Closed
Bug 1478577
Opened 6 years ago
Closed 6 years ago
AddressSanitizer: heap-use-after-free [@ _cairo_user_data_array_get_data] with READ of size 8 on WRWorker
Categories
(Core :: Graphics: Text, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1478084
| Tracking | Status | |
|---|---|---|
| firefox63 | --- | fixed |
People
(Reporter: decoder, Assigned: lsalzman)
References
Details
(4 keywords, Whiteboard: [adv-main63-])
Attachments
(1 file)
|
(deleted),
text/plain
|
Details |
The attached crash information was submitted via the ASan Nightly Reporter on mozilla-central-asan-nightly revision 63.0a1-20180724100052-https://hg.mozilla.org/mozilla-central/rev/1e5fa52a612e8985e12212d1950a732954e00e45 (originally reported by %client%).
For detailed crash information, see attachment.
This one is similar to bug 1476952 and bug 1477324 but in this stack, the thread accessing the data is not a PaintWorker but a WRWorker and the upper stack differs. Filing this in case this is indeed a different bug.
|
Reporter | |
Comment 1•6 years ago
|
||
|
||
Comment 2•6 years ago
|
||
This seems like a dupe. Lee?
Assignee: nobody → lsalzman
Keywords: csectype-uaf,
sec-high
|
||
Updated•6 years ago
|
Group: core-security → gfx-core-security
|
|
Reporter | |
Updated•6 years ago
|
No longer blocks: asan-nightly-project
|
Assignee | |
Comment 3•6 years ago
|
||
I think this is fixed by bug 1478084
|
||
Comment 4•6 years ago
|
||
Resolving as duplicate per comment 3.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
|
||
Updated•6 years ago
|
Whiteboard: [adv-main63-]
|
|
||
Updated•5 years ago
|
Group: gfx-core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•