[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #27427 [Applications/Tor Browser]: [PATCH] Fix NoScript IPC for about:blank by whitelisting messages
#27427: [PATCH] Fix NoScript IPC for about:blank by whitelisting messages
-------------------------------------------------+-------------------------
Reporter: rustybird | Owner:
| arthuredelstein
Type: defect | Status:
| needs_review
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: TorBrowserTeam201809R, | Actual Points:
tbb-8.0.1-can |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by cypherpunks3):
Replying to [comment:8 rustybird]:
> the race much less likely to be "won" by the bug, but not impossible.
Which could mean that it occasionally affects real websites as well.
Hopefully, the patch fixes all of those cases.
Ok. And your fix is to ignore the message? Isn't it evident that there's a
concurrency bug in NoScript that should be fixed? Just quickly skimming
over the code I can see that handling a `fetchChildPolicy` message
involves objects that are mutated (I suppose initialised) in `init`, the
function that sends `started` when completes. Do you see?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27427#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs