Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-28 15:23:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Backed out 6 changesets (bug 1445025) for browser chrome failures on browser_checkdllblockliststate.js. CLOSED TREE

Browse Source 
Backed out changeset a1203eb4cee9 (bug 1445025)
Backed out changeset 64b003dceafb (bug 1445025)
Backed out changeset a6cff2b478da (bug 1445025)
Backed out changeset 4dbc7fbb3361 (bug 1445025)
Backed out changeset 1ad82650ca1c (bug 1445025)
Backed out changeset 5c63001e1ce6 (bug 1445025)

--HG--
rename : browser/app/winlauncher/LaunchUnelevated.cpp => browser/app/LaunchUnelevated.cpp
rename : browser/app/winlauncher/LaunchUnelevated.h => browser/app/LaunchUnelevated.h
rename : browser/app/winlauncher/LauncherProcessWin.cpp => browser/app/LauncherProcessWin.cpp
rename : browser/app/winlauncher/LauncherProcessWin.h => browser/app/LauncherProcessWin.h
rename : browser/app/winlauncher/ProcThreadAttributes.h => browser/app/ProcThreadAttributes.h
This commit is contained in:
Cosmin Sabou 2018-06-07 12:09:22 +03:00
parent 28d7e29493
commit 1cda6f4992
18 changed files with 348 additions and 1577 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
browser/app/winlauncher/LaunchUnelevated.cpp → browser/app/LaunchUnelevated.cpp
View File

0
browser/app/winlauncher/LaunchUnelevated.h → browser/app/LaunchUnelevated.h
View File

3
browser/app/winlauncher/LauncherProcessWin.cpp → browser/app/LauncherProcessWin.cpp
View File

@ -21,7 +21,6 @@
#include <windows.h>
#include <processthreadsapi.h>
#include "DllBlocklistWin.h"
#include "LaunchUnelevated.h"
#include "ProcThreadAttributes.h"
@ -35,7 +34,7 @@ static bool
PostCreationSetup(HANDLE aChildProcess, HANDLE aChildMainThread,
const bool aIsSafeMode)
{
return mozilla::InitializeDllBlocklistOOP(aChildProcess);
return true;
}
#if !defined(PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_ALWAYS_ON)

0
browser/app/winlauncher/LauncherProcessWin.h → browser/app/LauncherProcessWin.h
View File

0
browser/app/winlauncher/ProcThreadAttributes.h → browser/app/ProcThreadAttributes.h
View File

15
browser/app/moz.build
View File

@ -62,14 +62,17 @@ if CONFIG['CC_TYPE'] in ('msvc', 'clang-cl'):
if CONFIG['OS_ARCH'] == 'WINNT':
RCINCLUDE = 'splash.rc'
DEFINES['MOZ_PHOENIX'] = True
DIRS += [
'winlauncher',
SOURCES += [
'LauncherProcessWin.cpp',
'LaunchUnelevated.cpp',
]
USE_LIBS += [
'winlauncher',
DELAYLOAD_DLLS += [
'oleaut32.dll',
'ole32.dll',
]
LOCAL_INCLUDES += [
'/browser/app/winlauncher',
OS_LIBS += [
'oleaut32',
'ole32',
]
if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_ARCH'] == 'WINNT':

7
browser/app/nsBrowserApp.cpp
View File

@ -254,11 +254,6 @@ InitXPCOMGlue()
return NS_OK;
}
#ifdef HAS_DLL_BLOCKLIST
// NB: This must be extern, as this value is checked elsewhere
uint32_t gBlocklistInitFlags = eDllBlocklistInitFlagDefault;
#endif
int main(int argc, char* argv[], char* envp[])
{
mozilla::TimeStamp start = mozilla::TimeStamp::Now();
@ -294,7 +289,7 @@ int main(int argc, char* argv[], char* envp[])
#endif
#ifdef HAS_DLL_BLOCKLIST
DllBlocklist_Initialize(gBlocklistInitFlags);
DllBlocklist_Initialize();
#endif
nsresult rv = InitXPCOMGlue();

