LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 03-23-2010, 07:28 AM   #181
GazL
Senior Member
 
Registered: May 2008
Posts: 3,425

Rep: Reputation: 937Reputation: 937Reputation: 937Reputation: 937Reputation: 937Reputation: 937Reputation: 937Reputation: 937

Thanks for keeping us informed win32sux. Your efforts on this and the kernel vulnerabilities thread are very much appreciated.


From what I read, it looks like the error is in the parsing of downloadable WOFF format fonts, so in theory going into about:config and changing gfx.downloadable_fonts.enabled to false sounds like it would have mitigated the "remote" aspects of this vulnerability. If anyone is waiting for their distro to get the fix out, then you may want to consider doing this. (Actually, I think I'm gonna leave this disabled even though I'm now running 3.6.2).

Pity no one at secunia or mozilla thought to inform people about such a simple mitigation action.
 
1 members found this post helpful.
Old 03-23-2010, 05:21 PM   #182
catilley1092
Member
 
Registered: Aug 2009
Location: East Coast, USA
Distribution: Linux Mint "Mate" x64 (primary OS), Win 7/8 x64, XP Home/Pro x32.
Posts: 61

Rep: Reputation: 17
Finally, Firefox 3.6.2 has been released, I have it. Hopefully it will address some of the concerns here. I apologize to anyone who may have been offended by my previous posts, but I was only going by what I was told the first time that I installed Linux. No viruses, malware, and no worries. Mabye I need to do some studying on this issue, but at the same time, no one should be saying that with Linux, you have nothing to fear. That is still being repeated to this day.
 
Old 03-23-2010, 11:02 PM   #183
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by GazL View Post
Thanks for keeping us informed win32sux. Your efforts on this and the kernel vulnerabilities thread are very much appreciated.
You (and anyone else who reads these threads) are most welcome!

Quote:
Originally Posted by catilley1092 View Post
Finally, Firefox 3.6.2 has been released, I have it. Hopefully it will address some of the concerns here. I apologize to anyone who may have been offended by my previous posts, but I was only going by what I was told the first time that I installed Linux. No viruses, malware, and no worries. Mabye I need to do some studying on this issue, but
The virus threat to GNU/Linux is indeed extremely lower than with Windows there's absolutely no doubt about that, but it's beside the point. With arbitrary code execution vulnerabilities, the bad guys with the exploits are able to execute pretty much anything they wish on your box if you're attacked. Think about that for a second, pretty much anything they wish. The damage they can cause is limited only by their skills/abilities and your security posture. The implications of that are huge, to include code which can do anything ranging from data destruction to identity theft and worse. This is true on any generic OS, and it's important that LQSEC serve as a place to encourage proactive defense against such threats.

Quote:
at the same time, no one should be saying that with Linux, you have nothing to fear. That is still being repeated to this day.
Unfortunately, you're absolutely correct some people do believe and proclaim things of that nature. I would like to think that it's mainly newcomers, though specifically, those who have been encouraged to try GNU/Linux by misguided individuals. From that perspective, it's not really their fault, and perhaps they just need time in order to realize that there's plenty of security threats to go around, regardless of the OS you use. If I could offer you a suggestion, it would be to browse through unSpawn's Security references thread. However, instead of looking to learn how to use the tools listed there, go at it from a different angle: study the specific vulnerabilities which the tools are designed to mitigate.

Last edited by win32sux; 03-23-2010 at 11:29 PM.
 
2 members found this post helpful.
Old 03-24-2010, 01:05 AM   #184
catilley1092
Member
 
Registered: Aug 2009
Location: East Coast, USA
Distribution: Linux Mint "Mate" x64 (primary OS), Win 7/8 x64, XP Home/Pro x32.
Posts: 61

Rep: Reputation: 17
win32sux, thanks for letting me know that I'm not 100% safe on a computer, regardless of the OS. Linux and Mac users swears by this. I did click onto the link "arbitrary code execution", it led to a Wikipedia article that described it in detail. When I made my initial posts regarding this, the thought of it caught me off guard and I became entangled with defending FF, without looking up anything. I do apologize, it's my bad for assuming something didn't exist w/o at least researching it. I use Linux Mint 8 and Windows 7 Pro. Both OS's have their merits. I'm a VIP member of a Windows 7 forum, and this issue never once came up on the forum. Most security related issues do. Like myself, there are a few Linux users on the forum who prefers speed and security over scanning and scanning for viruses and malware. Although I normally use Mint for the sheer speed (virus and malware protection comes at a price, your speed), I have to use Windows to print and for my grandaughter to play games on. But I have learned from this, and the next time I hear of a threat like this, I'll switch browsers until the issue is resolved. I proudly accept the warning that was issued to me as a lesson learned, with no hard feelings toward anyone.
 
1 members found this post helpful.
Old 03-24-2010, 11:15 AM   #185
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269
Quote:
Originally Posted by catilley1092 View Post
Mabye I need to do some studying on this issue, but at the same time, no one should be saying that with Linux, you have nothing to fear. That is still being repeated to this day.
I'd say that if you configure it right and do upgrade when needed, you have little to fear. I don't think that there can ever be a 100% secure OS, not even with SELinux (which I don't like), so don't expect it.
 
Old 03-30-2010, 09:41 PM   #186
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Firefox 3.0.19 and 3.5.9 have been released.

They include fixes for several security vulnerabilities, most of which are rated as Critical.
 
Old 03-31-2010, 11:17 PM   #187
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
FWIW, Secunia issued advisories today pertaining to the aforementioned releases: 3.0.x and 3.5.x.
 
Old 04-01-2010, 09:00 PM   #188
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Firefox 3.6.3 has been released.

It addresses a security vulnerability rated as Critical.
 
Old 04-02-2010, 04:20 AM   #189
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269
Quote:
Originally Posted by win32sux View Post
Firefox 3.6.3 has been released.

It addresses a security vulnerability rated as Critical.
That's great, and on April Fools, I hope this isn't a joke, but they forgot to put the source code on there, which prevents me from upgrading ...
 
Old 04-02-2010, 05:35 AM   #190
GazL
Senior Member
 
Registered: May 2008
Posts: 3,425

Rep: Reputation: 937Reputation: 937Reputation: 937Reputation: 937Reputation: 937Reputation: 937Reputation: 937Reputation: 937
Quote:
Originally Posted by H_TeXMeX_H View Post
That's great, and on April Fools, I hope this isn't a joke, but they forgot to put the source code on there, which prevents me from upgrading ...
Yep you're quite right ftp.mozilla.org/pub/firefox/releases/3.6.3/source is AWOL.
 
Old 04-02-2010, 01:48 PM   #191
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Wow, I didn't know the source code was pending. I did try to take a look at the relevant bug report in order to determine whether it affected the GNU/Linux version, but it's not publicly accessible.

EDIT: Just checked and it looks like the source was uploaded today.

Last edited by win32sux; 04-02-2010 at 01:51 PM.
 
Old 04-03-2010, 01:19 AM   #192
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Secunia issued an advisory today pertaining to the vulnerability present in Firefox 3.6.2.

The relevant bug report remains inaccessible to me at this time.

FWIW, here's the diff between 3.6.2 and 3.6.3:
Code:
diff -Naur ./mozilla-1.9.2.old/browser/config/version.txt ./mozilla-1.9.2/browser/config/version.txt
--- ./mozilla-1.9.2.old/browser/config/version.txt	2010-03-16 02:57:31.000000000 -0700
+++ ./mozilla-1.9.2/browser/config/version.txt	2010-04-02 09:03:19.000000000 -0700
@@ -1 +1 @@
-3.6.2
+3.6.3
diff -Naur ./mozilla-1.9.2.old/config/milestone.txt ./mozilla-1.9.2/config/milestone.txt
--- ./mozilla-1.9.2.old/config/milestone.txt	2010-03-16 02:57:31.000000000 -0700
+++ ./mozilla-1.9.2/config/milestone.txt	2010-04-02 09:03:19.000000000 -0700
@@ -10,4 +10,4 @@
 # hardcoded milestones in the tree from these two files.
 #--------------------------------------------------------
 
