[tbb-bugs] #17931 [Tor Browser]: Tor Browser Hardened Crash
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Dec 30 14:44:02 UTC 2015
#17931: Tor Browser Hardened Crash
-------------------------------------------------+-------------------------
Reporter: pege | Owner: tbb-
Type: defect | team
Priority: Immediate | Status:
Component: Tor Browser | needs_review
Severity: Blocker | Milestone:
Keywords: tbb-hardened, tbb-crash, | Version:
TorBrowserTeam201512R | Resolution:
Parent ID: | Actual Points:
Sponsor: | Points:
-------------------------------------------------+-------------------------
Comment (by mcs):
Replying to [comment:9 arthuredelstein]:
> Great suggestion! Here's a patch that does that instead:
https://github.com/arthuredelstein/tor-browser/commits/17931+1
r=brade, r=mcs
This patch looks good. We also tested it and observed that the crash is
fixed on Mac OS.
> > I also wonder if the call to nsContentUtils::LogMessageToConsole() in
security/sandbox/chromium-shim/sandbox/win/loggingCallbacks.h at line 107
is safe. But maybe Tor Browser does not use that code?
>
> I added a second patch to this branch, just in case.
This also looks good.
> I'm suprised to see how little LogMessageToConsole is used in mozilla-
central. Perhaps it would be safer to change it to a single-argument call
that takes a plain string without format specifiers.
Maybe open a Bugzilla bug? The declaration for that method is misleading
as well because of the use of aMsg instead of a clearer name such as
aFormat:
static void LogMessageToConsole(const char* aMsg, ...);
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17931#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list