431
browser/app/winlauncher/DllBlocklistWin.cpp
View File

@ -1,431 +0,0 @@
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
#include "NativeNt.h"
#include "nsWindowsDllInterceptor.h"
#include "mozilla/ArrayUtils.h"
#include "mozilla/Attributes.h"
#include "mozilla/Types.h"
#include "mozilla/WindowsDllBlocklist.h"
#define DLL_BLOCKLIST_ENTRY(name, ...) \
{ L##name, __VA_ARGS__ },
#define DLL_BLOCKLIST_CHAR_TYPE wchar_t
// Restrict the blocklist definitions to Nightly-only for now
#if defined(NIGHTLY_BUILD)
#include "mozilla/WindowsDllBlocklistDefs.h"
#else
#include "mozilla/WindowsDllBlocklistCommon.h"
DLL_BLOCKLIST_DEFINITIONS_BEGIN
DLL_BLOCKLIST_DEFINITIONS_END
#endif
extern uint32_t gBlocklistInitFlags;
static const HANDLE kCurrentProcess = reinterpret_cast<HANDLE>(-1);
class MOZ_STATIC_CLASS MOZ_TRIVIAL_CTOR_DTOR NativeNtBlockSet final
{
struct NativeNtBlockSetEntry
{
NativeNtBlockSetEntry() = default;
~NativeNtBlockSetEntry() = default;
NativeNtBlockSetEntry(const wchar_t* aName, uint64_t aVersion,
NativeNtBlockSetEntry* aNext)
: mName(aName)
, mVersion(aVersion)
, mNext(aNext)
{}
const wchar_t* mName;
uint64_t mVersion;
NativeNtBlockSetEntry* mNext;
};
public:
// Constructor and destructor MUST be trivial
NativeNtBlockSet() = default;
~NativeNtBlockSet() = default;
void Add(const wchar_t* aName, uint64_t aVersion);
void Write(HANDLE aFile);
private:
static NativeNtBlockSetEntry* NewEntry(const wchar_t* aName, uint64_t aVersion,
NativeNtBlockSetEntry* aNextEntry);
private:
NativeNtBlockSetEntry* mFirstEntry;
// SRWLOCK_INIT == 0, so this is okay to use without any additional work as
// long as NativeNtBlockSet is instantiated statically
SRWLOCK mLock;
};
NativeNtBlockSet::NativeNtBlockSetEntry*
NativeNtBlockSet::NewEntry(const wchar_t* aName, uint64_t aVersion,
NativeNtBlockSet::NativeNtBlockSetEntry* aNextEntry)
{
HANDLE processHeap = mozilla::nt::RtlGetProcessHeap();
if (!processHeap) {
return nullptr;
}
PVOID memory = ::RtlAllocateHeap(processHeap, 0, sizeof(NativeNtBlockSetEntry));
if (!memory) {
return nullptr;
}
return new (memory) NativeNtBlockSetEntry(aName, aVersion, aNextEntry);
}
void
NativeNtBlockSet::Add(const wchar_t* aName, uint64_t aVersion)
{
::RtlAcquireSRWLockExclusive(&mLock);
for (NativeNtBlockSetEntry* entry = mFirstEntry; entry; entry = entry->mNext) {
// We just need to compare the string pointers, not the strings themselves,
// as we always pass in the strings statically defined in the blocklist.
if (aName == entry->mName && aVersion == entry->mVersion) {
::RtlReleaseSRWLockExclusive(&mLock);
return;
}
}
// Not present, add it
NativeNtBlockSetEntry* newEntry = NewEntry(aName, aVersion, mFirstEntry);
mFirstEntry = newEntry;
::RtlReleaseSRWLockExclusive(&mLock);
}
void
NativeNtBlockSet::Write(HANDLE aFile)
{
// NB: If this function is called, it is long after kernel32 is initialized,
// so it is safe to use Win32 calls here.
DWORD nBytes;
char buf[MAX_PATH];
// It would be nicer to use RAII here. However, its destructor
// might not run if an exception occurs, in which case we would never release
// the lock (MSVC warns about this possibility). So we acquire and release
// manually.
::AcquireSRWLockExclusive(&mLock);
MOZ_SEH_TRY {
for (auto entry = mFirstEntry; entry; entry = entry->mNext) {
int convOk = ::WideCharToMultiByte(CP_UTF8, 0, entry->mName, -1, buf,
sizeof(buf), nullptr, nullptr);
if (!convOk) {
continue;
}
// write name[,v.v.v.v];
if (!WriteFile(aFile, buf, convOk, &nBytes, nullptr)) {
continue;
}
if (entry->mVersion != ALL_VERSIONS) {
WriteFile(aFile, ",", 1, &nBytes, nullptr);
uint16_t parts[4];
parts[0] = entry->mVersion >> 48;
parts[1] = (entry->mVersion >> 32) & 0xFFFF;
