Opened 3 years ago

Closed 3 years ago

#19976 closed defect (fixed)

HTTPS Everywhere tries to load a library with an empty name

Reported by: boklm Owned by: jsha
Priority: Medium Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version:
Severity: Normal Keywords: TorBrowserTeam201608
Cc: mcs, legind Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

The NSS.initialize function, called from src/components/ssl-observatory.js with an empty argument, is trying to load a library with an empty name.

This is possibly causing a DLL hijacking vulnerability in Tor Browser (see #12736).

Child Tickets

Attachments (1)

0001-Bug-19976-don-t-try-to-load-a-library-with-an-empty-.patch (1.6 KB) - added by boklm 3 years ago.

Download all attachments as: .zip

Change History (6)

comment:1 Changed 3 years ago by boklm

I attached a patch that should fix this.

comment:2 Changed 3 years ago by mcs

Cc: mcs added

comment:3 Changed 3 years ago by gk

Cc: legind added
Status: newneeds_review

comment:4 Changed 3 years ago by gk

Keywords: TorBrowserTeam201608 added

comment:5 Changed 3 years ago by legind

Resolution: fixed
Status: needs_reviewclosed

A new release of HTTPS Everywhere has been made, v 5.2.3, which fixes this bug. I've tested on Tor Browser, and it looks to be updating to the latest. Thank you for reporting and for your patch.

Note: See TracTickets for help on using tickets.