Closed
Bug 566443
Opened 14 years ago
Closed 11 years ago
Make Flash signatures cleaner
Categories
(Socorro :: Webapp, task)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: jruderman, Unassigned)
Details
Topcrash lists are full of things like "F_20680835_________________________________". Please transform these function names to something cleaner like "Flash_20680835", at least when generating signatures.
Reporter | ||
Comment 1•14 years ago
|
||
Some have the form "F1559406643________________________________________", no underscore after the "F".
Comment 2•14 years ago
|
||
It is advantageous for our PDB file obfuscation/deobfuscation algorithm to keep the string before the trailing _'s as short as possible. There will only be at most one _ between the F and the number. The number of _s after the number can vary from 0 to n. Would it be possible for the website that reports this information to include which module that symbol occurs in? Maybe NPSWF32.dll: F_20680835_________________________________ ? It seems like it should just be a matter of printing out another column from a database. If that's not feasible, then how about replacing some of the trailing _'s with "(Flash)".
Comment 3•14 years ago
|
||
Amir, when you're looking at a particular crash report the module is included in the table, e.g. http://crash-stats.mozilla.com/report/index/caea6654-7f0e-4620-bbae-e92b32100518 Amir, are the trailing underscores significant to the deobfuscation algorithm, or can we remove them? I really only want to do this for the signature, and only for Flash, since trailing underscores may be significant in other cases. Perhaps something like s/^(F.*)_+$/\1/
Comment 4•14 years ago
|
||
The number of trailing underscores IS important, but only when we run our deobfuscator on it. We're still working on establishing a fluid work flow with interacting with your site and our deobfuscator, but so far we've been copying the stack from the Raw Dump tab only and sticking it into our deobfuscator. I understand you all have a lot of reporting around it (not just the URL you sent above), so if those reports on the Details tab had underscores truncated, it shouldn't be an issue -- because we don't run our deobfuscator on it anyway -- at least not today.
Comment 5•14 years ago
|
||
Since the number of underscores is relevant to Adobe, I suggest we WONTFIX this bug.
Reporter | ||
Comment 6•14 years ago
|
||
What do the trailing underscores represent? I assumed they were just padding, and stripping the underscores wouldn't cause collisions.
Assignee | ||
Updated•13 years ago
|
Component: Socorro → General
Product: Webtools → Socorro
Updated•13 years ago
|
Component: General → Webapp
Updated•11 years ago
|
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•