[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #9308 [Firefox Patch Issues]: JavaScript's BrowserFeedWriter() leaks installation paths on OS X and Windows
#9308: JavaScript's BrowserFeedWriter() leaks installation paths on OS X and
Windows
-------------------------------------+-------------------------------------
Reporter: cypherpunks | Owner: mikeperry
Type: defect | Status: needs_review
Priority: critical | Milestone:
Component: Firefox Patch | Version:
Issues | Keywords: tbb-fingerprinting,
Resolution: | tbb-easy, interview,
Actual Points: | GeorgKoppen201404R
Points: | Parent ID:
-------------------------------------+-------------------------------------
Comment (by gk):
Replying to [comment:20 arthuredelstein]:
> Replying to [comment:19 gk]:
> > Replying to [comment:18 arthuredelstein]:
> > > Replying to [comment:17 gk]:
> > > Sorry about that, I mistyped the other example in the comment. It's
fixed now. Try entering
> > > `window.sidebar.addSearchEngine("http://";, "http://";, null, null);`
> > > in the web console of Tor Browser on Mac or Windows.
> >
> > That is fixed on mozilla-central as well, yes!! I've not found the
corresponding bug though, yet. So, strictly speaking we could think about
closing this bug now. :) And maybe look at backporting those patches. Not
sure how difficult this is going to be. Maybe they've fixed those leaks in
a more generic way?
>
> How do you know it's fixed? Did you check on a CROSS_COMPILEd version?
So, for the record: Aurora (30.0a2) gives me the following output:
{{{
[Exception... "addEngine: Error adding engine:
[Exception... "Component returned failure code: 0x804b000a
(NS_ERROR_MALFORMED_URI) [nsIIOService.newChannelFromURI]" nsresult:
"0x804b000a (NS_ERROR_MALFORMED_URI)" location: "JS frame ::
resource://gre/components/nsSearchService.js ::
SRCH_ENG_initFromURIAndLoad :: line 1255" data: no]" nsresult:
"0x80004005 (NS_ERROR_FAILURE)" location: "JS frame ::
resource://gre/components/nsSearchService.js :: FAIL :: line 266" data:
no]
}}}
Using the latest Nightly (31.0a1) I get:
{{{
[Exception... "Unexpected error" nsresult: "0x8000ffff
(NS_ERROR_UNEXPECTED)" location: "JS frame :: debugger eval code ::
<TOP_LEVEL> :: line 1" data: no]
}}}
Even though I did not test that with cross-compiled code I think it is
safe to assume that this specific problem does not pop up there given that
no path at all is leaked in Nightlies anymore.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9308#comment:21>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs