[tor-commits] [tor-browser] 31/72: Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp

gitolite role git at cupani.torproject.org
Fri Jul 8 22:29:16 UTC 2022 

This is an automated email from the git hooks/post-receive script.

richard pushed a commit to branch tor-browser-91.11.0esr-11.5-1
in repository tor-browser.

commit 7f57aea0668ea0189691b5ce26526017c0133f1c
Author: Kathy Brade <brade at pearlcrescent.com>
AuthorDate: Thu Apr 21 10:40:26 2016 -0400

    Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp
    
    Instead of using the local computer's IP address within
    symlink-based profile lock signatures, always use 127.0.0.1.
    
    Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1769028
---
 toolkit/profile/nsProfileLock.cpp | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/toolkit/profile/nsProfileLock.cpp b/toolkit/profile/nsProfileLock.cpp
index 28d38c11684e3..d54f2eb0ff5e6 100644
--- a/toolkit/profile/nsProfileLock.cpp
+++ b/toolkit/profile/nsProfileLock.cpp
@@ -307,6 +307,16 @@ nsresult nsProfileLock::LockWithSymlink(nsIFile* aLockFile,
   struct in_addr inaddr;
   inaddr.s_addr = htonl(INADDR_LOOPBACK);
 
+  // We still have not loaded the profile, so we may not have proxy information.
+  // Avoiding a DNS lookup in this stage makes sure any proxy is not bypassed.
+  // By default, the lookup is enabled, but when it is not, we use 127.0.0.1
+  // for the IP address portion of the lock signature.
+  // However, this may cause the browser to refuse to start in the rare case
+  // that all of the following conditions are met:
+  //   1. The browser profile is on a network file system.
+  //   2. The file system does not support fcntl() locking.
+  //   3. The browser is run from two different computers at the same time.
+#ifndef MOZ_PROXY_BYPASS_PROTECTION
   char hostname[256];
   PRStatus status = PR_GetSystemInfo(PR_SI_HOSTNAME, hostname, sizeof hostname);
   if (status == PR_SUCCESS) {
@@ -315,6 +325,7 @@ nsresult nsProfileLock::LockWithSymlink(nsIFile* aLockFile,
     status = PR_GetHostByName(hostname, netdbbuf, sizeof netdbbuf, &hostent);
     if (status == PR_SUCCESS) memcpy(&inaddr, hostent.h_addr, sizeof inaddr);
   }
+#endif
 
   mozilla::SmprintfPointer signature =
       mozilla::Smprintf("%s:%s%lu", inet_ntoa(inaddr),

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.

More information about the tor-commits mailing list