parts[2] = (entry->mVersion >> 16) & 0xFFFF;
parts[3] = entry->mVersion & 0xFFFF;
for (size_t p = 0; p < mozilla::ArrayLength(parts); ++p) {
ltoa(parts[p], buf, 10);
WriteFile(aFile, buf, strlen(buf), &nBytes, nullptr);
if (p != mozilla::ArrayLength(parts) - 1) {
WriteFile(aFile, ".", 1, &nBytes, nullptr);
}
}
}
WriteFile(aFile, ";", 1, &nBytes, nullptr);
}
}
MOZ_SEH_EXCEPT (EXCEPTION_EXECUTE_HANDLER) {
}
::ReleaseSRWLockExclusive(&mLock);
}
static NativeNtBlockSet gBlockSet;
extern "C" void MOZ_EXPORT
NativeNtBlockSet_Write(HANDLE aHandle)
{
gBlockSet.Write(aHandle);
}
static bool
CheckBlockInfo(const DllBlockInfo* aInfo, void* aBaseAddress, uint64_t& aVersion)
{
aVersion = ALL_VERSIONS;
if (aInfo->flags & (DllBlockInfo::BLOCK_WIN8PLUS_ONLY | DllBlockInfo::BLOCK_WIN8_ONLY)) {
RTL_OSVERSIONINFOW osv;
NTSTATUS ntStatus = ::RtlGetVersion(&osv);
if (!NT_SUCCESS(ntStatus)) {
// huh?
return false;
}
if (osv.dwMajorVersion < 8) {
return true;
}
if ((aInfo->flags & DllBlockInfo::BLOCK_WIN8_ONLY) && (osv.dwMajorVersion > 8 ||
(osv.dwMajorVersion == 8 && osv.dwMinorVersion > 0))) {
return true;
}
}
// We're not bootstrapping child processes at this time, so this case is
// always true.
if (aInfo->flags & DllBlockInfo::CHILD_PROCESSES_ONLY) {
return true;
}
if (aInfo->maxVersion == ALL_VERSIONS) {
return false;
}
mozilla::nt::PEHeaders headers(aBaseAddress);
if (!headers) {
return false;
}
if (aInfo->flags & DllBlockInfo::USE_TIMESTAMP) {
DWORD timestamp;
if (!headers.GetTimeStamp(timestamp)) {
return false;
}
return timestamp > aInfo->maxVersion;
}
// Else we try to get the file version information. Note that we don't have
// access to GetFileVersionInfo* APIs.
if (!headers.GetVersionInfo(aVersion)) {
return false;
}
return aVersion > aInfo->maxVersion;
}
static bool
IsDllAllowed(const UNICODE_STRING& aLeafName, void* aBaseAddress)
{
if (mozilla::nt::Contains12DigitHexString(aLeafName) ||
mozilla::nt::IsFileNameAtLeast16HexDigits(aLeafName)) {
return false;
}
UNICODE_STRING testStr;
DECLARE_POINTER_TO_FIRST_DLL_BLOCKLIST_ENTRY(info);
while (info->name) {
::RtlInitUnicodeString(&testStr, info->name);
if (::RtlEqualUnicodeString(&aLeafName, &testStr, TRUE)) {
break;
}
++info;
}
uint64_t version;
if (info->name && !CheckBlockInfo(info, aBaseAddress, version)) {
gBlockSet.Add(info->name, version);
return false;
}
return true;
}
typedef decltype(&NtMapViewOfSection) NtMapViewOfSection_func;
static NtMapViewOfSection_func stub_NtMapViewOfSection;
static NTSTATUS NTAPI
patched_NtMapViewOfSection(HANDLE aSection, HANDLE aProcess, PVOID* aBaseAddress,
ULONG_PTR aZeroBits, SIZE_T aCommitSize,
PLARGE_INTEGER aSectionOffset, PSIZE_T aViewSize,
SECTION_INHERIT aInheritDisposition,
ULONG aAllocationType, ULONG aProtectionFlags)
{
// We always map first, then we check for additional info after.
NTSTATUS stubStatus = stub_NtMapViewOfSection(aSection, aProcess, aBaseAddress,
aZeroBits, aCommitSize,
aSectionOffset, aViewSize,
aInheritDisposition,
aAllocationType, aProtectionFlags);
if (!NT_SUCCESS(stubStatus)) {
return stubStatus;
}
if (aProcess != kCurrentProcess) {
// We're only interested in mapping for the current process.
return stubStatus;
}
// Do a query to see if the memory is MEM_IMAGE. If not, continue
MEMORY_BASIC_INFORMATION mbi;
NTSTATUS ntStatus = ::NtQueryVirtualMemory(aProcess, *aBaseAddress,
MemoryBasicInformation, &mbi,
sizeof(mbi), nullptr);
if (!NT_SUCCESS(ntStatus)) {
::NtUnmapViewOfSection(aProcess, *aBaseAddress);
return STATUS_ACCESS_DENIED;
}
// We don't care about mappings that aren't MEM_IMAGE
if (!(mbi.Type & MEM_IMAGE)) {
return stubStatus;
}
// Get the section name
mozilla::nt::MemorySectionNameBuf buf;
ntStatus = ::NtQueryVirtualMemory(aProcess, *aBaseAddress, MemorySectionName,
&buf, sizeof(buf), nullptr);
if (!NT_SUCCESS(ntStatus)) {
::NtUnmapViewOfSection(aProcess, *aBaseAddress);
return STATUS_ACCESS_DENIED;
}
// Find the leaf name
UNICODE_STRING leaf;
mozilla::nt::GetLeafName(&leaf, &buf.mSectionFileName);
// Check blocklist
if (IsDllAllowed(leaf, *aBaseAddress)) {
return stubStatus;
}
::NtUnmapViewOfSection(aProcess, *aBaseAddress);
return STATUS_ACCESS_DENIED;
}
namespace mozilla {
class MOZ_RAII AutoVirtualProtect final
{
public:
AutoVirtualProtect(void* aAddress, size_t aLength, DWORD aProtFlags,
HANDLE aTargetProcess = nullptr)
: mAddress(aAddress)
, mLength(aLength)
, mTargetProcess(aTargetProcess)
, mPrevProt(0)
{
::VirtualProtectEx(aTargetProcess, aAddress, aLength, aProtFlags,
&mPrevProt);
}
~AutoVirtualProtect()
{
if (!mPrevProt) {
return;
}
::VirtualProtectEx(mTargetProcess, mAddress, mLength, mPrevProt,
&mPrevProt);
}
explicit operator bool() const
{
return !!mPrevProt;
}
AutoVirtualProtect(const AutoVirtualProtect&) = delete;
AutoVirtualProtect(AutoVirtualProtect&&) = delete;
AutoVirtualProtect& operator=(const AutoVirtualProtect&) = delete;
AutoVirtualProtect& operator=(AutoVirtualProtect&&) = delete;
private:
void* mAddress;
size_t mLength;
HANDLE mTargetProcess;
DWORD mPrevProt;
};
bool
InitializeDllBlocklistOOP(HANDLE aChildProcess)
{
mozilla::CrossProcessDllInterceptor intcpt(aChildProcess);
intcpt.Init(L"ntdll.dll");
bool ok = intcpt.AddDetour("NtMapViewOfSection",
reinterpret_cast<intptr_t>(&patched_NtMapViewOfSection),
(void**) &stub_NtMapViewOfSection);
if (!ok) {
return false;
}
// Set the child process's copy of stub_NtMapViewOfSection
SIZE_T bytesWritten;
ok = !!::WriteProcessMemory(aChildProcess, &stub_NtMapViewOfSection,
&stub_NtMapViewOfSection,
sizeof(stub_NtMapViewOfSection), &bytesWritten);
if (!ok) {
return false;
}
// Because aChildProcess has just been created in a suspended state, its
// dynamic linker has not yet been initialized, thus its executable has
// not yet been linked with ntdll.dll. If the blocklist hook intercepts a
// library load prior to the link, the hook will be unable to invoke any
// ntdll.dll functions.
//
// We know that the executable for our *current* process's binary is already
// linked into ntdll, so we obtain the IAT from our own executable and graft
// it onto the child process's IAT, thus enabling the child process's hook to
// safely make its ntdll calls.
mozilla::nt::PEHeaders ourExeImage(::GetModuleHandleW(nullptr));
if (!ourExeImage) {
return false;
}
PIMAGE_IMPORT_DESCRIPTOR impDesc = ourExeImage.GetIATForModule("ntdll.dll");
if (!impDesc) {
return false;
}
// This is the pointer we need to write
auto firstIatThunk = ourExeImage.template
RVAToPtr<PIMAGE_THUNK_DATA>(impDesc->FirstThunk);
if (!firstIatThunk) {
return false;
}
// Find the length by iterating through the table until we find a null entry
PIMAGE_THUNK_DATA curIatThunk = firstIatThunk;
while (mozilla::nt::PEHeaders::IsValid(curIatThunk)) {
++curIatThunk;
}
ptrdiff_t iatLength = (curIatThunk - firstIatThunk) * sizeof(IMAGE_THUNK_DATA);
{ // Scope for prot
AutoVirtualProtect prot(firstIatThunk, iatLength, PAGE_READWRITE,
aChildProcess);
if (!prot) {
return false;
}
ok = !!::WriteProcessMemory(aChildProcess, firstIatThunk, firstIatThunk,
iatLength, &bytesWritten);
if (!ok) {
return false;
}
}
// Tell the mozglue blocklist that we have bootstrapped
uint32_t newFlags = eDllBlocklistInitFlagWasBootstrapped;
ok = !!::WriteProcessMemory(aChildProcess, &gBlocklistInitFlags, &newFlags,
sizeof(newFlags), &bytesWritten);
return ok;
}
} // namespace mozilla

18
browser/app/winlauncher/DllBlocklistWin.h
View File

@ -1,18 +0,0 @@
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
#ifndef mozilla_DllBlocklistWin_h
#define mozilla_DllBlocklistWin_h
#include <windows.h>
namespace mozilla {
bool InitializeDllBlocklistOOP(HANDLE aChildProcess);
} // namespace mozilla
#endif // mozilla_DllBlocklistWin_h

546
browser/app/winlauncher/NativeNt.h
View File

@ -1,546 +0,0 @@
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
#ifndef mozilla_NativeNt_h
#define mozilla_NativeNt_h
#if defined(MOZILLA_INTERNAL_API)
#error "This header is for initial process initialization. You don't want to be including this here."
#endif // defined(MOZILLA_INTERNAL_API)
#include <stdint.h>
#include <windows.h>
#include <winnt.h>
#include <winternl.h>
#include "mozilla/ArrayUtils.h"
#include "mozilla/Attributes.h"
extern "C" {
#if !defined(STATUS_ACCESS_DENIED)
#define STATUS_ACCESS_DENIED ((NTSTATUS)0xC0000022L)
#endif // !defined(STATUS_ACCESS_DENIED)
#if !defined(STATUS_DLL_NOT_FOUND)
#define STATUS_DLL_NOT_FOUND ((NTSTATUS)0xC0000135L)
#endif // !defined(STATUS_DLL_NOT_FOUND)
enum SECTION_INHERIT
{
ViewShare = 1,
ViewUnmap = 2
};
NTSTATUS NTAPI
NtMapViewOfSection(HANDLE aSection, HANDLE aProcess, PVOID* aBaseAddress,
ULONG_PTR aZeroBits, SIZE_T aCommitSize,
PLARGE_INTEGER aSectionOffset, PSIZE_T aViewSize,
SECTION_INHERIT aInheritDisposition, ULONG aAllocationType,
ULONG aProtectionFlags);
NTSTATUS NTAPI
NtUnmapViewOfSection(HANDLE aProcess, PVOID aBaseAddress);
enum MEMORY_INFORMATION_CLASS
{
MemoryBasicInformation = 0,
MemorySectionName = 2
};
// NB: When allocating, space for the buffer must also be included
typedef struct _MEMORY_SECTION_NAME
{
UNICODE_STRING mSectionFileName;
} MEMORY_SECTION_NAME, *PMEMORY_SECTION_NAME;
NTSTATUS NTAPI
NtQueryVirtualMemory(HANDLE aProcess, PVOID aBaseAddress,
MEMORY_INFORMATION_CLASS aMemInfoClass, PVOID aMemInfo,
SIZE_T aMemInfoLen, PSIZE_T aReturnLen);
LONG NTAPI
RtlCompareUnicodeString(PCUNICODE_STRING aStr1, PCUNICODE_STRING aStr2,
BOOLEAN aCaseInsensitive);
BOOLEAN NTAPI
RtlEqualUnicodeString(PCUNICODE_STRING aStr1, PCUNICODE_STRING aStr2,
BOOLEAN aCaseInsensitive);
NTSTATUS NTAPI
RtlGetVersion(PRTL_OSVERSIONINFOW aOutVersionInformation);
PVOID NTAPI
RtlAllocateHeap(PVOID aHeapHandle, ULONG aFlags, SIZE_T aSize);
PVOID NTAPI
RtlReAllocateHeap(PVOID aHeapHandle, ULONG aFlags, LPVOID aMem, SIZE_T aNewSize);
BOOLEAN NTAPI
RtlFreeHeap(PVOID aHeapHandle, ULONG aFlags, PVOID aHeapBase);
VOID NTAPI
RtlAcquireSRWLockExclusive(PSRWLOCK aLock);
VOID NTAPI
RtlReleaseSRWLockExclusive(PSRWLOCK aLock);
} // extern "C"
namespace mozilla {
namespace nt {
struct MemorySectionNameBuf : public _MEMORY_SECTION_NAME
{
MemorySectionNameBuf()
{
mSectionFileName.Length = 0;
mSectionFileName.MaximumLength = sizeof(mBuf);
mSectionFileName.Buffer = mBuf;
}
WCHAR mBuf[MAX_PATH];
};
inline bool
FindCharInUnicodeString(const UNICODE_STRING& aStr, WCHAR aChar, uint16_t& aPos,
uint16_t aStartIndex = 0)
{
const uint16_t aMaxIndex = aStr.Length / sizeof(WCHAR);
for (uint16_t curIndex = aStartIndex; curIndex < aMaxIndex; ++curIndex) {
if (aStr.Buffer[curIndex] == aChar) {
aPos = curIndex;
return true;
}
}
return false;
}
inline bool
IsHexDigit(WCHAR aChar)
{
return aChar >= L'0' && aChar <= L'9' ||
