If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

nsExtProtocolChannel doesn't initialize its load flags to 0

RESOLVED FIXED in Firefox -esr52

Status

()

Firefox
File Handling
--
critical
RESOLVED FIXED
6 months ago
6 months ago

People

(Reporter: mayhemer, Assigned: mayhemer)

Tracking

unspecified
Firefox 55
Points:
---
Bug Flags:
qe-verify -

Firefox Tracking Flags

(firefox52 wontfix, firefox-esr52 fixed, firefox53 fixed, firefox54 fixed, firefox55 fixed)

Details

Attachments

(1 attachment)

Comment hidden (empty)
(Assignee)

Comment 1

6 months ago
Created attachment 8850597 [details] [diff] [review]
v1 (just init in ctor)

Jason, this is a super simple patch blocking the security check URI bug.
Assignee: nobody → honzab.moz
Status: NEW → ASSIGNED
Attachment #8850597 - Flags: review?(jduell.mcbugs)
(Assignee)

Updated

6 months ago
Blocks: 1319111
(Assignee)

Comment 2

6 months ago
Comment on attachment 8850597 [details] [diff] [review]
v1 (just init in ctor)

Let's see what will bubble up.
(Assignee)

Comment 3

6 months ago
Comment on attachment 8850597 [details] [diff] [review]
v1 (just init in ctor)

Ehm... https://treeherder.mozilla.org/#/jobs?repo=try&revision=74bfb88e87d79150d376b644809103d915dc58df
Attachment #8850597 - Flags: review?(jduell.mcbugs) → review+
(Assignee)

Updated

6 months ago
Keywords: checkin-needed

Comment 4

6 months ago
Pushed by cbook@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/093d0c594fdc
Init nsExtProtocolChannel.mLoadFlags to 0, r=jduell
Keywords: checkin-needed

Comment 5

6 months ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/093d0c594fdc
Status: ASSIGNED → RESOLVED
Last Resolved: 6 months ago
status-firefox55: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 55
Looks like a low-risk belts and suspenders patch. Worth Aurora/Beta/ESR52 approval requests?
status-firefox52: --- → wontfix
status-firefox53: --- → affected
status-firefox54: --- → affected
status-firefox-esr52: --- → affected
Flags: needinfo?(honzab.moz)
(Assignee)

Comment 7

6 months ago
Comment on attachment 8850597 [details] [diff] [review]
v1 (just init in ctor)

[Approval Request Comment]
If this is not a sec:{high,crit} bug, please state case for ESR consideration:
User impact if declined: unknown
Fix Landed on Version: 55
Risk to taking this patch (and alternatives if risky): low (might expose some other bug where consumers of the load flags expect a flag be set, tho)
String or UUID changes made by this patch: none

See https://wiki.mozilla.org/Release_Management/ESR_Landing_Process for more info.

Approval Request Comment
[Feature/Bug causing the regression]: since ever?
[User impact if declined]: unknown
[Is this code covered by automated tests?]: not sure
[Has the fix been verified in Nightly?]: looks like
[Needs manual test from QE? If yes, steps to reproduce]: no
[List of other uplifts needed for the feature/fix]: none
[Is the change risky?]: it might expose a different bug of load flags consumers, but it's a low probability
[Why is the change risky/not risky?]: can't say
[String changes made/needed]: none
Flags: needinfo?(honzab.moz)
Attachment #8850597 - Flags: approval-mozilla-esr52?
Attachment #8850597 - Flags: approval-mozilla-beta?
Attachment #8850597 - Flags: approval-mozilla-aurora?

Comment 8

6 months ago
Comment on attachment 8850597 [details] [diff] [review]
v1 (just init in ctor)

Since the user impact is unknown and there is a low possibility to expose a different bug of load flags consumers. I prefer to let it ride the train on 55.
Aurora54-, Beta53- & ESR52-.
Attachment #8850597 - Flags: approval-mozilla-esr52?
Attachment #8850597 - Flags: approval-mozilla-esr52-
Attachment #8850597 - Flags: approval-mozilla-beta?
Attachment #8850597 - Flags: approval-mozilla-beta-
Attachment #8850597 - Flags: approval-mozilla-aurora?
Attachment #8850597 - Flags: approval-mozilla-aurora-

Updated

6 months ago
status-firefox53: affected → wontfix
status-firefox54: affected → wontfix
Flags: needinfo?(gchang)
Comment on attachment 8850597 [details] [diff] [review]
v1 (just init in ctor)

Hi Ryan, thanks for the reminder. We need to take this. Aurora54+ & Beta53+.
Flags: needinfo?(gchang)
Attachment #8850597 - Flags: approval-mozilla-esr52?
Attachment #8850597 - Flags: approval-mozilla-esr52-
Attachment #8850597 - Flags: approval-mozilla-beta-
Attachment #8850597 - Flags: approval-mozilla-beta+
Attachment #8850597 - Flags: approval-mozilla-aurora-
Attachment #8850597 - Flags: approval-mozilla-aurora+

Updated

6 months ago
status-firefox53: wontfix → affected
status-firefox54: wontfix → affected
Comment on attachment 8850597 [details] [diff] [review]
v1 (just init in ctor)

add missing initialization in ctor, esr52+
Attachment #8850597 - Flags: approval-mozilla-esr52? → approval-mozilla-esr52+

Comment 12

6 months ago
bugherderuplift
https://hg.mozilla.org/releases/mozilla-aurora/rev/1b675b18491d
status-firefox54: affected → fixed

Comment 13

6 months ago
bugherderuplift
https://hg.mozilla.org/releases/mozilla-beta/rev/5ab83d9424cd
status-firefox53: affected → fixed

Comment 14

6 months ago
bugherderuplift
https://hg.mozilla.org/releases/mozilla-esr52/rev/3282e8f6a121
status-firefox-esr52: affected → fixed
Setting qe-verify- based on Honza's assessment on manual testing needs (see Comment 7).
Flags: qe-verify-
You need to log in before you can comment on or make changes to this bug.