# General

The audit begins at the commit hash where the previous audit ended. Use code_audit.sh for creating the diff and highlighting potentially problematic code. The audit is scoped to a specific language (currently C/C++, Rust, Java/Kotlin, and Javascript).

The output includes the entire patch where the new problematic code was introduced. Search for `XXX MATCH XXX` to find the next potential violation.

`code_audit.sh` contains the list of known problematic APIs. New usage of these functions are documented and analyzed in this audit.

## Firefox: https://github.com/mozilla/gecko-dev.git

- Start:  tor-browser@dedee7a8c6cbabc80294733634360f6fbeeeadc0  ( `FIREFOX_120_0_RELEASE` )
- End:  tor-browser@a32b8662993085139ac91212a297123b632fc1c0 ( `FIREFOX_121_0_RELEASE` )

### Languages:
- [x] java
- [x] cpp
- [x] js
- [x] rust

#### 1add9d4c13a6493e670d01b38f4eb839c53bf1ba
- Mozilla 1815739: Support using Firefox as default PDF reader on Android
- https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43159
- Review Result: SAFE

#### a6562d5849a78c58340bb3d9b975f1208db4401d
- Mozilla 1852340: Implement a new "report broken site" feature for desktop Firefox
- https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43160
- Review Result: SAFE
