Closed
Bug 1293328
Opened 8 years ago
Closed 8 years ago
mozilla::net::NullHttpTransaction supporting weak reference but used on multiple threads
Categories
(Core :: Networking: HTTP, defect)
Core
Networking: HTTP
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: mayhemer, Unassigned)
References
Details
(Keywords: sec-audit, Whiteboard: [necko-active])
m-c with bug 956338 patch v1.1 (soon will be updated with a less strict patch), tho, still worth reporting to at least think about it. Socket thread: xul.dll!nsSupportsWeakReference::~nsSupportsWeakReference() Line 63 C++ > xul.dll!mozilla::net::NullHttpTransaction::`scalar deleting destructor'() C++ xul.dll!nsExtProtocolChannel::Release() Line 77 C++ xul.dll!mozilla::net::nsHttpConnectionMgr::nsHalfOpenSocket::~nsHalfOpenSocket() Line 2992 C++ xul.dll!mozilla::net::nsHttpConnectionMgr::nsHalfOpenSocket::Release() Line 2957 C++ xul.dll!mozilla::net::nsSocketOutputStream::OnSocketReady(NS_OK) Line 553 C++ xul.dll!mozilla::net::nsSocketTransport::OnSocketReady(0x0fa57480, ) Line 1964 C++ xul.dll!mozilla::net::nsSocketTransportService::DoPollIteration() Line 1082 C++ xul.dll!mozilla::net::nsSocketTransportService::Run() Line 867 C++ xul.dll!nsThread::ProcessNextEvent(true, 0x0663fa3f) Line 1058 C++ xul.dll!NS_ProcessNextEvent(, true) Line 290 C++ but was created on the main thread. There was tho no weakprt proxy created for it.
Flags: needinfo?
Updated•8 years ago
|
Group: core-security → network-core-security
Flags: needinfo?
Reporter | ||
Comment 1•8 years ago
|
||
Note, that on try or locally I was not able to hit multi-thread usage of the _weak proxy_ object (the latest version of the assertion patch from bug 956338). But that doesn't mean there isn't a code path allowing the concurrent access.
Reporter | ||
Comment 2•8 years ago
|
||
Patrick, I'll need some help to find steps how to trigger the h2/https proxy tunneling. I've set up an https proxy (squid) via PAC, checked it's working, but can't trigger the code that does actual do_QueryReferent on the transaction (In/OutputStreamShim).
Comment 3•8 years ago
|
||
I don't believe squid does https over h2 - which you probably need for that code (it does https over h1/https) to trigger. nghttp is my goto h2 proxy of choice.
Reporter | ||
Updated•8 years ago
|
Assignee: nobody → honzab.moz
Reporter | ||
Updated•8 years ago
|
Whiteboard: [necko-active]
Reporter | ||
Comment 4•8 years ago
|
||
Seems like there are no crashes captured by crash-stats nor we was able to reproduce locally.
Assignee: honzab.moz → nobody
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → WORKSFORME
Updated•7 years ago
|
Group: network-core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•