Closed Bug 1555051 Opened 6 months ago Closed 5 months ago

Crash in [@ java.lang.SecurityException: at org.apache.harmony.security.utils.JarUtils.verifySignature(JarUtils.java)]

Categories

(Firefox for Android :: General, defect, P1, critical)

Product:
Firefox for Android
Component:
General
Version:
Firefox 67
Platform:
Unspecified
Android
Type:
defect

Tracking

()

Status:
VERIFIED FIXED
Milestone:
Firefox 69
Tracking Flags:
Tracking Status
firefox-esr60 --- wontfix
firefox67 --- wontfix
firefox67.0.1 --- wontfix
firefox68 + verified
firefox69 --- verified

People

(Reporter: marcia, Assigned: petru)

Details

(Keywords: crash, regression)

Crash Data

Attachments

(1 file)

Bug 1555051 - Use GeckoJarReader to read the theme image; r?VladBaicu
47 bytes, text/x-phabricator-request
jcristau
: approval-mozilla-beta+
Details | Review

This bug is for crash report bp-66a59d08-6914-4e72-aa90-124a30190528.

Seen while looking at 68 beta crash stats. Crashes started during 68 nightly cycle. APIs from 16-18 appear to be affected: https://bit.ly/2HGzybE.

Some correlations for beta:

(87.50% in signature vs 08.95% overall) minidump_sha256_hash = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
(87.50% in signature vs 09.34% overall) address = null
(87.50% in signature vs 09.34% overall) platform = Unknown
(87.50% in signature vs 09.34% overall) reason = null
(12.50% in signature vs 90.66% overall) platform = Android
(85.00% in signature vs 07.41% overall) startup_crash = null
(15.00% in signature vs 86.43% overall) startup_crash = 0
(15.00% in signature vs 79.98% overall) Addon "webcompat@mozilla.org" = true
(15.00% in signature vs 79.69% overall) Addon "webcompat-reporter@mozilla.org" = true
(12.50% in signature vs 68.72% overall) reason = SIGSEGV /SEGV_MAPERR
(12.50% in signature vs 51.68% overall) address = 0x0
(45.00% in signature vs 03.75% overall) android_hardware = smdk4x12
(45.00% in signature vs 03.75% overall) android_board = smdk4x12
(45.00% in signature vs 04.23% overall) android_version = 16 (REL)
(42.50% in signature vs 07.80% overall) android_version = 17 (REL)
(32.50% in signature vs 01.25% overall) android_model = GT-N8010
(32.50% in signature vs 01.25% overall) android_device = p4notewifiww
(25.00% in signature vs 01.15% overall) android_board = SBM303SH
(25.00% in signature vs 01.15% overall) android_device = SBM303SH
(25.00% in signature vs 01.15% overall) android_model = SBM303SH
(25.00% in signature vs 01.15% overall) android_brand = SBM

Java stack trace:

java.lang.SecurityException
	at org.apache.harmony.security.utils.JarUtils.verifySignature(JarUtils.java:180)
	at java.util.jar.JarVerifier.verifyCertificate(JarVerifier.java:302)
	at java.util.jar.JarVerifier.readCertificates(JarVerifier.java:271)
	at java.util.jar.JarFile.getInputStream(JarFile.java:398)
	at libcore.net.url.JarURLConnectionImpl.getInputStream(JarURLConnectionImpl.java:226)
	at java.net.URL.openStream(URL.java:462)
	at org.mozilla.gecko.util.BitmapUtils.decodeUrl(BitmapUtils.java:105)
	at org.mozilla.gecko.util.BitmapUtils.decodeUrl(BitmapUtils.java:98)
	at org.mozilla.gecko.lwt.LightweightTheme$LightweightThemeRunnable.run(LightweightTheme.java:133)
	at android.os.Handler.handleCallback(Handler.java:725)
	at android.os.Handler.dispatchMessage(Handler.java:92)
	at android.os.Looper.loop(Looper.java:176)
	at org.mozilla.gecko.util.GeckoBackgroundThread.run(GeckoBackgroundThread.java:41)

Fairly low volume. Triaging as a P3 based on this fact.

status-firefox69: --- → affected
Priority: -- → P3

28 crashes/14 installs so far in b7. No useful comments. High % of crashes are startup crashes:

(82.61% in signature vs 07.24% overall) startup_crash = null

This is the #1 top crash on Fennec Nightly 68.0a1 at the moment. Devin, are you the right person to get this on the radar for investigation?

tracking-firefox68: --- → +
Flags: needinfo?(dreams)
Priority: P3 → P1

I'm not well versed enough to translate the stack but I think this may be related to certificates?

