There is a topcrash that appears to be caused mostly by add-ons that use compartments incorrectly [1]. It crashes in a fairly arbitrary place, GetNameFromBytecode. I think we can fix that crash, but of course the add-ons in question will still be unsafe.
What should we do about add-ons using compartments incorrectly? 1. Make compartment assertions fatal at the API, so they just crash all the time and have to be fixed. This pretty directly protects us, but could cause a lot of crashing. 2. Have the API return false if compartments mismatch. The add-ons will break, but the browser should stay safe. 3. Nothing. I like #2, it seems to protect us from a source of unsafety with an acceptable cost. But what does everyone else think? Is there a problem with #2 that I haven't noticed? Dave [1] https://bugzilla.mozilla.org/show_bug.cgi?id=746036#c22 _______________________________________________ dev-tech-js-engine-internals mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-js-engine-internals
