Closed Bug 448626 Opened 17 years ago Closed 17 years ago

fix a (probably harmless) mistake in nsUrlClassifierDBServiceWorker::IsCanonicalizedIP()

Categories

(Toolkit :: Safe Browsing, defect)

Product:
Toolkit
Component:
Safe Browsing
Type:
defect
Priority:
Not set
Severity:
trivial

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Firefox 3.1a2

People

(Reporter: bartml, Assigned: bartml)

References

(
URL
)

Details

(Keywords: fixed1.9.0.2)

Attachments

(1 file)

fix IsCanonicalizedIP()
919 bytes, patch
dcamp
: review+
samuel.sidler+old
: approval1.9.0.2+
Details | Diff | Splinter Review
User-Agent: Konqueror Build Identifier: There is some mistake in nsUrlClassifierDBService.cpp - in a method nsUrlClassifierDBServiceWorker::IsCanonicalizedIP(). See http://mxr.mozilla.org/firefox/source/toolkit/components/url-classifier/src/nsUrlClassifierDBService.cpp#1931 or http://bb.homelinux.org/firefox/sources/3.0.1/mozilla/toolkit/components/url-classifier/src/nsUrlClassifierDBService.cpp.html#1931 . This line: return (i1 <= 0xFF && i1 <= 0xFF && i1 <= 0xFF && i1 <= 0xFF); should be replaced with: return (i1 <= 0xFF && i2 <= 0xFF && i3 <= 0xFF && i4 <= 0xFF); I guess. It is probably pretty harmless anyway... Reproducible: Always
Patch. BTW, is there some way to add a patch during filling a new bug? Because I haven't found any...
Attachment #331829 - Flags: review?(dcamp)
You can only attach it later..
Status: UNCONFIRMED → NEW
Ever confirmed: true
Attachment #331829 - Flags: review?(dcamp) → review+
Assignee: nobody → bartml
Pushed as 17096:ddab14b88e4a.
Status: NEW → RESOLVED
Closed: 17 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 3.1a2
Flags: wanted1.9.0.x?
Attachment #331829 - Flags: approval1.9.0.2?
Dave, what does this patch do, functionally, and why is this change needed/wanted? Can this be tested?
Flags: in-testsuite?
The IsCanonicalizedIP() function is used by the classifier to decide whether to treat a host as an IP address (which is handled in a single chunk, ie "154.128.100.3") or as a hostname (which is handled as a series of hostname components, ie "www.foo.com" and "foo.com" etc). The function is supposed to check for four numeric components that are < 256. This patch fixes a bug where it checked for four numeric components, only the first of which needs to be < 256. As the title says, this is probably a harmless bug - it means that 150.200.888.900 will be tested as an IP address (one string) rather than a hostname. But given that there won't be blacklist entries at a domain called 200.888.900, it's not much of a practical problem, but it's a very-low-risk fix. I'll look at writing a test.
Comment on attachment 331829 [details] [diff] [review] fix IsCanonicalizedIP() Sounds good to me. Thanks. Approved for 1.9.0.2. Please land in CVS. a=ss Be sure to land any test you create in CVS as well.
Attachment #331829 - Flags: approval1.9.0.2? → approval1.9.0.2+
Actually it turns out to be really tough to test, because there's an earlier pass (during hostname canonicalization) that makes sure that the numbers will always be < 255. So there's actually no way to trigger this bug.
Checking in src/nsUrlClassifierDBService.cpp; /cvsroot/mozilla/toolkit/components/url-classifier/src/nsUrlClassifierDBService.cpp,v <-- nsUrlClassifierDBService.cpp new revision: 1.81; previous revision: 1.80 done
Keywords: fixed1.9.0.2
Flags: wanted1.9.0.x? → wanted1.9.0.x+
Product: Firefox → Toolkit
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: