canmove, Confirmed users
640
edits
Security/Reviews/Firefox4/HTML5 Parser Security Review: Difference between revisions
Jump to navigation
Jump to search
Security/Reviews/Firefox4/HTML5 Parser Security Review (view source)
Revision as of 18:25, 27 October 2010
, 27 October 2010→Review comments
(→Security and Privacy: Update status of formatting element limits) |
|||
| Line 132: | Line 132: | ||
== Review comments == | == Review comments == | ||
* current testing | |||
** real world use in nightlies | |||
** Jesse has been fuzzing through innerHTML | |||
*** sicking: should add a dom->html->dom roundtripping tests. File {{bug|xxxx}} | |||
** need to add MangleMe and IExploder fuzzing {{bug|xxxxx}} | |||
* mostly used infallible malloc, but nsTArray is not currently infallible | |||
** making nsTArray optionally infallible is blocker {{bug|550611}} | |||
** after fixing that need to use it in {{bug|585943}} | |||
** if nsTArray is not fixed we need to check for allocation failures in the parser (probably can still use {{bug|585943}} for that since it'll be an alternate fix for those crashes) | |||