Closed
Bug 1483377
Opened 6 years ago
Closed 6 years ago
Use static array for sWhitelist instead of StaticAutoPtr
Categories
(Core :: Networking: File, defect, P2)
Tracking
()
RESOLVED
FIXED
| Tracking | Status | |
|---|---|---|
| firefox-esr52 | --- | unaffected |
| firefox-esr60 | 62+ | fixed |
| firefox61 | --- | unaffected |
| firefox62 | --- | unaffected |
| firefox63 | --- | unaffected |
People
(Reporter: valentin, Assigned: valentin)
References
()
Details
(Keywords: csectype-disclosure, privacy, sec-moderate, Whiteboard: [tor 24052][sec-critical for Tor][necko-triaged][post-critsmash-triage][adv-esr60.2-])
Attachments
(1 file)
|
46 bytes,
text/x-phabricator-request
|
mayhemer
:
review+
RyanVM
:
approval-mozilla-esr60+
|
Details | Review |
+++ This bug was initially created as a clone of Bug #1412081 +++ (In reply to Richard Pospesel (Tor Browser Dev) from Bug 1412081 comment #125) > Yeah so the issue here is that sWhitelist is only populated after a call to > PathWhitelist(). The various directories are whitelisted during firefox > init (and sWhitelist is populated) in AllowUNCDirectory(char const*) by way > of InitDirectoriesWhitelist(). However, the call to PathWhitelist() does > not occur until the end of AllowUNCDirectory(), and only if the directory > resolves to an SMB path (ie, begins with \\). So, unless one of the special > dirs live on an SMB share, sWhitelist will never be populated, and the call > to IsBlockedUNCPath() will always early out due to the !sWhiteList check. > > The !sWhitelist check should be removed, since the underlying pointer is > never accessed directly, and always through the PathWhitelist() > getter/initializer.
|
Assignee | |
Updated•6 years ago
|
Group: core-security
|
|
Assignee | |
Comment 1•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=c664d3fc0c570b981840382567458222312548ec
|
||
Updated•6 years ago
|
Group: core-security → network-core-security
|
|
Assignee | |
Comment 2•6 years ago
|
||
|
||
Comment 3•6 years ago
|
||
Comment on attachment 9000184 [details] Bug 1483377 - Use static array for FilePreferences whitelist instead of StaticAutoPtr r=mayhemer Honza Bambas (:mayhemer) has approved the revision.
Attachment #9000184 -
Flags: review+
|
|
Assignee | |
Comment 4•6 years ago
|
||
Comment on attachment 9000184 [details] Bug 1483377 - Use static array for FilePreferences whitelist instead of StaticAutoPtr r=mayhemer [Approval Request Comment] If this is not a sec:{high,crit} bug, please state case for ESR consideration: This is required to completely fix TOR bug 1413868. User impact if declined: Users using TOR and smb may be deanonymized. Fix Landed on Version: This patch matches what is already on mozilla-central (mozilla63). The patch that got uplifted to ESR had this small difference which triggers the bug. Risk to taking this patch (and alternatives if risky): Very low risk. It brings the ESR version in line with what is already on m-c and plugs the corner case for TOR. String or UUID changes made by this patch: None.
Attachment #9000184 -
Flags: approval-mozilla-esr60?
|
|
||
Comment 5•6 years ago
|
||
Confirmed with Valentin over IRC that this is an esr60-only issue.
status-firefox61:
--- → unaffected
status-firefox62:
--- → unaffected
status-firefox63:
--- → unaffected
status-firefox-esr52:
--- → unaffected
status-firefox-esr60:
--- → affected
tracking-firefox-esr60:
--- → 62+
|
|
||
Comment 6•6 years ago
|
||
Comment on attachment 9000184 [details] Bug 1483377 - Use static array for FilePreferences whitelist instead of StaticAutoPtr r=mayhemer Follow-up fix to get ESR60 in sync with the patches that landed on 62+. Approved for ESR 60.2.
Attachment #9000184 -
Flags: approval-mozilla-esr60? → approval-mozilla-esr60+
|
|
||
Comment 7•6 years ago
|
||
| uplift | ||
https://hg.mozilla.org/releases/mozilla-esr60/rev/895eb260e946
Group: network-core-security → core-security-release
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
|
||
Updated•6 years ago
|
Whiteboard: [tor 24052][sec-critical for Tor][necko-triaged][post-critsmash-triage] → [tor 24052][sec-critical for Tor][necko-triaged][post-critsmash-triage][adv-60.2-]
|
|
||
Updated•6 years ago
|
Whiteboard: [tor 24052][sec-critical for Tor][necko-triaged][post-critsmash-triage][adv-60.2-] → [tor 24052][sec-critical for Tor][necko-triaged][post-critsmash-triage][adv-esr60.2-]
|
||
Updated•4 years ago
|
Group: core-security-release
You need to log in
before you can comment on or make changes to this bug.
Description
•