Closed
Bug 1294528
Opened 8 years ago
Closed 6 years ago
utime called from nsJAR::Extract in content process of Firefox desktop
Categories
(Core :: Security: Process Sandboxing, defect, P3)
Tracking
()
RESOLVED
WONTFIX
People
(Reporter: tedd, Unassigned)
References
Details
(Whiteboard: sblc4, sb-addons, tpi:-)
Crash Data
Crash reports show that sys_utime is called in the content process:
https://crash-stats.mozilla.com/search/?product=Firefox&reason=SIGSYS&address=%3D0x84&_sort=-date&_facets=address&_columns=date&_columns=signature&_columns=product&_columns=version&_columns=build_id&_columns=platform#facet-address
The crash report has good stack information and the call seems to come from:
https://dxr.mozilla.org/mozilla-central/rev/0502bd9e025edde29777ba1de4280f9b52af4663/modules/libjar/nsJAR.cpp#275
With nsLocalFile implementing the function here:
https://dxr.mozilla.org/mozilla-central/rev/0502bd9e025edde29777ba1de4280f9b52af4663/xpcom/io/nsLocalFileUnix.cpp#1103
which shows the utime() call.
|
Reporter | |
Updated•8 years ago
|
Crash Signature: [@ libc-2.19.so@0xeafa7 ]
|
||
Comment 1•8 years ago
|
||
nsJAR::Extract invoked from JS in a content process? Could this be an add-on doing that?
|
||
Updated•8 years ago
|
Flags: needinfo?(twalker)
|
|
||
Comment 2•8 years ago
|
||
Only one crash reported so far, it looks like: bp-95bb7505-4343-4955-abb6-2e0182160811
|
|
||
Updated•8 years ago
|
Whiteboard: [sb?] → sblc2, sb-addons
|
||
Comment 3•8 years ago
|
||
Still only one crash ever reported.
Flags: needinfo?(twalker)
Whiteboard: sblc2, sb-addons → sblc2, sb-addons, tpi:-
|
|
||
Updated•8 years ago
|
|
|
||
Comment 4•8 years ago
|
||
…Bugzilla, why did you do that. (This should either be a dup of 1322784 if it's about utime in general, or resolved WFM/Invalid/Incomplete/something if it's specifically about nsJAR in particular and it hasn't shown up again, but not FIXED.)
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
|
|
||
Updated•8 years ago
|
Whiteboard: sblc2, sb-addons, tpi:- → sblc4, sb-addons, tpi:-
|
|
||
Updated•8 years ago
|
Status: REOPENED → RESOLVED
Closed: 8 years ago → 8 years ago
Resolution: --- → WONTFIX
|
|
||
Updated•8 years ago
|
Resolution: WONTFIX → WORKSFORME
|
|
||
Comment 5•8 years ago
|
||
I found a few new nsJAR crashes on crash-stats.
Status: RESOLVED → REOPENED
Crash Signature: [@ libc-2.19.so@0xeafa7 ] → [@ libc-2.19.so@0xeafa7 ]
[@ libc-2.25.so@0xddb97 ]
[@ libc-2.24.so@0xdae87 ]
Resolution: WORKSFORME → ---
Summary: Seccomp sandbox violation: sys_utime called in content process of Firefox desktop → utime called from nsJAR::Extract in content process of Firefox desktop
|
|
||
Updated•8 years ago
|
Crash Signature: [@ libc-2.19.so@0xeafa7 ]
[@ libc-2.25.so@0xddb97 ]
[@ libc-2.24.so@0xdae87 ] → [@ libc-2.19.so@0xeafa7 ]
[@ libc-2.25.so@0xddb97 ]
[@ libc-2.24.so@0xdae87 ]
[@ libc-2.23.so@0xdaa57 ]
|
|
||
Updated•7 years ago
|
Priority: -- → P3
|
|
||
Updated•7 years ago
|
OS: Unspecified → Linux
|
||
Comment 6•6 years ago
|
||
Closing because no crash reported since 12 weeks.
Status: REOPENED → RESOLVED
Closed: 8 years ago → 6 years ago
Resolution: --- → WONTFIX
|
|
||
Comment 7•6 years ago
|
||
Closing because no crash reported since 12 weeks.
|
|
||
Comment 8•6 years ago
|
||
I rechecked crash-stats searching for the syscall numbers (the “signature” is a bad approximation, but it's the best we can do without changes to the crash processor) and there aren't any in the past 6 months.
You need to log in
before you can comment on or make changes to this bug.
Description
•