Security/Sandbox/2016-01-07
From MozillaWiki
« previous week | index | next week »
Windows
- Content Sandboxing
- bug 1156742 - print to xps with low integrity sandbox - skia bug has been fixed so I landed this, but had to pref off again due to paper size issue breaking printing for a lot of people. Shouldn't be too difficult to fix.
- bug 1173371 - Web page is not shown when launch Firefox from network drive on Windows - Chromium fix isn't quite good enough to work for network drive, so I'm going to have to patch the Chromium code for this. Looks fairly tricky due to what seems like a history of different approaches to handling these things in Windows. Once I have a solution I'll try and upstream the patch for Chromium.
- NPAPI Sandboxing
- bug 1236911 - Cannot open file picker window from flash widget on x64 browser version - haven't investigated this yet, but without the sandbox it works.
OS X
- Content Sandboxing
- bug 1237847 - [e10s] Null deref crash when running test_pluginstream_newstream.html - I'm learning how to debug the child process, but so far can see that CreateUnique(nsIFile::NORMAL_FILE_TYPE, 0700); is failing and that later results in the assertion failure
Cross Platform
- WebRTC/OpenH264 Sandboxing
- Fixes for MSVC C++11 compliance issues
- Looking at potential code cleanups
- Fuzzing
- bug 1232119 - Extend Faulty (IPC fuzzer) to fuzz Shmem content - Did a little more on this, in my tests fuzzing the ShmemCreated message (child->parent) results in it an incorrect size being immediately detected by the parent and an intentional crash, don't have a patch ready yet