Bug 1447685 Move nsIRandomGenerator creation out of a lock to avoid a deadlock r?keeler
do_GetService("@mozilla.org/security/random-generator;1" may initialize NSS.
NSS Initialization occurs on Main Thread only.
If we lock on a subthread, then try to initialize NSS, it _might_ be the case
that the main thread is blocked on the same lock (same location or a different
one.) NSS can't initialize on Main Thread - deadlock.
Move do_GetService out of the lock. Now if NSS tries to initialize on a
subthread, the main thead can't be blocked (because the subthread hasn't locked
anything.)
Now, the only statements that occur in locks are pointer asignment, new, memcpy,
and randomGenerator->GenerateRandomBytes.
MozReview-Commit-ID: 9C1Ok910A11
old mode 100755
new mode 100644
--- a/toolkit/components/resistfingerprinting/nsRFPService.cpp
+++ b/toolkit/components/resistfingerprinting/nsRFPService.cpp
@@ -371,22 +371,22 @@ nsRFPService::RandomMidpoint(long long a
delete[] sSecretMidpointSeed;
}
sSecretMidpointSeed = new uint8_t[kSeedSize];
memcpy(sSecretMidpointSeed, aSecretSeed, kSeedSize);
}
// If we don't have a seed, we need to get one.
if(MOZ_UNLIKELY(!sSecretMidpointSeed)) {
+ nsCOMPtr<nsIRandomGenerator> randomGenerator =
+ do_GetService("@mozilla.org/security/random-generator;1", &rv);
+ if (NS_WARN_IF(NS_FAILED(rv))) { return rv; }
+
StaticMutexAutoLock lock(sLock);
if(MOZ_LIKELY(!sSecretMidpointSeed)) {
- nsCOMPtr<nsIRandomGenerator> randomGenerator =
- do_GetService("@mozilla.org/security/random-generator;1", &rv);
- if (NS_WARN_IF(NS_FAILED(rv))) { return rv; }
-
rv = randomGenerator->GenerateRandomBytes(kSeedSize, &sSecretMidpointSeed);
if (NS_WARN_IF(NS_FAILED(rv))) { return rv; }
}
}
/*
* Use a cryptographicly secure hash function, but do _not_ use an HMAC.
* Obviously we're not using this data for authentication purposes, but