If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Use DOMTimestamp in MozCellBroadcastMessage

RESOLVED FIXED in Firefox 32, Firefox OS v1.3

Status

Firefox OS
RIL
--
critical
RESOLVED FIXED
3 years ago
2 years ago

People

(Reporter: vicamo, Assigned: vicamo)

Tracking

({dev-doc-needed, sec-critical})

unspecified
2.0 S3 (6june)
ARM
Gonk (Firefox OS)
dev-doc-needed, sec-critical
Dependency tree / graph

Firefox Tracking Flags

(firefox30 unaffected, firefox31 unaffected, firefox32 fixed, firefox33 fixed, firefox-esr31 unaffected, b2g18 wontfix, b2g-v1.1hd wontfix, b2g-v1.2 wontfix, b2g-v1.3 fixed, b2g-v1.3T fixed, b2g-v1.4 fixed, b2g-v2.0 fixed, b2g-v2.1 fixed)

Details

(Whiteboard: [p=1])

User Story

+++ This bug was initially created as a clone of Bug #939302 +++

The patch in bug 927711 added a "jsval" member to MmsDeliveryInfo but didn't add any code to trace the resulting values.  Since these structs are stored on the heap, that means that they value they're holding can just become garbage any time a GC happens.

I strongly recommend, in this order of checkins:

1) Using a numeric timestamp here, not a Date object.
2) Not using xpidl dictionaries.
3) Not using JSAPI directly, because any attempt to do so will generally go wrong.

Attachments

(1 attachment)

4.62 KB, patch
Gene Lian (I already quit Mozilla)
: review+
Details | Diff | Splinter Review
(Assignee)

Description

3 years ago
+++ This bug was initially created as a clone of Bug #939302 +++
(Assignee)

Updated

3 years ago
Whiteboard: [qa-]
(Assignee)

Comment 1

3 years ago
MozCellbroadcastMessage::timestamp is never referenced in Gaia.  See https://github.com/mozilla-b2g/gaia/blob/master/apps/system/js/cell_broadcast_system.js .
(Assignee)

Comment 2

3 years ago
Created attachment 8433923 [details] [diff] [review]
patch
Assignee: nobody → vyang
Attachment #8433923 - Flags: review?(gene.lian)
(Assignee)

Comment 3

3 years ago
full try: https://tbpl.mozilla.org/?tree=Try&rev=e896f824372f
Is it bug 945322?
(Assignee)

Updated

3 years ago
Blocks: 864484
Sorry, bug 945322 is for DOM Contacts, somehow missed this.
Comment on attachment 8433923 [details] [diff] [review]
patch

Review of attachment 8433923 [details] [diff] [review]:
-----------------------------------------------------------------

Looks good to me but have you checked the compatibilities with Gaia? We have to make sure Gaia doesn't use getTime() either before landing.
Attachment #8433923 - Flags: review?(gene.lian) → review+
(Assignee)

Comment 7

3 years ago
(In reply to Gene Lian [:gene] (needinfo? encouraged) from comment #6)
> Looks good to me but have you checked the compatibilities with Gaia? We have
> to make sure Gaia doesn't use getTime() either before landing.

See comment 1.
(Assignee)

Comment 8

3 years ago
Bug 939302 was uplifted to 1.3, so I originally think this might deserve 1.3 as well.  However, this attribute has never ever been referenced in Gaia, and CellBroadcast is only accessible in privileged apps (System app actually), so I'm not going to ask for 1.3? here.
(Assignee)

Comment 9

3 years ago
https://hg.mozilla.org/integration/b2g-inbound/rev/5d28e6b95af5
(Assignee)

Updated

3 years ago
Whiteboard: [p=1]
https://hg.mozilla.org/mozilla-central/rev/5d28e6b95af5
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → 2.0 S3 (6june)
(Assignee)

Updated

3 years ago
status-b2g18: --- → affected
status-b2g-v1.1hd: --- → affected
status-b2g-v1.2: --- → affected
status-b2g-v1.3: --- → affected
status-b2g-v1.3T: --- → affected
status-b2g-v1.4: --- → affected
status-b2g-v2.0: --- → fixed
status-b2g-v2.1: --- → fixed
status-firefox30: --- → unaffected
status-firefox31: --- → unaffected
status-firefox32: --- → fixed
status-firefox33: --- → fixed
https://hg.mozilla.org/releases/mozilla-b2g30_v1_4/rev/ccabaf8826a4
https://hg.mozilla.org/releases/mozilla-b2g28_v1_3/rev/c072b84f2280
status-b2g18: affected → wontfix
status-b2g-v1.1hd: affected → wontfix
status-b2g-v1.2: affected → wontfix
status-b2g-v1.3: affected → fixed
status-b2g-v1.4: affected → fixed
status-b2g-v1.3T: affected → fixed
status-firefox-esr31: --- → unaffected
Group: core-security
You need to log in before you can comment on or make changes to this bug.