FF92/93 Audit
General
The audit begins at the commit hash where the previous audit ended. Use code_audit.sh for creating the diff and highlighting potentially problematic code. The audit is scoped to a specific language (currently C/C++, Rust, Java/Kotlin, and Javascript).
The output includes the entire patch where the new problematic code was introduced. Search for XXX MATCH XXX to find the next potential violation.
code_audit.sh contains the list of known problematic APIs. New usage of these functions are documented and analyzed in this audit.
Firefox: https://github.com/mozilla/gecko-dev.git ( https://hg.mozilla.org/releases/ )
- Start:
be2c584eacac4f7fe827c1d2409399fe13ba614a(FIREFOX_RELEASE_92_BASE) - End:
7ea8b05d021fc8e0194e1b8eb9d37a351c9bdc5f(FIREFOX_RELEASE_93_END)
Languages:
-
java -
cpp -
js -
rust
Nothing of interest (using code_audit.sh)
Application Services: https://github.com/mozilla/application-services.git
- Start:
11f7a4b079c83d37505067bd00e17e96ed52ed64(v82.3.0) - End:
b1f371719ca20db642b64a0e860b4ecb0aaf316f(v86.1.0)
Languages:
-
java -
cpp -
js -
rust
Nothing of interest (using code_audit.sh)
Android Components: https://github.com/mozilla-mobile/android-components.git
- Start:
84553b30da506c656f2a323aed66f8d335fcbf2b - End:
e39f5dba3f9c29b46856d700701f6715adc261c5(v93.0.12)
Languages:
-
java -
cpp -
js -
rust
Nothing of interest (using code_audit.sh)
Fenix: https://github.com/mozilla-mobile/fenix.git
- Start:
9552ae0ab75c81bf72637b27f59031f1d088a7bf - End:
bcd31c22cd5460867092c71382392f13aeb95e64(v93.2.0)
Languages:
-
java -
cpp -
js -
rust
Nothing of interest (using code_audit.sh)
Ticket Review
Review List
92 (https://bugzilla.mozilla.org/buglist.cgi?query_format=advanced&resolution=FIXED&target_milestone=92%20Branch&order=priority%2Cbug_severity&limit=0 )
- https://bugzilla.mozilla.org/show_bug.cgi?id=1226042 : @pierov tor-browser#41116 (closed)
- https://bugzilla.mozilla.org/show_bug.cgi?id=1512851 : @dan tor-browser#41117 (closed)
- https://bugzilla.mozilla.org/show_bug.cgi?id=1714583 : @ma1 tor-browser#41118 (closed)
- https://bugzilla.mozilla.org/show_bug.cgi?id=1721178 : @dan tor-browser#41119 (closed)
- https://bugzilla.mozilla.org/show_bug.cgi?id=1723869 : @boklm tor-browser#41120 (closed)
- https://bugzilla.mozilla.org/show_bug.cgi?id=516362 : @pierov tor-browser#41121 (closed)
93 (https://bugzilla.mozilla.org/buglist.cgi?query_format=advanced&resolution=FIXED&target_milestone=93%20Branch&order=priority%2Cbug_severity&limit=0 )
none!
foreach PROBLEMATIC_TICKET:
$(PROBLEMATIC_TICKET)
- Summary
- Review Result: (SAFE|BAD)
Regression/Prior Vuln Review
Review proxy bypass bugs; check for new vectors to look for:
-
https://gitlab.torproject.org/groups/tpo/applications/-/issues?scope=all&utf8=%E2%9C%93&state=opened&label_name[]=Proxy%20Bypass
- Look for new features like these. Especially external app launch vectors
Export
-
Export Report and save to tor-browser-spec/audits
Edited by morgan