Closed Bug 1812368 Opened 3 years ago Closed 3 years ago

Truncate more URIs that we pass into marker payloads

Categories

(Core :: Gecko Profiler, defect, P1)

Product:
Core
Component:
Gecko Profiler
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
111 Branch
Tracking Flags:
Tracking Status
firefox-esr102 --- wontfix
firefox110 --- wontfix
firefox111 --- fixed

People

(Reporter: canova, Assigned: canova)

References

Details

(Keywords: sec-other, Whiteboard: [adv-main111-])

Attachments

(1 file)

Bug 1812368 - Truncate the URLs we are passing into profiler markers r?julienw,mstange
48 bytes, text/x-phabricator-request
Details | Review

We truncated some URIs in markers with Bug 1810055. But it looks like there are some more markers that are passing untruncated URIs.
Here's one: https://searchfox.org/mozilla-central/rev/df68a65540f2227e27a12ed0b491188e2927f6d5/layout/base/nsRefreshDriver.cpp#1765-1768

We also fix the underlying problem inside the profiler buffer with Bug 1803109 but it would be good to fix this individually as well.

Making this a security issue thinking that this crash could be exploited somehow. I think it would be hard to do, but better safe than sorry.

Group: partner-confidential
Group: core-security → layout-core-security
Keywords: sec-other
Assignee: nobody → canaltinova
Status: NEW → ASSIGNED

Truncate the URLs we are passing into profiler markers r=julienw
https://hg.mozilla.org/integration/autoland/rev/5f1a89577a82bf303df0e00e5c2f5ea63f45deff
https://hg.mozilla.org/mozilla-central/rev/5f1a89577a82

Group: layout-core-security → core-security-release
Status: ASSIGNED → RESOLVED
Closed: 3 years ago
status-firefox111: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → 111 Branch
See Also: → 1800596
QA Whiteboard: [post-critsmash-triage]
Flags: qe-verify-
Whiteboard: [adv-main111-]
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: