Closed
Bug 1741525
Opened 3 years ago
Closed 3 years ago
Update rlbox for correct app_ptr support on 32-bit platforms
Categories
(Core :: Security: RLBox, defect, P3)
Tracking
()
RESOLVED
FIXED
96 Branch
| Tracking | Status | |
|---|---|---|
| firefox96 | --- | fixed |
People
(Reporter: shravanrn, Assigned: shravanrn)
References
Details
Attachments
(1 file)
|
(deleted),
text/x-phabricator-request
|
Details |
RLBox app pointer support on 32-bit systems is incorrect, as it may generate app pointer indices larger than the sandbox memory
|
||
Comment 1•3 years ago
|
||
It's not just app pointers right? It looks like the indices are also shared with callbacks.
|
Assignee | |
Comment 2•3 years ago
|
||
|
|
Assignee | |
Comment 3•3 years ago
|
||
It's not just app pointers right? It looks like the indices are also shared with callbacks.
Callbacks are similar but operate over different data structures so they will not be affected by this bug. Callbacks iterate over the indirect table to find an available slot and use this as the index. So they should already be fine.
Pushed by bholley@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/e94ac9389558
Update rlbox for correct app_ptr support on 32-bit platforms r=bholley
|
||
Comment 5•3 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 3 years ago
status-firefox96:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 96 Branch
You need to log in
before you can comment on or make changes to this bug.
Description
•