[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [Git][tpo/applications/tor-browser-spec][main] Bug 40054: FF107 Audit

Title: GitLab

richard pushed to branch main at The Tor Project / Applications / tor-browser-spec

Commits:

  • 724a427b
    by Richard Pospesel at 2023-09-11T23:48:58+00:00 
    Bug 40054: FF107 Audit

1 changed file:

Changes:

  • audits/FF107_AUDIT
    1 
    +# General
    2 
    +
    3 
    +The audit begins at the commit hash where the previous audit ended. Use code_audit.sh for creating the diff and highlighting potentially problematic code. The audit is scoped to a specific language (currently C/C++, Rust, Java/Kotlin, and _javascript_).
    4 
    +
    5 
    +The output includes the entire patch where the new problematic code was introduced. Search for `XXX MATCH XXX` to find the next potential violation.
    6 
    +
    7 
    +`code_audit.sh` contains the list of known problematic APIs. New usage of these functions are documented and analyzed in this audit.
    8 
    +
    9 
    +## Firefox: https://github.com/mozilla/gecko-dev.git
    10 
    +
    11 
    +- Start: `ac898d40ded7de23ef22a6f336f2ab1f0bca0d3f` ( `FIREFOX_106_0_5_RELEASE` )
    12 
    +- End:   `1187da3c99c93ad941eea0809d3b2c8f81ac5ccf`  ( `FIREFOX_107_0_1_RELEASE` )
    13 
    +
    14 
    +### Languages:
    15 
    +- [x] java
    16 
    +- [x] cpp
    17 
    +- [x] js
    18 
    +- [x] rust
    19 
    +
    20 
    +Nothing of interest (using `code_audit.sh`)
    21 
    +
    22 
    +---
    23 
    +
    24 
    +## Application Services: https://github.com/mozilla/application-services.git
    25 
    +
    26 
    +- Start: `f1276e45b7c284bc4435896b1d5d09b35f3b295b` ( `v95.0.1` )
    27 
    +- End:   `ce8f1767d991da9d6d26331faecd426210071c7e`  ( `v96.1.0` )
    28 
    +
    29 
    +### Languages:
    30 
    +- [x] java
    31 
    +- [x] cpp
    32 
    +- [x] js
    33 
    +- [x] rust
    34 
    +
    35 
    +Nothing of interest (using `code_audit.sh`)
    36 
    +
    37 
    +## Android Components: https://github.com/mozilla-mobile/android-components.git
    38 
    +
    39 
    +- Start: `1c48533cff068056259e62861344bd8a490a83e7`
    40 
    +- End:   `ff4f1f8ae3c12e6f6e0dcf52f88049ca251470d8`  ( `v107.0.3` )
    41 
    +
    42 
    +### Languages:
    43 
    +- [x] java
    44 
    +- [x] cpp
    45 
    +- [x] js
    46 
    +- [x] rust
    47 
    +
    48 
    +Nothing of interest (using `code_audit.sh`)
    49 
    +
    50 
    +## Fenix: https://github.com/mozilla-mobile/fenix.git
    51 
    +
    52 
    +- Start: `8c088f08d339514ac12732bffdc9bb90540d9337` ( `v107.0b1` )
    53 
    +- End:   `1490acda7e44894c8437cc7fb677d3fba1a711ce`  ( `v107.2.0` )
    54 
    +
    55 
    +### Languages:
    56 
    +- [x] java
    57 
    +- [x] cpp
    58 
    +- [x] js
    59 
    +- [x] rust
    60 
    +
    61 
    +Nothing of interest (using `code_audit.sh`)
    62 
    +
    63 
    +## Ticket Review ##
    64 
    +
    65 
    +Bugzilla Query: `https://bugzilla.mozilla.org/buglist.cgi?query_format=advanced&resolution=FIXED&target_milestone=107%20Branch&order=priority%2Cbug_severity&limit=0`
    66 
    +
    67 
    +where `$(FIREFOX_VERSION)` is the major Firefox version we are auditing (eg: '91')
    68 
    +
    69 
    +Nothing of interest (manual inspection)
    70 
    +
    71 
    +## Export
    72 
    +- [x] Export Report and save to `tor-browser-spec/audits`
    \ No newline at end of file


    • View it on GitLab.
    You're receiving this email because of your account on gitlab.torproject.org. Manage all notifications · Help 

    _______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits