1709559 - Avoid direct NSPR PL_str* calls and use natives for libfuzzer fuzzing

Status: RESOLVED FIXED

(Core :: Networking, enhancement)

Description

[Christian Holler (:decoder)]

We have a lot of code that still calls PL_str* functions such as PL_strcasecmp that are natively re-implemented in NSPR rather than using the libc/os natives. This is harmful for fuzzing because e.g. libfuzzer intercepts the native counterparts of those functions to learn magic string constants. We also have identified cases where this previously harmed fuzzing in networking code.

As an intermediate solution, I am going to

1. Change all direct calls to PL_str* in networking code to use nsCRT::str* functions instead. Right now, this is a mix of direct calls and nsCRT calls with no apparent pattern.

2. Add appropriate functions and ifdefs to nsCRT that ensure that on Linux with libfuzzer, the OS natives are used if NSPR isn't using them already (e.g. for strcmp, NSPR forwards this to the native strcmp, but for strcasecmp it does not because it's just a POSIX function and not in the C standard).

3. Add the necessary ifdefs also to xpcom string comparators using the problematic functions.

This is the minimal solution to improve fuzzing. For the long run, we should look into re-organizing this appropriately and revisit if we really want to use the 20 year old self-made C implementation instead of OS-dependent implementations.

Comment 1

[Christian Holler (:decoder)]

Attachment: Bug 1709559 - Avoid using PL_str implementations when fuzzing network. r?valentin

Comment 2

[Pulsebot]

Pushed by choller@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/79aca7fd5b1a
Avoid using PL_str implementations when fuzzing network. r=valentin,necko-reviewers,xpcom-reviewers,KrisWright

Comment 3

[Natalia Csoregi [:nataliaCs]]

https://hg.mozilla.org/mozilla-central/rev/79aca7fd5b1a