Closed Bug 1519813 Opened 6 years ago Closed 4 years ago

ExpandedPrincipal created through de-serialization doesn't call Create() which causes null crash

Categories

(Core :: Security: CAPS, enhancement)

Product:
Core
Component:
Security: CAPS
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1508939

People

(Reporter: freddy, Assigned: jkt)

References

Details

Attachments

(2 files)

backtrace
5.61 KB, text/plain
Details
js_stack.txt
3.95 KB, text/plain
Details
Attached file backtrace

I thought I could always call GetOrigin() on ExpandedPrincipals, but it turned out I found some null pointer crashes.

Here's why: We sometimes create ExpandedPrincipals through deserialization, which calls the constructor but does not call ExpandedPrincipal::Create(). This leaves mOriginNoSuffix unitialized and hence pointing to 0x0.

Steps To Repeat

  • This will work current revisions of mozilla-central (e.g., 3dc7d345da52), but will stop working once I implement my workaround.

MOZ_LOG="CSMLog:5" ./mach mochitest --debugger=rr browser/components/extensions/test/browser/browser_ext_sessions_restoreTab.js

Attached file js_stack.txt

Honza, I'm told by ckerschb that you might be interested in this, since it would be caused by netwerk/base/nsSerializationHelper.cpp#46

Flags: needinfo?(honzab.moz)

I'm not sure why I should be interested in this, I am not involved in principals. Sorry.

Flags: needinfo?(honzab.moz)

This should be resolved in Bug 1508939 which I just put into lando. Bug 1547707 is a follow up that we should verify separately.

Assignee: nobody → jkt

The problem described here was fixed when refactoring all of the principal serialization within Bug 1508939. Marking as a duplicate.

Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: