Closed
Bug 829268
Opened 11 years ago
Closed 11 years ago
Windows 8 Metro Firefox Sec Review: review command execution handler
Categories
(mozilla.org :: Security Assurance, task)
mozilla.org
Security Assurance
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: curtisk, Assigned: dchanm+bugzilla)
References
Details
Action item from review to review the command execution handler
Reporter | ||
Updated•11 years ago
|
Priority: P4 → --
Assignee | ||
Comment 1•11 years ago
|
||
Jim: Where in the elm branch would I find the code for the command execution handler? Is it under browser/metro or another directory? https://hg.mozilla.org/projects/elm/summary
Flags: needinfo?(jmathies)
Comment 2•11 years ago
|
||
here ya go: http://mxr.mozilla.org/projects-central/source/elm/browser/metro/shell/commandexecutehandler/
Flags: needinfo?(jmathies)
Assignee | ||
Comment 3•11 years ago
|
||
Sorry for the delay :jimm, I finally got around to looking at the CEH code and it looks okay to me. My one comment is the handling of DX10 mode. The CEH checks the registry for a DX10 key, and falls back to feature detection if this key is not found. [1] There is a corner case where if the system changes, DX10 support may not align with the current hardware support, e.g. adding / removing video card / card drivers. Links and URLs are only handled if Firefox is the default desktop / immersive browser. Desktop Firefox is executed with ShellExecute with the target exe and parameters individually set. This avoids possible command line injections. Metro browser requests go through IApplicationActivationManager to launch / handle the metro browser and its arguments. Injection isn't possible through this interface since you declare the target program through its app model id and arguments are passed as a separate string. I'm going to close off this part of the review as RESOVLED [1] - http://mxr.mozilla.org/projects-central/source/elm/browser/metro/shell/commandexecutehandler/CEHHelper.cpp#61
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•