Open Bug 1557254 Opened 5 years ago Updated 2 years ago

Disallow lossy ACString conversions

Categories

(Core :: XPConnect, defect, P2)

Product:
Core
Component:
XPConnect
Type:
defect

Tracking

()

Status:
REOPENED

People

(Reporter: emk, Assigned: emk)

References

Details

Attachments

(1 file)

Bug 1557254 - Enable char range check on Nightly/DevEdition and make warnings more dire. r?dmajor
(deleted), text/x-phabricator-request
Details

ACString is a footgun. For example see bug 1549386.

Component: XPCOM → XPConnect
Summary: Disallow using ACString for JS-implemented XPCOM components → Disallow lossy ACString conversions
Depends on: 1557930
Depends on: 1557931
Pushed by VYV03354@nifty.ne.jp: https://hg.mozilla.org/integration/autoland/rev/13c976344b69 Enable char range check on Nightly/DevEdition and make warnings more dire. r=hsivonen

https://hg.mozilla.org/mozilla-central/rev/13c976344b69

Status: NEW → RESOLVED
Closed: 5 years ago
status-firefox69: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla69
Assignee: nobody → VYV03354
Regressions: 1558836

Backed out for causing bug 1558836 and bug 1558852

Backout: https://hg.mozilla.org/mozilla-central/rev/3ab360f56144d5c93dbb7ca8e1adab90f2a7f29b

Status: RESOLVED → REOPENED
status-firefox69: fixed → ---
Flags: needinfo?(VYV03354)
Resolution: FIXED → ---
Target Milestone: mozilla69 → ---

In bug 1558836, at least https://searchfox.org/mozilla-central/source/netwerk/cookie/nsICookieManager.idl#124-133 seems to be causing crashes with this patch applied, because sessionstore tries to restore cookies that have contents that trip this check.

Depends on: 1410013
Regressions: 1558750
Attachment #9070841 - Attachment description: Bug 1557254 - Enable char range check on Nightly/DevEdition and make warnings more dire. r?nika → Bug 1557254 - Enable char range check on Nightly/DevEdition and make warnings more dire. r?hsivonen

ping? (feel free to redirect if others should review the JS stuff)

Flags: needinfo?(VYV03354) → needinfo?(hsivonen)

(In reply to Masatoshi Kimura [:emk] from comment #6)

ping? (feel free to redirect if others should review the JS stuff)

Sorry. Phabricator is really unclear about whose action is needed next.

Flags: needinfo?(hsivonen)

The priority flag is not set for this bug.
:peterv, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(peterv)
Flags: needinfo?(peterv)
Priority: -- → P2
Attachment #9070841 - Attachment description: Bug 1557254 - Enable char range check on Nightly/DevEdition and make warnings more dire. r?hsivonen → Bug 1557254 - Enable char range check on Nightly/DevEdition and make warnings more dire. r?dmajor

What's the current state here? Looks like the patch is ready to re-land but it needs data review for the added crash data field? Or are there other blockers I'm not seeing?

Flags: needinfo?(VYV03354)

Yes, I'll submit data-review request.

Flags: needinfo?(VYV03354)

Sorry, there was a problem with the detection of inactive users. I'm reverting the change.

Assignee: nobody → VYV03354
Flags: needinfo?(peterv)
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: