Closed
Bug 375740
Opened 18 years ago
Closed 14 years ago
ensure files that a mar updates are relative (not absolute) and are safe
Categories
(Toolkit :: Application Update, defect)
Tracking
()
RESOLVED
FIXED
mozilla5
People
(Reporter: moco, Assigned: robert.strong.bugs)
References
Details
ensure files that a mar updates are relative (not absolute) and are safe.
pointed out today at window's talk, so there might be a bug on this already (but I haven't seen it.)
thanks to window and her team for pointing this out.
see http://lxr.mozilla.org/seamonkey/source/toolkit/mozapps/update/src/updater/updater.cpp
for example, we should fix:
653 int
654 AddFile::Parse(char *line)
655 {
656 // format "<newfile>"
657
658 mFile = mstrtok(kQuote, &line);
659 if (!mFile)
660 return PARSE_ERROR;
661
662 return OK;
663 }
so that if mFile is absolute (or contains unsafe characters) we should report an error and not apply the mar.
Comment 1•18 years ago
|
||
Not that we shouldn't fix this, but why is it security sensitive? If you have a bad MAR, there are lots of ways to exploit it (bsdiff is probably very easy to exploit). We inherently trust the contents of a MAR, which is why we verify the signature carefully before staging.
Reporter | ||
Comment 2•18 years ago
|
||
> Not that we shouldn't fix this, but why is it security sensitive?
I was erring on the side of caution.
Updated•18 years ago
|
Group: security
Updated•16 years ago
|
Product: Firefox → Toolkit
Assignee | ||
Comment 3•14 years ago
|
||
Fixing this in bug 386760. I mainly want this for when we have a service performing updates.
Depends on: 386760
Assignee | ||
Comment 4•14 years ago
|
||
Fixed by bug 386760
Assignee: nobody → robert.bugzilla
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•14 years ago
|
Target Milestone: --- → mozilla5
You need to log in
before you can comment on or make changes to this bug.
Description
•