FF99 Audit
General
The audit begins at the commit hash where the previous audit ended. Use code_audit.sh for creating the diff and highlighting potentially problematic code. The audit is scoped to a specific language (currently C/C++, Rust, Java/Kotlin, and Javascript).
The output includes the entire patch where the new problematic code was introduced. Search for XXX MATCH XXX
to find the next potential violation.
code_audit.sh
contains the list of known problematic APIs. New usage of these functions are documented and analyzed in this audit.
https://github.com/mozilla/gecko-dev.git
Firefox:- Start:
99300ebd4a4a6440b6a11a80108f1ed6d867cdb4
(FIREFOX_RELEASE_99_BASE
) - End:
cd4dcd48476d8cb29f4770f6fb659e440ff84345
(FIREFOX_RELEASE_100_BASE
)
Languages:
-
java -
cpp -
js -
rust
Nothing of interest (using code_audit.sh
)
https://github.com/mozilla/application-services.git
Application Services:- Start:
1fcdb5984be6e0cc460d00cde44c49b7e3ac1ec6
(v92.0.0
) - End:
21f2904245a956366cae798e16035156c8232cad
(v93.0.2
)
Languages:
-
java -
cpp -
js -
rust
Nothing of interest (using code_audit.sh
)
https://github.com/mozilla-mobile/android-components.git
Android Components:- Start:
4154c161f0949fdf3e94780c8b5ac360722e909c
(v99.0.0
) - End:
2cf4dbe50f6810d373aeb550e722fabfc6816f56
(v99.0.10
)
Languages:
-
java -
cpp -
js -
rust
Nothing of interest (using code_audit.sh
)
https://github.com/mozilla-mobile/fenix.git
Fenix:- Start:
f4a5a4e471d17be791d73fddc63ebdfb734368e4
(v99.0.0-beta.1
) - End:
2421d3731e49faf5e2b9d3d4aa41bdbf3e81459a
(releases_v99.0.0
)
Languages:
-
java -
cpp -
js -
rust
Nothing of interest (using code_audit.sh
)
Ticket Review
https://bugzilla.mozilla.org/buglist.cgi?query_format=advanced&resolution=FIXED&target_milestone=99%20Branch&order=priority%2Cbug_severity&limit=0
99- https://bugzilla.mozilla.org/show_bug.cgi?id=1755354 @dan tor-browser#41138 (closed)
- https://bugzilla.mozilla.org/show_bug.cgi?id=1637922 @richard tor-browser#41139 (closed)
- https://bugzilla.mozilla.org/show_bug.cgi?id=1751366 @ma1 tor-browser#41140 (closed)
- https://bugzilla.mozilla.org/show_bug.cgi?id=1675054 @dan tor-browser#41141 (closed)
Nothing of interest (manual inspection)
OR (foreach)**
foreach PROBLEMATIC_TICKET:
$(PROBLEMATIC_TICKET)
- Summary
- Review Result: (SAFE|BAD)
Regression/Prior Vuln Review
Review proxy bypass bugs; check for new vectors to look for:
-
https://gitlab.torproject.org/groups/tpo/applications/-/issues?scope=all&utf8=%E2%9C%93&state=opened&label_name[]=Proxy%20Bypass
- Look for new features like these. Especially external app launch vectors
Export
-
Export Report and save to tor-browser-spec/audits