Bug 1447685 Move nsIRandomGenerator creation out of a lock to avoid a deadlock r=keeler

do_GetService("@mozilla.org/security/random-generator;1" may initialize NSS. NSS Initialization occurs on Main Thread only. If we lock on a subthread, then try to initialize NSS, it _might_ be the case that the main thread is blocked on the same lock (same location or a different one.) NSS can't initialize on Main Thread - deadlock. Move do_GetService out of the lock. Now if NSS tries to initialize on a subthread, the main thead can't be blocked (because the subthread hasn't locked anything.) Now, the only statements that occur in locks are pointer asignment, new, memcpy, and randomGenerator->GenerateRandomBytes. MozReview-Commit-ID: 9C1Ok910A11 --HG-- extra : rebase_source : 637ca346a343722bd7a4fc68c4fd43a85916d5a6
2018-03-22 13:09:23 -05:00 · 2018-03-22 13:09:23 -05:00 · f264d40a2e
--- a/toolkit/components/resistfingerprinting/nsRFPService.cpp
+++ b/toolkit/components/resistfingerprinting/nsRFPService.cpp
@ -376,12 +376,12 @@ nsRFPService::RandomMidpoint(long long aClampedTimeUSec,

    // If we don't have a seed, we need to get one.
    if(MOZ_UNLIKELY(!sSecretMidpointSeed)) {
+      nsCOMPtr<nsIRandomGenerator> randomGenerator =
+        do_GetService("@mozilla.org/security/random-generator;1", &rv);
+      if (NS_WARN_IF(NS_FAILED(rv))) { return rv; }
+
      StaticMutexAutoLock lock(sLock);
      if(MOZ_LIKELY(!sSecretMidpointSeed)) {
-        nsCOMPtr<nsIRandomGenerator> randomGenerator =
-            do_GetService("@mozilla.org/security/random-generator;1", &rv);
-        if (NS_WARN_IF(NS_FAILED(rv))) { return rv; }
-
        rv = randomGenerator->GenerateRandomBytes(kSeedSize, &sSecretMidpointSeed);
        if (NS_WARN_IF(NS_FAILED(rv))) { return rv; }
      }