aChar >= L'A' && aChar <= L'F' ||
aChar >= L'a' && aChar <= L'f';
}
inline bool
MatchUnicodeString(const UNICODE_STRING& aStr, bool (*aPredicate)(WCHAR))
{
WCHAR* cur = aStr.Buffer;
WCHAR* end = &aStr.Buffer[aStr.Length / sizeof(WCHAR)];
while (cur < end) {
if (!aPredicate(*cur)) {
return false;
}
++cur;
}
return true;
}
inline bool
Contains12DigitHexString(const UNICODE_STRING& aLeafName)
{
uint16_t start, end;
if (!FindCharInUnicodeString(aLeafName, L'.', start)) {
return false;
}
++start;
if (!FindCharInUnicodeString(aLeafName, L'.', end, start)) {
return false;
}
if (end - start != 12) {
return false;
}
UNICODE_STRING test;
test.Buffer = &aLeafName.Buffer[start];
test.Length = (end - start) * sizeof(WCHAR);
test.MaximumLength = test.Length;
return MatchUnicodeString(test, &IsHexDigit);
}
inline bool
IsFileNameAtLeast16HexDigits(const UNICODE_STRING& aLeafName)
{
uint16_t dotIndex;
if (!FindCharInUnicodeString(aLeafName, L'.', dotIndex)) {
return false;
}
if (dotIndex < 16) {
return false;
}
UNICODE_STRING test;
test.Buffer = aLeafName.Buffer;
test.Length = dotIndex * sizeof(WCHAR);
test.MaximumLength = aLeafName.MaximumLength;
return MatchUnicodeString(test, &IsHexDigit);
}
inline void
GetLeafName(PUNICODE_STRING aDestString, PCUNICODE_STRING aSrcString)
{
WCHAR* buf = aSrcString->Buffer;
WCHAR* end = &aSrcString->Buffer[(aSrcString->Length / sizeof(WCHAR)) - 1];
WCHAR* cur = end;
while (cur >= buf) {
if (*cur == L'\\') {
break;
}
--cur;
}
// At this point, either cur points to the final backslash, or it points to
// buf - 1. Either way, we're interested in cur + 1 as the desired buffer.
aDestString->Buffer = cur + 1;
aDestString->Length = (end - aDestString->Buffer + 1) * sizeof(WCHAR);
aDestString->MaximumLength = aDestString->Length;
}
inline char
EnsureLowerCaseASCII(char aChar)
{
if (aChar >= 'A' && aChar <= 'Z') {
aChar -= 'A' - 'a';
}
return aChar;
}
inline int
StricmpASCII(const char* aLeft, const char* aRight)
{
char curLeft, curRight;
do {
curLeft = EnsureLowerCaseASCII(*(aLeft++));
curRight = EnsureLowerCaseASCII(*(aRight++));
} while(curLeft && curLeft == curRight);
return curLeft - curRight;
}
class MOZ_RAII PEHeaders final
{
/**
* This structure is documented on MSDN as VS_VERSIONINFO, but is not present
* in SDK headers because it cannot be specified as a C struct. The following
* structure contains the fixed-length fields at the beginning of
* VS_VERSIONINFO.
*/
struct VS_VERSIONINFO_HEADER
{
WORD wLength;
WORD wValueLength;
WORD wType;
WCHAR szKey[16]; // ArrayLength(L"VS_VERSION_INFO")
// Additional data goes here, aligned on a 4-byte boundary
};
public:
explicit PEHeaders(void* aBaseAddress)
: PEHeaders(reinterpret_cast<PIMAGE_DOS_HEADER>(aBaseAddress))
{
}
// The lowest two bits of an HMODULE are used as flags. Stripping those bits
// from the HMODULE yields the base address of the binary's memory mapping.
// (See LoadLibraryEx docs on MSDN)
explicit PEHeaders(HMODULE aModule)
: PEHeaders(reinterpret_cast<PIMAGE_DOS_HEADER>(
reinterpret_cast<uintptr_t>(aModule) & ~uintptr_t(3)))
{
}
explicit operator bool() const
{
return !!mImageLimit;
}
/**
* This overload computes absolute virtual addresses relative to the base
* address of the binary.
*/
template <typename T, typename R>
T RVAToPtr(R aRva)
{
return RVAToPtr<T>(mMzHeader, aRva);
}
/**
* This overload computes a result by adding aRva to aBase, but also ensures
* that the resulting pointer falls within the bounds of this binary's memory
* mapping.
*/
template <typename T, typename R>
T RVAToPtr(void* aBase, R aRva)
{
if (!mImageLimit) {
return nullptr;
}
char* absAddress = reinterpret_cast<char*>(aBase) + aRva;
if (absAddress < reinterpret_cast<char*>(mMzHeader) ||
absAddress > reinterpret_cast<char*>(mImageLimit)) {
return nullptr;
}
return reinterpret_cast<T>(absAddress);
}
PIMAGE_IMPORT_DESCRIPTOR GetImportDirectory()
{
return GetImageDirectoryEntry<PIMAGE_IMPORT_DESCRIPTOR>(
IMAGE_DIRECTORY_ENTRY_IMPORT);
}
PIMAGE_RESOURCE_DIRECTORY GetResourceTable()
{
return GetImageDirectoryEntry<PIMAGE_RESOURCE_DIRECTORY>(
IMAGE_DIRECTORY_ENTRY_RESOURCE);
}
bool
GetVersionInfo(uint64_t& aOutVersion)
{
// RT_VERSION == 16
// Version resources require an id of 1
auto root = FindResourceLeaf<VS_VERSIONINFO_HEADER*>(16, 1);
if (!root) {
return false;
}
VS_FIXEDFILEINFO* fixedInfo = GetFixedFileInfo(root);
if (!fixedInfo) {
return false;
}
aOutVersion = ((static_cast<uint64_t>(fixedInfo->dwFileVersionMS) << 32) |
static_cast<uint64_t>(fixedInfo->dwFileVersionLS));
return true;
}
bool
GetTimeStamp(DWORD& aResult)
{
if (!(*this)) {
return false;
}
aResult = mPeHeader->FileHeader.TimeDateStamp;
return true;
}
PIMAGE_IMPORT_DESCRIPTOR
GetIATForModule(const char* aModuleNameASCII)
{
for (PIMAGE_IMPORT_DESCRIPTOR curImpDesc = GetImportDirectory();
IsValid(curImpDesc); ++curImpDesc) {
auto curName = RVAToPtr<const char*>(curImpDesc->Name);
if (!curName) {
return nullptr;
}
if (StricmpASCII(aModuleNameASCII, curName)) {
continue;
}
// curImpDesc now points to the IAT for the module we're interested in
return curImpDesc;
}
return nullptr;
}
/**
* Resources are stored in a three-level tree. To locate a particular entry,
* you must supply a resource type, the resource id, and then the language id.
* If aLangId == 0, we just resolve the first entry regardless of language.
*/
template <typename T> T
FindResourceLeaf(WORD aType, WORD aResId, WORD aLangId = 0)
{
PIMAGE_RESOURCE_DIRECTORY topLevel = GetResourceTable();
if (!topLevel) {
return nullptr;
}
PIMAGE_RESOURCE_DIRECTORY_ENTRY typeEntry = FindResourceEntry(topLevel,
aType);
if (!typeEntry || !typeEntry->DataIsDirectory) {
return nullptr;
}
auto idDir = RVAToPtr<PIMAGE_RESOURCE_DIRECTORY>(topLevel,
typeEntry->OffsetToDirectory);
PIMAGE_RESOURCE_DIRECTORY_ENTRY idEntry = FindResourceEntry(idDir, aResId);
if (!idEntry || !idEntry->DataIsDirectory) {
return nullptr;
}
auto langDir = RVAToPtr<PIMAGE_RESOURCE_DIRECTORY>(topLevel,
idEntry->OffsetToDirectory);
PIMAGE_RESOURCE_DIRECTORY_ENTRY langEntry;
if (aLangId) {
langEntry = FindResourceEntry(langDir, aLangId);
} else {
langEntry = FindFirstResourceEntry(langDir);
}
if (!langEntry || langEntry->DataIsDirectory) {
return nullptr;
}
auto dataEntry = RVAToPtr<PIMAGE_RESOURCE_DATA_ENTRY>(topLevel,
langEntry->OffsetToData);
return RVAToPtr<T>(dataEntry->OffsetToData);
}
static bool IsValid(PIMAGE_IMPORT_DESCRIPTOR aImpDesc)
{
return aImpDesc && aImpDesc->OriginalFirstThunk != 0;
}
static bool IsValid(PIMAGE_THUNK_DATA aImgThunk)
{
return aImgThunk && aImgThunk->u1.Ordinal != 0;
}
private:
explicit PEHeaders(PIMAGE_DOS_HEADER aMzHeader)