-1.9.2.2
+1.9.2.3
diff -Naur ./mozilla-1.9.2.old/content/base/src/nsContentUtils.cpp ./mozilla-1.9.2/content/base/src/nsContentUtils.cpp
--- ./mozilla-1.9.2.old/content/base/src/nsContentUtils.cpp	2010-03-16 02:54:00.000000000 -0700
+++ ./mozilla-1.9.2/content/base/src/nsContentUtils.cpp	2010-04-02 09:02:18.000000000 -0700
@@ -1302,7 +1302,7 @@
     return NS_ERROR_NOT_AVAILABLE;
   }
 
-  return sXPConnect->ReparentScopeAwareWrappers(cx, oldScopeObj, newScopeObj);
+  return sXPConnect->MoveWrappers(cx, oldScopeObj, newScopeObj);
 }
 
 nsIDocShell *
diff -Naur ./mozilla-1.9.2.old/content/html/document/src/nsHTMLContentSink.cpp ./mozilla-1.9.2/content/html/document/src/nsHTMLContentSink.cpp
--- ./mozilla-1.9.2.old/content/html/document/src/nsHTMLContentSink.cpp	2010-03-16 02:54:10.000000000 -0700
+++ ./mozilla-1.9.2/content/html/document/src/nsHTMLContentSink.cpp	2010-04-02 09:02:19.000000000 -0700
@@ -179,6 +179,7 @@
 
   // nsISupports
   NS_DECL_ISUPPORTS_INHERITED
+  NS_DECL_CYCLE_COLLECTION_CLASS_INHERITED(HTMLContentSink, nsContentSink)
 
   // nsIContentSink
   NS_IMETHOD WillParse(void);
@@ -232,15 +233,15 @@
                      void* aThis);
 #endif
 
-  nsIHTMLDocument* mHTMLDocument;
+  nsCOMPtr<nsIHTMLDocument> mHTMLDocument;
 
   // The maximum length of a text run
   PRInt32 mMaxTextRun;
 
-  nsGenericHTMLElement* mRoot;
-  nsGenericHTMLElement* mBody;
+  nsRefPtr<nsGenericHTMLElement> mRoot;
+  nsRefPtr<nsGenericHTMLElement> mBody;
   nsRefPtr<nsGenericHTMLElement> mFrameset;
-  nsGenericHTMLElement* mHead;
+  nsRefPtr<nsGenericHTMLElement> mHead;
 
   nsRefPtr<nsGenericHTMLElement> mCurrentForm;
 
@@ -1535,12 +1536,6 @@
 
 HTMLContentSink::~HTMLContentSink()
 {
-  NS_IF_RELEASE(mHead);
-  NS_IF_RELEASE(mBody);
-  NS_IF_RELEASE(mRoot);
-
-  NS_IF_RELEASE(mHTMLDocument);
-
   if (mNotificationTimer) {
     mNotificationTimer->Cancel();
   }
@@ -1578,18 +1573,45 @@
   }
 }
 
