process_reader is unable to parse large program header notes
Categories
(Toolkit :: Crash Reporting, defect)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox-esr115 | --- | unaffected |
| firefox-esr128 | --- | fixed |
| firefox127 | --- | unaffected |
| firefox128 | --- | fixed |
| firefox129 | --- | fixed |
| firefox130 | --- | fixed |
People
(Reporter: gsvelto, Assigned: gsvelto)
References
(Regression)
Details
(Keywords: regression)
Attachments
(1 file)
|
48 bytes,
text/x-phabricator-request
|
dmeehan
:
approval-mozilla-beta+
RyanVM
:
approval-mozilla-release+
dmeehan
:
approval-mozilla-esr128+
|
Details | Review |
This is an accidental regression from bug 1897189 which tightened the checks we do when parsing notes. Previously, if we encountered a note too large to be the one we were looking for, we'd just skip over it. Now we try to parse every note, so goblin is throwing failures when we try to parse a note that is larger than what we expect for the one we're looking for, as there's not enough bytes to parse the entire note. For example, in a debug AArch64/Android build we have these notes:
Displaying notes found in: .note.android.ident
Owner Data size Description
Android 0x00000084 NT_VERSION (version)
description data: 15 00 00 00 72 32 36 63 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 31 31 33 39 34 33 34 32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Displaying notes found in: .note.moz.toolkit-build-id
Owner Data size Description
mzbldid 0x0000000f NT_VERSION (version)
description data: 32 30 32 34 30 37 30 31 31 36 30 32 31 34 00
Displaying notes found in: .note.moz.annotation
Owner Data size Description
mozannotation 0x00000010 Unknown note type: (0x415a4f4d)
description data: b0 b3 90 0e 00 00 00 00 b0 fc ff ff ff ff ff ff
Displaying notes found in: .note.gnu.build-id
Owner Data size Description
GNU 0x00000010 NT_GNU_BUILD_ID (unique build ID bitstring)
Build ID: c7b2c7153640d25fc0da22c7e63b683f
When looking for .note.moz.annotation we'd read 44 bytes of data here which correspond to the expected size of the note we're looking for. However .note.android.ident is much larger, and this causes this to fail. Since we bail out upon hitting a failure, we never find the note we're looking for.
|
||
Comment 1•1 year ago
|
||
Set release status flags based on info from the regressing bug 1897189
:gerard-majax, since you are the author of the regressor, bug 1897189, could you take a look? Also, could you set the severity field?
For more information, please visit BugBot documentation.
|
Assignee | |
Updated•1 year ago
|
|
|
Assignee | |
Comment 2•1 year ago
|
||
I've got a fix for this in the pipeline.
|
|
Assignee | |
Comment 3•1 year ago
|
||
|
||
Updated•1 year ago
|
|
||
Comment 5•1 year ago
|
||
Can you please assign this a severity?
|
|
Assignee | |
Updated•1 year ago
|
|
||
Comment 6•1 year ago
|
||
| bugherder | ||
|
||
Comment 7•1 year ago
|
||
:gsvelto do you want to add a beta and esr128 uplift request on this?
How about a release uplift for possible inclusion in a later Fx128 dot release?
|
|
Assignee | |
Comment 8•1 year ago
|
||
Yes, it would be nice to uplift this as it fixes a rather important problem.
|
|
Assignee | |
Comment 9•1 year ago
|
||
Comment on attachment 9410904 [details]
Bug 1905971 - Handle large PT_NOTE entries in the program headers correctly r=gerard-majax
Beta/Release Uplift Approval Request
- User impact if declined: None, but crash reports on Android might be missing important information
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: Yes
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): It's a small change to safe rust code that is covered by tests
- String changes made/needed: none
- Is Android affected?: Yes
ESR Uplift Approval Request
- If this is not a sec:{high,crit} bug, please state case for ESR consideration: We would have limited visibility in Android crashes for the entire length of the ESR release
- User impact if declined: None, but crash reports on Android might be missing important information
- Fix Landed on Version: 130
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): It's a small change to safe rust code that is covered by tests
|
|
||
Comment 10•1 year ago
|
||
Comment on attachment 9410904 [details]
Bug 1905971 - Handle large PT_NOTE entries in the program headers correctly r=gerard-majax
I just noticed this affecting Android only, rejecting esr128 uplift request since we don't ship Android builds of ESR.
This should still get a release uplift request though for Fx128
|
|
||
Updated•1 year ago
|
|
|
||
Comment 11•1 year ago
•
|
||
Comment on attachment 9410904 [details]
Bug 1905971 - Handle large PT_NOTE entries in the program headers correctly r=gerard-majax
Approved for 129.0b2
|
||
Comment 12•1 year ago
|
||
| uplift | ||
|
|
||
Updated•1 year ago
|
|
|
||
Updated•1 year ago
|
|
|
||
Comment 13•1 year ago
|
||
Per alissy, this could affect other Linux-based OSes too. Probably worth taking on ESR128 also to play it safe.
|
|
||
Updated•1 year ago
|
|
|
||
Comment 14•1 year ago
|
||
Comment on attachment 9410904 [details]
Bug 1905971 - Handle large PT_NOTE entries in the program headers correctly r=gerard-majax
Approved for Fenix/Focus 128.0.1.
|
|
||
Updated•1 year ago
|
|
|
||
Comment 15•1 year ago
|
||
| uplift | ||
|
|
||
Comment 16•1 year ago
|
||
Comment on attachment 9410904 [details]
Bug 1905971 - Handle large PT_NOTE entries in the program headers correctly r=gerard-majax
Approved for 128.1esr.
|
|
||
Comment 17•1 year ago
|
||
| uplift | ||
|
|
||
Updated•1 year ago
|
Description
•