Petru and team, this seems Android (not Gecko) specific. Can you help take a look and see what you think?

Flags: needinfo?(dreams) → needinfo?(petru.lingurar)

I'm seeing this error when trying to install/set a theme
as we would try to get it's icon from an URL like

jar:file:///data/data/org.mozilla.fennec_petru.lingurar/files/mozilla/r4t57k5x.default/extensions/%7B250e3114-c154-48dd-8d71-56e794641495%7D.xpi!/5.jpg

This seems especially bad because in my tests I see that it would always crash the app afterwards immediately after being started.

Assignee: nobody → petru.lingurar
Status: NEW → ASSIGNED
Flags: needinfo?(petru.lingurar)

This change seem to stem from how we now persist themes (as xpis).
Previously all theme files would be easily accessible and the image would have an url like

file:///data/data/org.mozilla.fennec_petrulingurar/files/mozilla/njcj6pk3.default/lightweighttheme-header

I don't think we need to invest time to track the regression though as we have an easy solution to read from the xpi: GeckoJarReader

If the theme is persisted as an xpi we'll use GeckoJarReader to read get the
image from inside the archive otherwise read it directly.

Keywords: checkin-needed

Pushed by rmaries@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/53b89d516cbc
Use GeckoJarReader to read the theme image; r=VladBaicu

Keywords: checkin-needed

https://hg.mozilla.org/mozilla-central/rev/53b89d516cbc

Status: ASSIGNED → RESOLVED
Closed: 5 months ago
status-firefox69: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 69

[Tracking Requested - why for this release]:

We will want to uplift this Fennec crash fix to the ESR 68 branch for the Fennec 68.1 release.

status-firefox-esr68: --- → affected
tracking-firefox-esr68: --- → ?

Bug was 100% reproducible on Android API level 16, 17, 18
by just installing a theme from https://addons.mozilla.org/en-US/android/themes/
Upon installation the app would crash and subsequent app starts would crash as well.
Please check if the issue is fixed on those API levels and that themes work as intended on higher versions of Android.

Flags: qe-verify+

(In reply to Petru-Mugurel Lingurar[:petru] from comment #11)

Bug was 100% reproducible on Android API level 16, 17, 18
by just installing a theme from https://addons.mozilla.org/en-US/android/themes/

That sounds like a bad regression. Should we uplift this fix to Fennec 68 release or a 68.0.1 dot release?

status-firefox67: --- → wontfix
status-firefox67.0.1: --- → wontfix
status-firefox-esr60: --- → wontfix

Please request beta uplift so we don't ship this.

Flags: needinfo?(petru.lingurar)

Comment on attachment 9073838 [details]
Bug 1555051 - Use GeckoJarReader to read the theme image; r?VladBaicu

Beta/Release Uplift Approval Request

  • User impact if declined: Constant crashes after installing a theme on Android 4.1 / 4.2 / 4.3
  • Is this code covered by automated tests?: No
  • Has the fix been verified in Nightly?: No
  • Needs manual test from QE?: Yes
  • If yes, steps to reproduce: Install a theme
  • List of other uplifts needed: None
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): Small targetted change.
  • String changes made/needed:
Flags: needinfo?(petru.lingurar)
Attachment #9073838 - Flags: approval-mozilla-beta?

Comment on attachment 9073838 [details]
Bug 1555051 - Use GeckoJarReader to read the theme image; r?VladBaicu

thanks, approved for beta68

Attachment #9073838 - Flags: approval-mozilla-beta? → approval-mozilla-beta+

I can confirm that this issue cannot be reproduced anymore using the latest build from treeherder(69.0a1) that included the patch with the fix.
I tried to reproduce this issue using Alcatel One Touch(Android 4.1.2) and everything worked as expected.

Verified as fixed on the latest Beta build v68.0b14 using Alcatel One Touch(Android 4.1.2).

Status: RESOLVED → VERIFIED
status-firefox68: fixedverified
Flags: qe-verify+
You need to log in before you can comment on or make changes to this bug.