+NS_IMPL_CYCLE_COLLECTION_CLASS(HTMLContentSink)
+
+NS_IMPL_CYCLE_COLLECTION_UNLINK_BEGIN_INHERITED(HTMLContentSink, nsContentSink)
+  NS_IMPL_CYCLE_COLLECTION_UNLINK_NSCOMPTR(mHTMLDocument)
+  NS_IMPL_CYCLE_COLLECTION_UNLINK_NSCOMPTR(mRoot)
+  NS_IMPL_CYCLE_COLLECTION_UNLINK_NSCOMPTR(mBody)
+  NS_IMPL_CYCLE_COLLECTION_UNLINK_NSCOMPTR(mFrameset)
+  NS_IMPL_CYCLE_COLLECTION_UNLINK_NSCOMPTR(mHead)
+  NS_IMPL_CYCLE_COLLECTION_UNLINK_NSCOMPTR(mCurrentForm)
+  for (PRUint32 i = 0; i < NS_ARRAY_LENGTH(tmp->mNodeInfoCache); ++i) {
+    NS_IF_RELEASE(tmp->mNodeInfoCache[i]);
+  }
+NS_IMPL_CYCLE_COLLECTION_UNLINK_END
+NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN_INHERITED(HTMLContentSink,
+                                                  nsContentSink)
+  NS_IMPL_CYCLE_COLLECTION_TRAVERSE_NSCOMPTR(mHTMLDocument)
+  NS_IMPL_CYCLE_COLLECTION_TRAVERSE_NSCOMPTR(mRoot)
+  NS_IMPL_CYCLE_COLLECTION_TRAVERSE_NSCOMPTR(mBody)
+  NS_IMPL_CYCLE_COLLECTION_TRAVERSE_NSCOMPTR(mFrameset)
+  NS_IMPL_CYCLE_COLLECTION_TRAVERSE_NSCOMPTR(mHead)
+  NS_IMPL_CYCLE_COLLECTION_TRAVERSE_NSCOMPTR(mCurrentForm)
+  for (PRUint32 i = 0; i < NS_ARRAY_LENGTH(tmp->mNodeInfoCache); ++i) {
+    NS_CYCLE_COLLECTION_NOTE_EDGE_NAME(cb, "mNodeInfoCache[i]");
+    cb.NoteXPCOMChild(tmp->mNodeInfoCache[i]);
+  }
+NS_IMPL_CYCLE_COLLECTION_TRAVERSE_END
+
+NS_INTERFACE_TABLE_HEAD_CYCLE_COLLECTION_INHERITED(HTMLContentSink)
+  NS_INTERFACE_TABLE_BEGIN
+    NS_INTERFACE_TABLE_ENTRY(HTMLContentSink, nsIContentSink)
+    NS_INTERFACE_TABLE_ENTRY(HTMLContentSink, nsIHTMLContentSink)
 #if DEBUG
-NS_IMPL_ISUPPORTS_INHERITED3(HTMLContentSink,
-                             nsContentSink,
-                             nsIContentSink,
-                             nsIHTMLContentSink,
-                             nsIDebugDumpContent)
-#else
-NS_IMPL_ISUPPORTS_INHERITED2(HTMLContentSink,
-                             nsContentSink,
-                             nsIContentSink,
-                             nsIHTMLContentSink)
+    NS_INTERFACE_TABLE_ENTRY(HTMLContentSink, nsIDebugDumpContent)
 #endif
+  NS_INTERFACE_TABLE_END
+NS_INTERFACE_TABLE_TAIL_INHERITING(nsContentSink)
+
+NS_IMPL_ADDREF_INHERITED(HTMLContentSink, nsContentSink)
+NS_IMPL_RELEASE_INHERITED(HTMLContentSink, nsContentSink)
 
 static PRBool
 IsScriptEnabled(nsIDocument *aDoc, nsIDocShell *aContainer)
@@ -1643,7 +1665,7 @@
 
   aDoc->AddObserver(this);
   mIsDocumentObserver = PR_TRUE;
-  CallQueryInterface(aDoc, &mHTMLDocument);
+  mHTMLDocument = do_QueryInterface(aDoc);
 
   mObservers = nsnull;
   nsIParserService* service = nsContentUtils::GetParserService();
@@ -1687,7 +1709,7 @@
     // If the document already has a root we'll use it. This will
     // happen when we do document.open()/.write()/.close()...
 
-    NS_ADDREF(mRoot = static_cast<nsGenericHTMLElement*>(doc_root));
+    mRoot = static_cast<nsGenericHTMLElement*>(doc_root);
   } else {
     mRoot = NS_NewHTMLHtmlElement(nodeInfo);
     if (!mRoot) {
@@ -1695,7 +1717,6 @@
       MOZ_TIMER_STOP(mWatch);
       return NS_ERROR_OUT_OF_MEMORY;
     }
-    NS_ADDREF(mRoot);
 
     NS_ASSERTION(mDocument->GetChildCount() == 0,
                  "Document should have no kids here!");
@@ -1714,7 +1735,6 @@
     MOZ_TIMER_STOP(mWatch);
     return NS_ERROR_OUT_OF_MEMORY;
   }
-  NS_ADDREF(mHead);
 
   mRoot->AppendChildTo(mHead, PR_FALSE);
 
@@ -2040,8 +2060,6 @@
 
   mBody = mCurrentContext->mStack[mCurrentContext->mStackPos - 1].mContent;
 
-  NS_ADDREF(mBody);
-
   MOZ_TIMER_DEBUGLOG(("Stop: nsHTMLContentSink::OpenBody()\n"));
   MOZ_TIMER_STOP(mWatch);
 
diff -Naur ./mozilla-1.9.2.old/.hgtags ./mozilla-1.9.2/.hgtags
--- ./mozilla-1.9.2.old/.hgtags	2010-03-16 02:57:33.000000000 -0700
+++ ./mozilla-1.9.2/.hgtags	2010-04-02 09:03:21.000000000 -0700
@@ -49,3 +49,13 @@
 cd857b3b0e33449cd97b98c00c058aa147171114 FIREFOX_3_6_2_BUILD3
 827a6883442f5bd110e66616fc86df732b05b2d6 FIREFOX_3_6_2_RELEASE
 cd857b3b0e33449cd97b98c00c058aa147171114 FIREFOX_3_6_2_RELEASE
+f14062c981ba6e70ebc85f751f5f38fa41de732d FIREFOX_3_6_2_BUILD1
+d6e028dc1b68ed3e716fbc2d5ca3ea52e4f9409a FIREFOX_3_6_2_BUILD1
+cd857b3b0e33449cd97b98c00c058aa147171114 FIREFOX_3_6_2_RELEASE
+d6e028dc1b68ed3e716fbc2d5ca3ea52e4f9409a FIREFOX_3_6_2_RELEASE
+28ef231a65a3b4de825a1071a2b1b21e94cd6959 FIREFOX_3_6_3_BUILD1
+28ef231a65a3b4de825a1071a2b1b21e94cd6959 FIREFOX_3_6_3_RELEASE
+d6e028dc1b68ed3e716fbc2d5ca3ea52e4f9409a FIREFOX_3_6_2_BUILD1
+f14062c981ba6e70ebc85f751f5f38fa41de732d FIREFOX_3_6_2_BUILD1
+d6e028dc1b68ed3e716fbc2d5ca3ea52e4f9409a FIREFOX_3_6_2_RELEASE
+f14062c981ba6e70ebc85f751f5f38fa41de732d FIREFOX_3_6_2_RELEASE
diff -Naur ./mozilla-1.9.2.old/js/src/config/milestone.txt ./mozilla-1.9.2/js/src/config/milestone.txt
--- ./mozilla-1.9.2.old/js/src/config/milestone.txt	2010-03-16 02:57:31.000000000 -0700
+++ ./mozilla-1.9.2/js/src/config/milestone.txt	2010-04-02 09:03:19.000000000 -0700
@@ -10,4 +10,4 @@
 # hardcoded milestones in the tree from these two files.
 #--------------------------------------------------------
 
-1.9.2.2
+1.9.2.3
diff -Naur ./mozilla-1.9.2.old/js/src/xpconnect/idl/nsIXPConnect.idl ./mozilla-1.9.2/js/src/xpconnect/idl/nsIXPConnect.idl
--- ./mozilla-1.9.2.old/js/src/xpconnect/idl/nsIXPConnect.idl	2010-03-16 02:55:57.000000000 -0700
+++ ./mozilla-1.9.2/js/src/xpconnect/idl/nsIXPConnect.idl	2010-04-02 09:02:30.000000000 -0700
@@ -620,9 +620,9 @@
                                  in JSObjectPtr  aNewParent,
                                  in nsISupports  aCOMObj);
     void
-    reparentScopeAwareWrappers(in JSContextPtr aJSContext,
-                               in JSObjectPtr  aOldScope,
-                               in JSObjectPtr  aNewScope);
+    moveWrappers(in JSContextPtr aJSContext,
+                 in JSObjectPtr  aOldScope,
+                 in JSObjectPtr  aNewScope);
 
     void clearAllWrappedNativeSecurityPolicies();
 
diff -Naur ./mozilla-1.9.2.old/js/src/xpconnect/src/nsXPConnect.cpp ./mozilla-1.9.2/js/src/xpconnect/src/nsXPConnect.cpp
--- ./mozilla-1.9.2.old/js/src/xpconnect/src/nsXPConnect.cpp	2010-03-16 02:55:57.000000000 -0700
+++ ./mozilla-1.9.2/js/src/xpconnect/src/nsXPConnect.cpp	2010-04-02 09:02:30.000000000 -0700
@@ -1465,11 +1465,11 @@
     return JS_DHASH_NEXT;
 }
 
-/* void reparentScopeAwareWrappers(in JSContextPtr aJSContext, in JSObjectPtr  aOldScope, in JSObjectPtr  aNewScope); */
+/* void moveWrappers(in JSContextPtr aJSContext, in JSObjectPtr  aOldScope, in JSObjectPtr  aNewScope); */
 NS_IMETHODIMP
-nsXPConnect::ReparentScopeAwareWrappers(JSContext *aJSContext,
-                                        JSObject *aOldScope,
-                                        JSObject *aNewScope)
+nsXPConnect::MoveWrappers(JSContext *aJSContext,
+                          JSObject *aOldScope,
+                          JSObject *aNewScope)
 {
     XPCCallContext ccx(NATIVE_CALLER, aJSContext);
     if(!ccx.IsValid())
@@ -1537,24 +1537,29 @@
         if(NS_FAILED(rv))
             return rv;
 
-        if(newParent != aOldScope)
+        if(newParent == aOldScope)
         {
-            // The wrapper returned a new parent. If the new parent is in
-            // a different scope, then we need to reparent it, otherwise,
-            // the old scope is fine.
-
-            XPCWrappedNativeScope *betterScope =
-                XPCWrappedNativeScope::FindInJSObjectScope(ccx, newParent);
-            if(betterScope == oldScope)
-                continue;
-
-            NS_ASSERTION(betterScope == newScope, "Weird scope returned");
+            // The old scope still works for this wrapper. We have to assume
+            // that the wrapper will continue to return the old scope from
+            // PreCreate, so don't move it.
+            continue;
         }
-        else
+
+        // The wrapper returned a new parent. If the new parent is in
+        // a different scope, then we need to reparent it, otherwise,
+        // the old scope is fine.
+
+        XPCWrappedNativeScope *betterScope =
+            XPCWrappedNativeScope::FindInJSObjectScope(ccx, newParent);
+        if(betterScope == oldScope)
         {
-            // The old scope still works for this wrapper.
-            continue;
+            // The wrapper asked for a different object, but that object
+            // was in the same scope. We assume here that the new parent
+            // simply hasn't been reparented yet.
+            newParent = nsnull;
         }
+        else
+            NS_ASSERTION(betterScope == newScope, "Weird scope returned");
 
