: kjozwiak, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [userContextId][domsecurity-backlog])

Kamil Jozwiak [:kjozwiak]

Reporter

Description

•

8 years ago

When we implement the about:containers feature, users will be able to create/delete their own custom containers which will be assigned a unique mUserContextId. Even though the probability of a user hitting an integer overflow is really low, we should have code that checks and ensures that we don't reuse a mUserContextId if it's already being used. I don't think we currently have code that checks this, which could lead to container collisions.

Firefox Bug Husbandry Bot

Comment 1

•

7 years ago

Bulk change per https://bugzilla.mozilla.org/show_bug.cgi?id=1401020

status-firefox57: --- → fix-optional

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

adding checks for mUserContextId collisions when creating containers via about:containers

Categories

(Core :: DOM: Security, defect, P5)

Tracking

()

People

(Reporter: kjozwiak, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [userContextId][domsecurity-backlog])

Crash Data

Security

(public)

User Story

Description

Comment 1

Updated