Closed Bug 1141885 Opened 9 years ago Closed 9 years ago

Make readlink() fail instead of allowing it, for B2G content processes

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla39

Tracking Flags:

Tracking

Status

firefox39

---

fixed

People

(Reporter: jld, Assigned: jld)

References

Details

Attachments

(1 file, 1 obsolete file)

bug1141885-fail-readlink-hg0.diff 9 years ago Jed Davis [:jld] ⟨⏰\|UTC-7⟩ ⟦he/him⟧ 1.24 KB, patch	kang : review+	Details \| Diff \| Splinter Review
bug1141885-fail-readlink-hg1.diff 9 years ago Jed Davis [:jld] ⟨⏰\|UTC-7⟩ ⟦he/him⟧ 1.28 KB, patch	jld : review+	Details \| Diff \| Splinter Review

Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧

Assignee

Description

•

9 years ago

We're currently letting B2G content processes call readlink(), because WebRTC wants to do crypto in the content process, and NSS can't do that without trying to load a PKCS#11 library, and that wants to use readlink (misuse, really; it looks like it will fail entertainingly if it ever encounters relative symlinks).  And for some reason we can't easily get rid of the PKCS#11 thing, which very much does not belong in a content process under any circumstance, if I correctly understand what it is.

But it's not actually going to encounter a symlink, at least not on B2G.  So we can just have readlink always fail with EINVAL.  Empirically, WebRTC still works with this change; I'll also run Try.

It will save me some work if I don't actually have to remote readlink() in bug 930258.

Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧

Assignee

Comment 1

•

9 years ago

Attached patch bug1141885-fail-readlink-hg0.diff (obsolete) — Details — Splinter Review

Try run: https://treeherder.mozilla.org/#/jobs?repo=try&revision=069fb653a21f

Attachment #8576203 - Flags: review?(gdestuynder)

Guillaume Destuynder [:kang] [this account is no longer active]

Comment 2

•

9 years ago

Comment on attachment 8576203 [details] [diff] [review]
bug1141885-fail-readlink-hg0.diff

Review of attachment 8576203 [details] [diff] [review]:
-----------------------------------------------------------------

more woohoo :)

Attachment #8576203 - Flags: review?(gdestuynder) → review+

Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧

Assignee

Comment 3

•

9 years ago

Attached patch bug1141885-fail-readlink-hg1.diff — Details — Splinter Review

Rebased (would conflict with bug 906996).  Carrying over r+.  Try run: https://treeherder.mozilla.org/#/jobs?repo=try&revision=374c094a84df

Also tested locally with an app that uses window.crypto.subtle.

Attachment #8576203 - Attachment is obsolete: true

Attachment #8577544 - Flags: review+

Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧

Assignee

Comment 4

•

9 years ago

Try run in comment #3 seems to have passed as much as it can be expected to.

Keywords: checkin-needed

Carsten Book [:Tomcat]

Comment 5

•

9 years ago

https://hg.mozilla.org/integration/mozilla-inbound/rev/093b0a844c3b

Keywords: checkin-needed

Carsten Book [:Tomcat]

Comment 6

•

9 years ago

https://hg.mozilla.org/mozilla-central/rev/093b0a844c3b

Status: NEW → RESOLVED

Closed: 9 years ago

status-firefox39: --- → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla39

You need to log in before you can comment on or make changes to this bug.

bug1141885-fail-readlink-hg0.diff 9 years ago Jed Davis [:jld] ⟨⏰\|UTC-7⟩ ⟦he/him⟧ 1.24 KB, patch	kang : review+	Details \| Diff \| Splinter Review
bug1141885-fail-readlink-hg1.diff 9 years ago Jed Davis [:jld] ⟨⏰\|UTC-7⟩ ⟦he/him⟧ 1.28 KB, patch	jld : review+	Details \| Diff \| Splinter Review

Bugzilla

Quick Search

Make readlink() fail instead of allowing it, for B2G content processes

Categories

(Core :: Security: Process Sandboxing, defect)

Tracking

()

People

(Reporter: jld, Assigned: jld)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file, 1 obsolete file)

Description

Comment 1

Comment 2

Comment 3

Comment 4

Comment 5

Comment 6

Attachment

General

Description

File Name

Content Type