Disallow lossy ACString conversions

REOPENED
Assigned to

Status

()

defect
P2
normal
REOPENED
3 months ago
Last month

People

(Reporter: emk, Assigned: emk)

Tracking

Trunk
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

ACString is a footgun. For example see bug 1549386.

Component: XPCOM → XPConnect
Summary: Disallow using ACString for JS-implemented XPCOM components → Disallow lossy ACString conversions
Depends on: 1557930
Depends on: 1557931
Pushed by VYV03354@nifty.ne.jp:
https://hg.mozilla.org/integration/autoland/rev/13c976344b69
Enable char range check on Nightly/DevEdition and make warnings more dire. r=hsivonen
See Also: → 1558744
Status: NEW → RESOLVED
Closed: 2 months ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla69
Assignee: nobody → VYV03354
Regressions: 1558836
Status: RESOLVED → REOPENED
Flags: needinfo?(VYV03354)
Resolution: FIXED → ---
Target Milestone: mozilla69 → ---

In bug 1558836, at least https://searchfox.org/mozilla-central/source/netwerk/cookie/nsICookieManager.idl#124-133 seems to be causing crashes with this patch applied, because sessionstore tries to restore cookies that have contents that trip this check.

Depends on: 1410013
Regressions: 1558750
Attachment #9070841 - Attachment description: Bug 1557254 - Enable char range check on Nightly/DevEdition and make warnings more dire. r?nika → Bug 1557254 - Enable char range check on Nightly/DevEdition and make warnings more dire. r?hsivonen

ping? (feel free to redirect if others should review the JS stuff)

Flags: needinfo?(VYV03354) → needinfo?(hsivonen)

(In reply to Masatoshi Kimura [:emk] from comment #6)

ping? (feel free to redirect if others should review the JS stuff)

Sorry. Phabricator is really unclear about whose action is needed next.

Flags: needinfo?(hsivonen)

The priority flag is not set for this bug.
:peterv, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(peterv)
Flags: needinfo?(peterv)
Priority: -- → P2
Attachment #9070841 - Attachment description: Bug 1557254 - Enable char range check on Nightly/DevEdition and make warnings more dire. r?hsivonen → Bug 1557254 - Enable char range check on Nightly/DevEdition and make warnings more dire. r?dmajor

What's the current state here? Looks like the patch is ready to re-land but it needs data review for the added crash data field? Or are there other blockers I'm not seeing?

Flags: needinfo?(VYV03354)

Yes, I'll submit data-review request.

Flags: needinfo?(VYV03354)
You need to log in before you can comment on or make changes to this bug.