[tor-commits] [tor-browser] 32/73: Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp
gitolite role
git at cupani.torproject.org
Mon Aug 22 20:42:51 UTC 2022
This is an automated email from the git hooks/post-receive script.
richard pushed a commit to branch tor-browser-91.13.0esr-11.5-1
in repository tor-browser.
commit 02b1b6c205c5bfa6e3013ea397dc034323815aad
Author: Kathy Brade <brade at pearlcrescent.com>
AuthorDate: Thu Apr 21 10:40:26 2016 -0400
Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp
Instead of using the local computer's IP address within
symlink-based profile lock signatures, always use 127.0.0.1.
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1769028
---
toolkit/profile/nsProfileLock.cpp | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/toolkit/profile/nsProfileLock.cpp b/toolkit/profile/nsProfileLock.cpp
index 28d38c11684e3..d54f2eb0ff5e6 100644
--- a/toolkit/profile/nsProfileLock.cpp
+++ b/toolkit/profile/nsProfileLock.cpp
@@ -307,6 +307,16 @@ nsresult nsProfileLock::LockWithSymlink(nsIFile* aLockFile,
struct in_addr inaddr;
inaddr.s_addr = htonl(INADDR_LOOPBACK);
+ // We still have not loaded the profile, so we may not have proxy information.
+ // Avoiding a DNS lookup in this stage makes sure any proxy is not bypassed.
+ // By default, the lookup is enabled, but when it is not, we use 127.0.0.1
+ // for the IP address portion of the lock signature.
+ // However, this may cause the browser to refuse to start in the rare case
+ // that all of the following conditions are met:
+ // 1. The browser profile is on a network file system.
+ // 2. The file system does not support fcntl() locking.
+ // 3. The browser is run from two different computers at the same time.
+#ifndef MOZ_PROXY_BYPASS_PROTECTION
char hostname[256];
PRStatus status = PR_GetSystemInfo(PR_SI_HOSTNAME, hostname, sizeof hostname);
if (status == PR_SUCCESS) {
@@ -315,6 +325,7 @@ nsresult nsProfileLock::LockWithSymlink(nsIFile* aLockFile,
status = PR_GetHostByName(hostname, netdbbuf, sizeof netdbbuf, &hostent);
if (status == PR_SUCCESS) memcpy(&inaddr, hostent.h_addr, sizeof inaddr);
}
+#endif
mozilla::SmprintfPointer signature =
mozilla::Smprintf("%s:%s%lu", inet_ntoa(inaddr),
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the tor-commits
mailing list