Closed Bug 1398199 Opened 8 years ago Closed 8 years ago

move jit classification to publicly-available section

Categories

(Socorro :: General, task)

Product:
Socorro
Component:
General
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: willkg, Unassigned)

Details

We have a command line interface to the signature generator. That requires an API token that has the View PII permission in order to see whether or not a crash has been classified as a JIT crash--the JIT classification indicator is in a section of the processed crash that's not publicly available. That's kind of irritating. It'd be great to not have this problem. This bug covers looking into whether JIT classification really needs to be confidential and if not, then moving it to a publicly available section of the processed crash or something along those lines.
jit-crash-categorize returns one of a small set of possible outputs: https://github.com/mozilla-services/socorro/blob/4f008f869ca8dcf19c3af9631c7bbb03234dc715/minidump-stackwalk/jit-crash-categorize.cc#L42 UNKNOWN CORRUPT_CODE EIP_IN_BETWEEN BAD_BRANCH_TARGET BAD_EIP_INSTRUCTION https://github.com/mozilla-services/socorro/blob/4f008f869ca8dcf19c3af9631c7bbb03234dc715/minidump-stackwalk/jit-crash-categorize.cc#L113 MEMORY_INFO_NOT_PRESENT https://github.com/mozilla-services/socorro/blob/4f008f869ca8dcf19c3af9631c7bbb03234dc715/minidump-stackwalk/jit-crash-categorize.cc#L142 INSTRUCTION_POINTER_IN_INACCESSIBLE_MEM https://github.com/mozilla-services/socorro/blob/4f008f869ca8dcf19c3af9631c7bbb03234dc715/minidump-stackwalk/jit-crash-categorize.cc#L157 INSTRUCTION_POINTER_NOT_EXECUTABLE https://github.com/mozilla-services/socorro/blob/4f008f869ca8dcf19c3af9631c7bbb03234dc715/minidump-stackwalk/jit-crash-categorize.cc#L162 NOT_JIT_CODE https://github.com/mozilla-services/socorro/blob/4f008f869ca8dcf19c3af9631c7bbb03234dc715/minidump-stackwalk/jit-crash-categorize.cc#L174 NO_JIT_MEMORY https://github.com/mozilla-services/socorro/blob/4f008f869ca8dcf19c3af9631c7bbb03234dc715/minidump-stackwalk/jit-crash-categorize.cc#L181 NON_X86_WITH_JIT_MEMORY Of those, most of them are pretty harmless. A few of them reveal somewhat security-sensitive information, like `NOT_JIT_CODE` and `CORRUPT_CODE` might reveal whether a crash is potentially exploitable. Given how hard it tends to be to reproduce crashes from crash-stats though it's probably not harmful. (Anyone that could reproduce a crash locally could determine all of this for themselves anyway.)
Here's the signature rule: https://github.com/mozilla-services/socorro/blob/4f008f869ca8dcf19c3af9631c7bbb03234dc715/socorro/signature/signature_utilities.py#L641 Here's the JITCrashCategorizationRule: https://github.com/mozilla-services/socorro/blob/4f008f869ca8dcf19c3af9631c7bbb03234dc715/socorro/processor/breakpad_transform_rules.py#L626 Mmmm... I think based on what Ted said, I'm going to WONTFIX this. Sure, it's hard to infer information and it might be hard to do something with the information, but it is possible to do something with the information and I don't think the underlying need here makes this worth dealing with. We can re-open if the circumstances change or the needs are more compelling.
Somehow I didn't actually WONTFIX this. Doing so now.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.