FF115 Audit

General

The audit begins at the commit hash where the previous audit ended. Use code_audit.sh for creating the diff and highlighting potentially problematic code. The audit is scoped to a specific language (currently C/C++, Rust, Java/Kotlin, and Javascript).

The output includes the entire patch where the new problematic code was introduced. Search for XXX MATCH XXX to find the next potential violation.

code_audit.sh contains the list of known problematic APIs. New usage of these functions are documented and analyzed in this audit.

Firefox: https://github.com/mozilla/gecko-dev.git

• Start: b1d2c35b2699a6d77f6a41ae2338d9c370c5172e ( FIREFOX_114_0_2_RELEASE )
• End: e0ccf0a049acc6e0911465c9679d9cae1e026ba2 ( FIREFOX_115_0_2_RELEASE )

Languages:

• java
• cpp
• js
• rust

Nothing of interest (using code_audit.sh)

---

Application Services: https://github.com/mozilla/application-services.git

• Start: 1ce2908f358ade54248faf0b62a994e869f3f3e0 ( no tag 😠 )
• End: 8fbed2280909ff901287ba2b66937be5967cfe07 ( v116.0 )

Languages:

• java
• cpp
• js
• rust

Nothing of interest (using code_audit.sh)

Firefox Android: https://github.com/mozilla-mobile/firefox-android.git

• Start: fa28e4ddf82bedaa65153cbc6bac3ce7d8729ef5
• End: a37ad25ecf5f26cfa0cb0a40d9a850c83710880d

Languages:

• java
• cpp
• js
• rust

Problematic Commits

• Bug 1832069 - Add Google Play install referrer library 3bd103c0ff8bf0257de3929788e0471d2fc305d0
  • tor-browser#42016 (closed)
  • RESOLUTION nothing to do, respects the global remove telemetry disable settings

Ticket Review

Bugzilla Query: https://bugzilla.mozilla.org/buglist.cgi?query_format=advanced&resolution=FIXED&target_milestone=115%20Branch&order=priority%2Cbug_severity&limit=0

Problematic Tickets

• add an Android shortcut to go straight to the login and passwords page https://bugzilla.mozilla.org/show_bug.cgi?id=1810629
  • tor-browser#42012 (closed)
  • RESOLUTION button doesn't do anything for us, but should be removed in the future
• Do not call EmptyClipboard() in nsBaseClipboard destructor https://bugzilla.mozilla.org/show_bug.cgi?id=1834374
  • tor-browser#42013 (closed)
  • RESOLUTION re-implemnted this feature correctly, clipboard is cleared of browser contents on browser exit
• Implement a Remote Settings for the Quarantined Domains pref https://bugzilla.mozilla.org/show_bug.cgi?id=1832791
  • tor-browser#42014 (closed)
• Keep a history window of WebRTC stats for about:webrtc https://bugzilla.mozilla.org/show_bug.cgi?id=1830790
  • tor-browser#42015 (closed)
  • RESOLUTION: nothing to fix, the new feature respects private browsing mode and is disabled by default, we will explicitly disable the pref as security in depth

Export

• Export Report and save to tor-browser-spec/audits