Closed Bug 905398 Opened 11 years ago Closed 11 years ago

Data race on nsHttpConnectionInfo::mHashKey

Categories

(Core :: Networking: HTTP, defect)

Product:
Core
Component:
Networking: HTTP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla26

People

(Reporter: bent.mozilla, Assigned: mcmanus)

References

Details

Attachments

(1 file)

bug 905398 set connectioninfo flags in one place
2.64 KB, patch
jduell.mcbugs
: review+
Details | Diff | Splinter Review 
One thread writes:

  xul.dll!SetCharAt - nststringobsolete.cpp:391
  xul.dll!SetAnonymous - nshttpconnectioninfo.h:89
  xul.dll!SetupTransaction - nshttpchannel.cpp:889
  xul.dll!ContinueConnect - nshttpchannel.cpp:497
  xul.dll!Connect - nshttpchannel.cpp:451
  xul.dll!BeginConnect - nshttpchannel.cpp:4673
  xul.dll!OnProxyAvailable - nshttpchannel.cpp:4751
  xul.dll!DoCallback - nsprotocolproxyservice.cpp:224
  xul.dll!OnQueryComplete - nsprotocolproxyservice.cpp:195
  xul.dll!Run - nspacman.cpp:86
  xul.dll!ProcessNextEvent - nsthread.cpp:622
  xul.dll!NS_ProcessNextEvent - nsthreadutils.cpp:238
  xul.dll!Shutdown - nsthread.cpp:463

While another reads:

  xul.dll!CharAt - nststring.h:90
  xul.dll!Clone - nshttpconnectioninfo.cpp:102
  xul.dll!GetOrCreateConnectionEntry - nshttpconnectionmgr.cpp:2487
  xul.dll!OnMsgSpeculativeConnect - nshttpconnectionmgr.cpp:2529
  xul.dll!Run - nshttpconnectionmgr.h:581
  xul.dll!ProcessNextEvent - nsthread.cpp:622
  xul.dll!NS_ProcessNextEvent - nsthreadutils.cpp:238
  xul.dll!Run - nssockettransportservice2.cpp:652
  xul.dll!ProcessNextEvent - nsthread.cpp:622
  xul.dll!NS_ProcessNextEvent - nsthreadutils.cpp:238
  xul.dll!ThreadFunc - nsthread.cpp:250
  nss3.dll!PR_NativeRunThread - pruthr.c:397
  nss3.dll!pr_root - w95thred.c:90

Marking s-s for now because I don't understand the security implications of getting the anonymous/private stuff wrong in these connections.
I don't think there actually is an impact here. the data being written is the data that is already there.

I'll clean it up though.

https://tbpl.mozilla.org/?tree=Try&rev=dfd8071b8c59

        Attachment #792307 -
        Flags: review?(jduell.mcbugs)

    
  
Assignee: nobody → mcmanus

    
  

        Attachment #792307 -
        Flags: review?(jduell.mcbugs) → review+

    
    

    
  
investigation shows this isn't security sensitive
Group: core-security

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/f6d8cd174ec9
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla26

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: