SafeBrowsing V4 protocol use SHA-256 as the checksum to check integrity
of update data and also the integrity of prefix files.
SafeBrowsing V2 HashStore use MD5 as the checksum to check integrity of
.sbstore
Since we are going to use CRC32 as the integrity check of V4 prefix files,
I think rename V4 "checksum" to SHA256 can improve readability.
Differential Revision: https://phabricator.services.mozilla.com/D21460
--HG--
extra : moz-landing-system : lando
SafeBrowsing V4 protocol use SHA-256 as the checksum to check integrity
of update data and also the integrity of prefix files.
SafeBrowsing V2 HashStore use MD5 as the checksum to check integrity of
.sbstore
Since we are going to use CRC32 as the integrity check of V4 prefix files,
I think rename V4 "checksum" to SHA256 can improve readability.
Differential Revision: https://phabricator.services.mozilla.com/D21460
--HG--
extra : moz-landing-system : lando
Sometimes the protocol buffer data (RiceEncodingData) sent by Google's Safe Browsing server has the following properties:
1. |has_first_value| is false
2. |num_entries| > 0
In this case, we can still parse the data and apply partial update correctly by assuming that the first value is equal to 0.
Differential Revision: https://phabricator.services.mozilla.com/D6393
--HG--
extra : moz-landing-system : lando
Manually keeping tabs on the lifetime of these objects is a pain
and is the likely source of some of our crashes. I suspect we might
also be leaking memory.
This change creates an explicit copy of the main array into the
update thread to avoid using a non-thread-safe shared data
structure. This is a shallow copy. Only the pointers to the
TableUpdates are copied, which means one pointer per list (e.g. 5
in total for google4 in a new profile).
MozReview-Commit-ID: 221d6GkKt0M
--HG--
extra : rebase_source : e1b81f11bb9b41e465571a95845079f455b5868e
Add assertions in the functions that don't already test for
mTableUpdate just to be extra-safe.
MozReview-Commit-ID: 8R67SLSgj23
--HG--
extra : rebase_source : 78283eec163d7bf26598d6a7c979878ed0813d32
Repurpose the previously unused Begin() function to initialize
ProtocolParser objects and also assert that we are not reusing
objects across update since that's not supported.
MozReview-Commit-ID: HIGGgOr388h
--HG--
extra : rebase_source : 53398213bf38e582248f1954bbdb46fd53348e40
This is a generalization of the reset code that's used in pver2
to reset all tables when a `pleasereset` command is received.
MozReview-Commit-ID: LF4RegQHqoT
--HG--
extra : rebase_source : 5c100f179a23c805fe245a361f4e89c8d5f5ce0a
Repurpose the previously unused Begin() function to initialize
ProtocolParser objects and also assert that we are not reusing
objects across update since that's not supported.
MozReview-Commit-ID: HIGGgOr388h
--HG--
extra : rebase_source : f9f83b1c7bd79faa40fc1d7cb594dcb14a66fe09
This is a generalization of the reset code that's used in pver2
to reset all tables when a `pleasereset` command is received.
MozReview-Commit-ID: LF4RegQHqoT
--HG--
extra : rebase_source : 5c100f179a23c805fe245a361f4e89c8d5f5ce0a
Given we're no longer using dependent strings in
LookupCacheV4::PrefixString(), we will end up make a copy of the
prefixes at some point. Let's do it early and remove a bunch of
complicated code.
Make the string copies fallible so that we return an error and
fail the update instead of crashing.
MozReview-Commit-ID: 5cZHSDIJSlD
--HG--
extra : rebase_source : 0ad130c2be9caf528bb764296836e91fa8a30916
This also changes a few MOZ_LOG() messages to use the error name
instead of the raw numerical nsresult value.
MozReview-Commit-ID: Jcngd0S9j2z
--HG--
extra : rebase_source : f6e974569d8845211e0b25dabef2c41dda2ca1b6
We have a minimum requirement of VS 2015 for Windows builds, which supports
the z length modifier for format specifiers. So we don't need SizePrintfMacros.h
any more, and can just use %zu and friends directly everywhere.
MozReview-Commit-ID: 6s78RvPFMzv
--HG--
extra : rebase_source : 009ea39eb4dac1c927aa03e4f97d8ab673de8a0e
All the instances are converted as follows.
- nsSubstring --> nsAString
- nsCSubstring --> nsACString
--HG--
extra : rebase_source : cfd2238c52e3cb4d13e3bd5ddb80ba6584ab6d91
This change avoids lots of false positives for Coverity's CHECKED_RETURN
warning, caused by NS_WARN_IF's current use in both statement-style and
expression-style.
In the case where the code within the NS_WARN_IF has side-effects, I made the
following change.
> NS_WARN_IF(NS_FAILED(FunctionWithSideEffects()));
> -->
> Unused << NS_WARN_IF(NS_FAILED(FunctionWithSideEffects()));
In the case where the code within the NS_WARN_IF lacks side-effects, I made the
following change.
> NS_WARN_IF(!condWithoutSideEffects);
> -->
> NS_WARNING_ASSERTION(condWithoutSideEffects, "msg");
This has two improvements.
- The condition is not evaluated in non-debug builds.
- The sense of the condition is inverted to the familiar "this condition should
be true" sense used in assertions.
A common variation on the side-effect-free case is the following.
> nsresult rv = Fn();
> NS_WARN_IF_(NS_FAILED(rv));
> -->
> DebugOnly<nsresult rv> = Fn();
> NS_WARNING_ASSERTION(NS_SUCCEEDED(rv), "Fn failed");
--HG--
extra : rebase_source : 58788245021096efa8372a9dc1d597a611d45611