Firefox crashes on invalid privacy.restrict3rdpartystorage.skip_list setting
Categories
(Core :: Privacy: Anti-Tracking, defect)
Tracking
()
Tracking | Status | |
---|---|---|
firefox-esr78 | --- | unaffected |
firefox89 | --- | wontfix |
firefox90 | --- | wontfix |
firefox91 | --- | fixed |
People
(Reporter: brennan.brisad, Assigned: brennan.brisad)
Details
Crash Data
Attachments
(1 file)
48 bytes,
text/x-phabricator-request
|
jcristau
:
approval-mozilla-beta-
|
Details | Review |
Steps to reproduce:
- Go to
about:config
. - Create a
privacy.restrict3rdpartystorage.skip_list
string and input;
as its value. - Firefox crashes.
The crash happens while executing PartitioningExceptionList::OnExceptionListUpdate
since the it does not properly handle invalid input: https://searchfox.org/mozilla-central/source/toolkit/components/antitracking/PartitioningExceptionList.cpp#124-150
Assignee | ||
Comment 1•3 years ago
|
||
I wrote a patch to fix this. I'll check if I can remember how to get it into Phabricator.
Assignee | ||
Comment 2•3 years ago
|
||
Updated•3 years ago
|
Assignee | ||
Comment 3•3 years ago
|
||
Thanks for the review! Could someone please land the fix, as I don't have the rights to do it myself.
Pushed by tihuang@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/7da256f6d3b3 Don't crash on invalid privacy.restrict3rdpartystorage.skip_list r=timhuang
Comment 5•3 years ago
|
||
bugherder |
Comment 6•3 years ago
|
||
The patch landed in nightly and beta is affected.
:brennan.brisad, is this bug important enough to require an uplift?
If not please set status_beta
to wontfix
.
For more information, please visit auto_nag documentation.
Assignee | ||
Comment 7•3 years ago
•
|
||
Comment on attachment 9224535 [details]
Bug 1713475 - Don't crash on invalid privacy.restrict3rdpartystorage.skip_list
Beta/Release Uplift Approval Request
- User impact if declined: An user wanting to add an exemption to State Partitioning by following the instructions here https://developer.mozilla.org/en-US/docs/Web/Privacy/State_Partitioning#exempt_specific_origins_from_partitioning, can simply mistype the syntax and instantly crash Firefox.
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: Yes
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): The change is only adding two simple conditionals to avoid dereferencing invalid pointers.
- String changes made/needed: none
Updated•3 years ago
|
Comment 8•3 years ago
|
||
Comment on attachment 9224535 [details]
Bug 1713475 - Don't crash on invalid privacy.restrict3rdpartystorage.skip_list
AFAICT this isn't often hit in the wild, so I prefer to let it ride the trains.
Updated•3 years ago
|
Comment 9•3 years ago
|
||
One crash report I noticed that looks like it hit this bug is bp-b0524b53-f245-4fe2-b114-3cbcd0210513
Description
•