[Webkit-unassigned] [Bug 171211] [GTK] ASSERTION FAILED: m_deletionHasBegun when destroying ImageDecoder loading http://midori-browser.org/

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Apr 23 20:38:05 PDT 2017


https://bugs.webkit.org/show_bug.cgi?id=171211

Michael Catanzaro <mcatanzaro at igalia.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mcatanzaro at igalia.com

--- Comment #1 from Michael Catanzaro <mcatanzaro at igalia.com> ---
Note that this is a *UI process* assertion. Apparently image decoders are used in the UI process for the favicon database. This is surprising and unexpected to me, since I would not expect this security-critical code to be running in the UI process. I suppose we need to render those favicons somehow, but it should happen in a constrained secondary process where only the result is passed back to the UI process. This is what we do in gdk-pixbuf now, so that the image decoders can be sandboxed with seccomp filters. Of course, that's a much larger challenge for another bug report... in this bug we should just fix this assertion.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170424/85fbf563/attachment-0001.html>


More information about the webkit-unassigned mailing list