Oxide

Potential UAF when deleting a webview that's displaying fullscreen Flash content

Bug #1510963 reported by Chris Coulson on 2015-10-28

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Oxide	Fix Released	High	Chris Coulson	Oxide branch-1.12

Bug Description

If a webview that is displaying fullscreen Flash content is deleted, we don't correctly null out the |container_| pointer on RWHV, which could result in a use-after-free

Related branches

lp:~oxide-developers/oxide/oxide.trunk

Chris Coulson (chrisccoulson) on 2015-10-28

Changed in oxide:
importance:	Undecided → High
status:	New → In Progress
assignee:	nobody → Chris Coulson (chrisccoulson)
milestone:	none → branch-1.12

Chris Coulson (chrisccoulson) on 2015-10-28

Changed in oxide:
status:	In Progress → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Related blueprints

Support for the Pepper Flash Player

Remote bug watches

Bug watches keep track of this bug in other bug trackers.