Bug 1425462 Do not use crypto functions if NSS is not initialized
Doing so caused nearly every xpcshell test to fail, as well as Marionette.
This is safe, because we're not going to be doing any web context stuff before NSS is
initialized, so anything that winds up here won't be exposed to content so we don't
really need to worry about fuzzing its value.
MozReview-Commit-ID: KiFSIbjQnN3
--- a/toolkit/components/resistfingerprinting/nsRFPService.cpp
+++ b/toolkit/components/resistfingerprinting/nsRFPService.cpp
@@ -30,16 +30,17 @@
#include "nsIPrefBranch.h"
#include "nsIPrefService.h"
#include "nsIRandomGenerator.h"
#include "nsIXULAppInfo.h"
#include "nsIXULRuntime.h"
#include "nsJSUtils.h"
#include "prenv.h"
+#include "nss.h"
#include "js/Date.h"
using namespace mozilla;
using namespace std;
#ifdef DEBUG
static mozilla::LazyLogModule gResistFingerprintingLog("nsResistFingerprinting");
@@ -473,17 +474,23 @@ nsRFPService::ReduceTimePrecisionImpl(
// constant (e.g. 10s) that are across the zero barrier will no longer work. We need to
// round consistently towards positive infinity or negative infinity (we chose negative.)
// This can't be done with a truncation, it must be done with floor.
long long clamped = floor(double(timeAsInt) / resolutionAsInt) * resolutionAsInt;
long long midpoint = 0,
clampedAndJittered = clamped;
- if (sJitter) {
+ // RandomMidpoint uses crypto functions from NSS. But we wind up in this code _very_ early
+ // on in and we don't want to initialize NSS earlier than it would be initialized naturally.
+ // Doing so caused nearly every xpcshell test to fail, as well as Marionette.
+ // This is safe, because we're not going to be doing any web context stuff before NSS is
+ // initialized, so anything that winds up here won't be exposed to content so we don't
+ // really need to worry about fuzzing its value.
+ if (sJitter && NSS_IsInitialized()) {
if(!NS_FAILED(RandomMidpoint(clamped, resolutionAsInt, &midpoint)) &&
timeAsInt >= clamped + midpoint) {
clampedAndJittered += resolutionAsInt;
}
}
// Cast it back to a double and reduce it to the correct units.
double ret = double(clampedAndJittered) / (1000000.0 / aTimeScale);