Open
Bug 1189349
Opened 9 years ago
Updated 2 years ago
Use mozilla::Tokenizer here and there
Categories
(Core :: General, defect)
Core
General
Tracking
()
NEW
Tracking | Status | |
---|---|---|
firefox42 | --- | affected |
People
(Reporter: mayhemer, Unassigned)
References
(Depends on 1 open bug)
Details
(Keywords: good-first-bug)
No description provided.
Reporter | ||
Updated•8 years ago
|
Assignee: nobody → honzab.moz
Reporter | ||
Updated•8 years ago
|
Status: NEW → ASSIGNED
Reporter | ||
Comment 1•8 years ago
|
||
Not actively working on this right now, but once would love to.
Assignee: honzab.moz → nobody
Status: ASSIGNED → NEW
Reporter | ||
Updated•8 years ago
|
Whiteboard: [good first bug]
Comment 2•7 years ago
|
||
Hi.. I would like to work on this bug. I'm a beginner and still catching up to things...
Reporter | ||
Comment 3•7 years ago
|
||
(In reply to swapneshks from comment #2) > Hi.. I would like to work on this bug. > I'm a beginner and still catching up to things... Thank you. Unfortunatelly there is currently no one who would give you a guidance/mentoring right now, since all teams, specially the Necko (networking) team are pretty busy with priority projects. This bug has a very low priority, it's only about a code cleanup. If you write patches for this bug, there will probably be nobody to give you quickly a good feedback. Thanks.
Comment 4•6 years ago
|
||
Is this issue active?
Reporter | ||
Comment 5•6 years ago
|
||
(In reply to Videet Singhai from comment #4) > Is this issue active? Nobody is actively working on it, but it's good to keep it on the list of open bugs. When resources are available (=a developer has a spare time) it's worth to act.
Comment 6•6 years ago
|
||
Can you explain what is to be done?
Reporter | ||
Comment 7•6 years ago
|
||
(In reply to Videet Singhai from comment #6) > Can you explain what is to be done? Sure. On many places in the code we have to parse some input, being it a HTTP response header, or any arbitrary input parsing, we may still use strstr, strchr, strcmp etc C function, which are unsafe and making the code potentially vulnerable, plus making such a code hard to maintain and change. I used to have a list of things to change, but unfortunately can't find it right now. If you are willing to wait a day or so, I can provide it with some instructions and example how to migrate to using the modern Tokenizer API. Thank you.
Do the changes need to be done in a specific component, or is just all over the place?
Reporter | ||
Comment 9•6 years ago
|
||
(In reply to vinf100 from comment #8) > Do the changes need to be done in a specific component, or is just all over > the place? Sorry for late answer. I think I can say this can effect the whole platform, so - all over the place, yes.
Comment 10•6 years ago
|
||
(In reply to (away till 13.8.) Honza Bambas (:mayhemer) from comment #7) > (In reply to Videet Singhai from comment #6) > > Can you explain what is to be done? > > Sure. On many places in the code we have to parse some input, being it a > HTTP response header, or any arbitrary input parsing, we may still use > strstr, strchr, strcmp etc C function, which are unsafe and making the code > potentially vulnerable, plus making such a code hard to maintain and change. > > I used to have a list of things to change, but unfortunately can't find it > right now. If you are willing to wait a day or so, I can provide it with > some instructions and example how to migrate to using the modern Tokenizer > API. > > Thank you. Do you still have the list of necessary changes, as well as the instructions?
Comment 11•5 years ago
|
||
Hi, I want to work on this bug. Is this still active?
Reporter | ||
Comment 12•5 years ago
|
||
(In reply to Srujana Peddinti from comment #11)
Hi, I want to work on this bug. Is this still active?
Yes. Thanks! I just filed bug 1542293, which you can freely take. I can feedback any early patches and give advises.
Comment 13•5 years ago
|
||
(In reply to Honza Bambas (:mayhemer) from comment #12)
Yes. Thanks! I just filed bug 1542293, which you can freely take. I can feedback any early patches and give advises.
Sure, thank you. I have commented there. Sorry for the late reply, I was occupied with a couple of other things last week.
Updated•4 years ago
|
Keywords: good-first-bug
Whiteboard: [good first bug]
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•