Closed Bug 1315840 Opened 6 years ago Closed 6 years ago

Review all specializations of ParamTraits template for errors in serialization/deserialization of custom types

Categories

(Core :: IPC, defect, P1)

defect

Tracking

()

RESOLVED FIXED

People

(Reporter: huseby, Assigned: huseby)

References

(Depends on 2 open bugs)

Details

(Whiteboard: [IPC Audit])

This bug is for reviewing all of the customizations of the ParamTraits template that handles serialization/deserialization of custom types. The primary focus is on the read functions looking for errors in handling data coming from the wire.

Examples include:
* incorrect bounds checking.
* improper handling of enums.
* improperly trusting the value of data provided by the sending side.
* switch custom code to helper customizations of ParamTraits when available (e.g ParamTraits<nsACString>, etc).

The current list of customizations is here:

https://pastebin.mozilla.org/8926025

There are roughly 300 different customizations to review.
Priority: -- → P1
Whiteboard: [IPC Audit]
Depends on: 1319978
I have finished the hand audit of all of the custom serialization code.  Here are the results.

https://docs.google.com/a/mozilla.com/spreadsheets/d/1sTgA4bOuV0j1bP7_Q_QKsfiNNLfdIg_1CCo4-iB_cfo/edit?usp=sharing
FWIW, for things like nsTArray and nsCString, we've thought that it's more valuable for memory to be infallibly allocated so failure to allocate memory shows up as OOMs rather than IPC errors:

http://dxr.mozilla.org/mozilla-central/source/ipc/glue/IPCMessageUtils.h#458

We'll crash if we infallibly allocate, and crash if we fallibly allocate, so this gives us better crash debugging information.
Depends on: 1325670
Closing now complete.
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.