         // Now, reparent the wrapper, since we know that it wants to be
         // reparented.
diff -Naur ./mozilla-1.9.2.old/js/src/xpconnect/src/xpcwrappednative.cpp ./mozilla-1.9.2/js/src/xpconnect/src/xpcwrappednative.cpp
--- ./mozilla-1.9.2.old/js/src/xpconnect/src/xpcwrappednative.cpp	2010-03-16 02:55:57.000000000 -0700
+++ ./mozilla-1.9.2/js/src/xpconnect/src/xpcwrappednative.cpp	2010-04-02 09:02:30.000000000 -0700
@@ -1465,8 +1465,11 @@
     {
         flat = cache->GetWrapper();
         if(flat && !IS_SLIM_WRAPPER(flat))
+        {
             wrapper = static_cast<XPCWrappedNative*>(xpc_GetJSPrivate(flat));
-        
+            NS_ASSERTION(wrapper->GetScope() == aOldScope,
+                         "Incorrect scope passed");
+        }
     }
     else
     {
@@ -1610,10 +1613,8 @@
 
     // Now we can just fix up the parent and return the wrapper
 
-    if(!JS_SetParent(ccx, flat, aNewParent))
-    {
+    if(aNewParent && !JS_SetParent(ccx, flat, aNewParent))
         return NS_ERROR_FAILURE;
-    }
 
     *aWrapper = nsnull;
     wrapper.swap(*aWrapper);

Last edited by win32sux; 04-03-2010 at 08:57 PM.
 
1 members found this post helpful.
Old 04-03-2010, 08:01 AM   #193
GazL
Senior Member
 
Registered: May 2008
Posts: 3,425

Rep: Reputation: 937Reputation: 937Reputation: 937Reputation: 937Reputation: 937Reputation: 937Reputation: 937Reputation: 937
Quote:
Originally Posted by win32sux View Post
Secunia issued an advisory today pertaining to the Firefox 3.6.3 release.
Your wording was a little misleading there. "advisory pertaining to Firefox 3.6.3" suggests that they are advising of an issue with 3.6.3

The advisory you linked states that the solution is to update to 3.6.3, which suggests that it's a 3.6.2 (and possibly earlier) issue.
 
Old 04-03-2010, 08:58 PM   #194
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by GazL View Post
Your wording was a little misleading there. "advisory pertaining to Firefox 3.6.3" suggests that they are advising of an issue with 3.6.3

The advisory you linked states that the solution is to update to 3.6.3, which suggests that it's a 3.6.2 (and possibly earlier) issue.
Agreed. Fixed, and made a mental note for next time. Thanks!

Last edited by win32sux; 04-03-2010 at 09:06 PM.
 
Old 04-09-2010, 09:06 AM   #195
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Lightbulb Plugging the CSS History Leak

I pretty much ignored this post when I saw it originally, but in retrospect it does seem like it's pertinent enough to be discussed here in this thread. Personally, I find it quite refreshing whenever Mozilla is proactive like this. I just hope the unintended, negative consequences will be minimal.
Quote:
Were close to landing some changes in the Firefox development tree that will fix a privacy leak that browsers have been struggling with for some time. Were really excited about this fix, we hope other browsers will follow suit. Its a tough problem to fix, though, so Id like to describe how we ended up with this approach.
Complete Post
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Mozilla Thunderbird to Find New Home as Mozilla Foundation Focuses on Mozilla Firefox LXer Syndicated Linux News 0 07-27-2007 09:16 AM
LXer: Mozilla Firefox 1.5.0.8 and Mozilla Thunderbird 1.5.0.8 Released LXer Syndicated Linux News 0 11-09-2006 05:21 PM
LXer: Mozilla Corporation Signs Mozilla Firefox Distribution Deal with RealNetworks LXer Syndicated Linux News 0 08-03-2006 03:21 PM
LXer: Mozilla Firefox and Mozilla Thunderbird 1.5.0.5 Community Test Day LXer Syndicated Linux News 0 07-14-2006 08:54 AM
Mozilla flaws could allow attacks, data access into Firefox & Mozilla web browsers! t3gah Linux - Security 6 04-09-2006 04:00 AM


All times are GMT -5. The time now is 05:27 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration