Closed Bug 1570786 Opened 5 years ago Closed 3 years ago

[@ mozilla::ContentPrincipal::GetURI ] null deref

Tracking

()

Status:

RESOLVED FIXED

Milestone:

91 Branch

Tracking Flags:

Tracking

Status

firefox-esr60

---

unaffected

firefox-esr68

---

wontfix

firefox-esr78

---

wontfix

firefox68

---

wontfix

firefox69

---

wontfix

firefox70

---

wontfix

firefox89

---

wontfix

firefox90

---

wontfix

firefox91

---

fixed

People

(Reporter: Oriol, Assigned: valentin)

References

(Regression)

Details

(Keywords: crash, regression, Whiteboard: [necko-triaged])

Crash Data

Attachments

(1 file)

Bug 1570786 - Avoid ContentPrincipal::GetURI null deref r=#necko 3 years ago Valentin Gosu [:valentin] (he/him) 48 bytes, text/x-phabricator-request		Details \| Review

Oriol Brufau [:Oriol]

Reporter

Description

•

5 years ago

Open browser console and run

Cc["@mozilla.org/principal;1"].createInstance(Ci.nsIPrincipal).URI

Expected: it returns null
Actual: browser crashes (null deref)

Regression window: https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=96b37ba12225d580f2b201d26915f88c5cb0d8a6&tochange=aabfe960ab59fea2e85896b1f8050786e16ab23b

Probably bug 1448058

Dragana Damjanovic [:dragana]

Updated

•

5 years ago

Priority: -- → P2

Whiteboard: [necko-triaged]

Patricia Lawless

Updated

•

5 years ago

status-firefox68: affected → wontfix

status-firefox69: affected → fix-optional

Liz Henry (:lizzard) (relman/hg->git project)

Updated

•

5 years ago

status-firefox69: fix-optional → wontfix

status-firefox70: affected → fix-optional

Valentin Gosu [:valentin] (he/him)

Assignee

Updated

•

3 years ago

Assignee: nobody → valentin.gosu

Severity: normal → S3

Valentin Gosu [:valentin] (he/him)

Assignee

Comment 1

•

3 years ago

Attached file Bug 1570786 - Avoid ContentPrincipal::GetURI null deref r=#necko — Details

Oriol Brufau [:Oriol]

Reporter

Comment 2

•

3 years ago

The testcase from comment 0 does no longer work because bug 1711078 removed Cc["@mozilla.org/principal;1"].
I can still use

Cc["@mozilla.org/systemprincipal;1"].createInstance(Ci.nsIPrincipal).URI;

but that just returns null as expected.

So not sure if you patch is actually needed.

Valentin Gosu [:valentin] (he/him)

Assignee

Comment 3

•

3 years ago

Technically true, there don't seem to be any ways of creating a contentPrincipal from JS with a null URI.
SystemPrincipal always returns a null URI.

For correctness I'd still like to land this. NS_ADDREF(*x = member) is a bad pattern anyway.

Pulsebot

Comment 4

•

3 years ago

Pushed by valentin.gosu@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/56888fc83da3
Avoid ContentPrincipal::GetURI null deref r=necko-reviewers,kershaw

Andreea Pavel [:apavel]

Comment 5

•

3 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/56888fc83da3

Status: NEW → RESOLVED

Closed: 3 years ago

status-firefox91: --- → fixed

Resolution: --- → FIXED

Target Milestone: --- → 91 Branch

Ryan VanderMeulen [:RyanVM]

Updated

•

3 years ago

status-firefox70: fix-optional → wontfix

status-firefox89: --- → wontfix

status-firefox90: --- → affected

status-firefox-esr68: affected → wontfix

status-firefox-esr78: --- → wontfix

Julien Cristau [:jcristau]

Updated

•

3 years ago

status-firefox90: affected → wontfix

BugBot [:suhaib / :marco/ :calixte]

Updated

•

2 years ago

Has Regression Range: --- → yes

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

[@ mozilla::ContentPrincipal::GetURI ] null deref

Categories

(Core :: Networking, defect, P2)

Tracking

()

People

(Reporter: Oriol, Assigned: valentin)

References

(Regression)

Details

(Keywords: crash, regression, Whiteboard: [necko-triaged])

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Updated

Updated

Updated

Updated

Comment 1

Comment 2

Comment 3

Comment 4

Comment 5

Updated

Updated

Updated

Attachment

General

Description

File Name

Content Type