Open
Bug 1982299
Opened 3 months ago
Updated 27 days ago
Unsafe code paths used with email account that uses NTLM authentication, MOZ_ASSERT(NS_IsMainThread())
Categories
(MailNews Core :: Networking, defect)
MailNews Core
Networking
Tracking
(Not tracked)
NEW
People
(Reporter: KaiE, Unassigned)
References
(Blocks 1 open bug)
Details
(Whiteboard: [mailsec-vuln-fixwanted])
I'm testing an email account that uses NTML authentication.
We're running into an assertion in a debug-enabled build, which can mean that we may get undefined behavior in the optimized build.
mozilla/security/manager/ssl/nsNTLMAuthModule.cpp
GenerateType3Msg
MOZ_ASSERT(NS_IsMainThread());
|
Reporter | |
Comment 1•3 months ago
|
||
For testing, I temporarily disabled that assertion, but then I immediately run into another one,
[122312] Assertion failure: sInServoTraversal || NS_IsMainThread(), at /home/user/moz/comm-esr140/obj-thunder-opt/dist/include/mozilla/ServoUtils.h:33
|
||
Comment 2•3 months ago
|
||
Which type of account is it?
|
|
Reporter | |
Comment 3•3 months ago
|
||
IMAP, SSL/TLS
|
|
Reporter | |
Updated•3 months ago
|
Summary: Assertion with email account that uses NTLM authentication, MOZ_ASSERT(NS_IsMainThread()) → Unsafe code paths used with email account that uses NTLM authentication, MOZ_ASSERT(NS_IsMainThread())
|
||
Comment 4•2 months ago
|
||
Existed prior to esr 140?
|
|
Reporter | |
Updated•28 days ago
|
Whiteboard: [mailsec-vuln-fixwanted]
|
||
Updated•27 days ago
|
Blocks: tb-mailsec-confirmed-issues
You need to log in
before you can comment on or make changes to this bug.
Description
•