Review all specializations of ParamTraits template for errors in serialization/deserialization of custom types

RESOLVED FIXED

Status

()

P1
normal
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: huseby, Assigned: huseby)

Tracking

(Depends on: 2 bugs, Blocks: 1 bug)

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [IPC Audit])

(Assignee)

Description

2 years ago
This bug is for reviewing all of the customizations of the ParamTraits template that handles serialization/deserialization of custom types. The primary focus is on the read functions looking for errors in handling data coming from the wire.

Examples include:
* incorrect bounds checking.
* improper handling of enums.
* improperly trusting the value of data provided by the sending side.
* switch custom code to helper customizations of ParamTraits when available (e.g ParamTraits<nsACString>, etc).

The current list of customizations is here:

https://pastebin.mozilla.org/8926025

There are roughly 300 different customizations to review.
(Assignee)

Updated

2 years ago
Whiteboard: [IPC Audit]
(Assignee)

Updated

2 years ago
Depends on: 1319978
Blocks: 1041862
(Assignee)

Comment 1

2 years ago
I have finished the hand audit of all of the custom serialization code.  Here are the results.

https://docs.google.com/a/mozilla.com/spreadsheets/d/1sTgA4bOuV0j1bP7_Q_QKsfiNNLfdIg_1CCo4-iB_cfo/edit?usp=sharing
FWIW, for things like nsTArray and nsCString, we've thought that it's more valuable for memory to be infallibly allocated so failure to allocate memory shows up as OOMs rather than IPC errors:

http://dxr.mozilla.org/mozilla-central/source/ipc/glue/IPCMessageUtils.h#458

We'll crash if we infallibly allocate, and crash if we fallibly allocate, so this gives us better crash debugging information.
(Assignee)

Updated

2 years ago
Depends on: 1325670
(Assignee)

Comment 3

2 years ago
Closing now complete.
Status: ASSIGNED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.