Closed Bug 1027300 Opened 10 years ago Closed 10 years ago

UMR in stun_get_siocgifconf_addrs

Categories

(Core :: WebRTC: Networking, defect)

All
Linux
defect
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla35
Tracking Status
firefox34 --- wontfix
firefox35 --- fixed
firefox-esr31 --- wontfix

People

(Reporter: bwc, Assigned: bwc)

Details

(Keywords: sec-moderate, Whiteboard: [adv-main35+])

Attachments

(1 file)

If any failure occurs here: http://dxr.mozilla.org/mozilla-central/source/media/mtransport/third_party/nICEr/src/stun/addrs.c?from=stun_get_siocgifconf_addrs&case=true#608 |ptr| will be left pointing at uninitialized memory. A failure in the socket call above would do this, for sure.
Note that this needs to be fixed concurrently in the nICEr repo.
Assignee: nobody → docfaraday
Status: NEW → ASSIGNED
Comment on attachment 8481567 [details] [diff] [review] Check for ioctl error return. Review of attachment 8481567 [details] [diff] [review]: ----------------------------------------------------------------- https://tbpl.mozilla.org/?tree=Try&rev=002920234613
Attachment #8481567 - Flags: review?(martin.thomson)
Attachment #8481567 - Flags: review?(martin.thomson) → review+
Before checkin, note comment 1 from ekr about upstream
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla35
(In reply to Randell Jesup [:jesup] from comment #4) > Before checkin, note comment 1 from ekr about upstream byron: has this been checked-in upstream?
Flags: needinfo?(docfaraday)
Yes.
Flags: needinfo?(docfaraday)
Whiteboard: [adv-main35+]
Group: core-security → core-security-release
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: