mimeVerify.onStopRequest attempts to check for a null url, but has already defined it as an empty object
Categories
(MailNews Core :: Security: OpenPGP, defect)
Tracking
(thunderbird_esr78 fixed, thunderbird81 fixed)
People
(Reporter: standard8, Assigned: mkmelin)
Details
Attachments
(1 file, 1 obsolete file)
2.22 KB,
patch
|
patrick
:
review+
rjl
:
approval-comm-beta+
wsmwk
:
approval-comm-esr78+
|
Details | Diff | Splinter Review |
I can only reproduce this with my Conversations add-on in-testing, so I don't think this would be hit normally, however it still looks like a bug in the code:
let url = {};
...
if (this.msgUriSpec) {
url = EnigmailCompat.getUrlFromUriSpec(this.msgUriSpec);
}
...
if (this.uri && url) {
The url
check is always going to pass since the empty object is not null.
I spotted this, because when the url hasn't been assigned, the subsequent call to EnigmailURIs.msgIdentificationFromUrl
throws.
Assignee | ||
Comment 1•4 years ago
|
||
Move definition down to where it's first used, and make it null when not set.
We're also already inside if (this.uri)
Assignee | ||
Comment 2•4 years ago
|
||
Updated•4 years ago
|
Assignee | ||
Updated•4 years ago
|
Comment 3•4 years ago
|
||
please uplift correctness fixes to 78 for code consistency
Pushed by geoff@darktrojan.net:
https://hg.mozilla.org/comm-central/rev/1a13d435f8ae
fix url check in MimeVerify.onStopRequest. r=PatrickBrunschwig
Assignee | ||
Comment 5•4 years ago
|
||
Comment on attachment 9174090 [details] [diff] [review]
bug1663219_pgp_url_check.patch
[Approval Request Comment]
Code correction fix, unclear if it has user impact in practice. Should be safe.
Comment 6•4 years ago
|
||
Comment on attachment 9174090 [details] [diff] [review]
bug1663219_pgp_url_check.patch
[Triage Comment]
Approved for 81.0b3 by wsmwk via Matrix.
Comment 7•4 years ago
|
||
bugherder uplift |
Thunderbird 81.0b3:
https://hg.mozilla.org/releases/comm-beta/rev/8399ffac5f9d
Comment 8•4 years ago
|
||
Comment on attachment 9174090 [details] [diff] [review]
bug1663219_pgp_url_check.patch
[Triage Comment]
Approved for esr78.
Comment 9•4 years ago
|
||
bugherder uplift |
Thunderbird 78.2.2:
https://hg.mozilla.org/releases/comm-esr78/rev/3a5eb890b2c1
Description
•