: mMzHeader(aMzHeader)
, mPeHeader(nullptr)
, mImageLimit(nullptr)
{
if (!mMzHeader || mMzHeader->e_magic != IMAGE_DOS_SIGNATURE) {
return;
}
mPeHeader = RVAToPtrUnchecked<PIMAGE_NT_HEADERS>(mMzHeader->e_lfanew);
if (!mPeHeader || mPeHeader->Signature != IMAGE_NT_SIGNATURE) {
return;
}
mImageLimit =
RVAToPtrUnchecked<void*>(mPeHeader->OptionalHeader.SizeOfImage - 1UL);
}
template <typename T>
T GetImageDirectoryEntry(unsigned int aDirectoryIndex)
{
if (aDirectoryIndex >= IMAGE_NUMBEROF_DIRECTORY_ENTRIES) {
return nullptr;
}
IMAGE_DATA_DIRECTORY& dirEntry =
mPeHeader->OptionalHeader.DataDirectory[aDirectoryIndex];
return RVAToPtr<T>(dirEntry.VirtualAddress);
}
// This private overload does not have bounds checks, because we need to be
// able to resolve the bounds themselves.
template <typename T, typename R>
T RVAToPtrUnchecked(R aRva)
{
return reinterpret_cast<T>(reinterpret_cast<char*>(mMzHeader) + aRva);
}
PIMAGE_RESOURCE_DIRECTORY_ENTRY
FindResourceEntry(PIMAGE_RESOURCE_DIRECTORY aCurLevel, WORD aId)
{
// Immediately after the IMAGE_RESOURCE_DIRECTORY structure is an array
// of IMAGE_RESOURCE_DIRECTORY_ENTRY structures. Since this function
// searches by ID, we need to skip past any named entries before iterating.
auto dirEnt =
reinterpret_cast<PIMAGE_RESOURCE_DIRECTORY_ENTRY>(aCurLevel + 1) +
aCurLevel->NumberOfNamedEntries;
for (WORD i = 0; i < aCurLevel->NumberOfIdEntries; ++i) {
if (dirEnt[i].Id == aId) {
return &dirEnt[i];
}
}
return nullptr;
}
PIMAGE_RESOURCE_DIRECTORY_ENTRY
FindFirstResourceEntry(PIMAGE_RESOURCE_DIRECTORY aCurLevel)
{
// Immediately after the IMAGE_RESOURCE_DIRECTORY structure is an array
// of IMAGE_RESOURCE_DIRECTORY_ENTRY structures. We just return the first
// entry, regardless of whether it is indexed by name or by id.
auto dirEnt = reinterpret_cast<PIMAGE_RESOURCE_DIRECTORY_ENTRY>(aCurLevel + 1);
WORD numEntries = aCurLevel->NumberOfNamedEntries +
aCurLevel->NumberOfIdEntries;
if (!numEntries) {
return nullptr;
}
return dirEnt;
}
VS_FIXEDFILEINFO*
GetFixedFileInfo(VS_VERSIONINFO_HEADER* aVerInfo)
{
WORD length = aVerInfo->wLength;
WORD offset = sizeof(VS_VERSIONINFO_HEADER);
if (!offset) {
return nullptr;
}
const wchar_t kVersionInfoKey[] = L"VS_VERSION_INFO";
if (::RtlCompareMemory(aVerInfo->szKey, kVersionInfoKey,
ArrayLength(kVersionInfoKey)) !=
ArrayLength(kVersionInfoKey)) {
return nullptr;
}
uintptr_t base = reinterpret_cast<uintptr_t>(aVerInfo);
// Align up to 4-byte boundary
#pragma warning(suppress: 4146)
offset += (-(base + offset) & 3);
if (offset > length) {
return nullptr;
}
auto result = reinterpret_cast<VS_FIXEDFILEINFO*>(base + offset);
if (result->dwSignature != 0xFEEF04BD) {
return nullptr;
}
return result;
}
private:
PIMAGE_DOS_HEADER mMzHeader;
PIMAGE_NT_HEADERS mPeHeader;
void* mImageLimit;
};
inline HANDLE
RtlGetProcessHeap()
{
PTEB teb = ::NtCurrentTeb();
PPEB peb = teb->ProcessEnvironmentBlock;
return peb->Reserved4[1];
}
} // namespace nt
} // namespace mozilla
#endif // mozilla_NativeNt_h

32
browser/app/winlauncher/moz.build
View File

@ -1,32 +0,0 @@
# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
# vim: set filetype=python:
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
Library('winlauncher')
FORCE_STATIC_LIB = True
UNIFIED_SOURCES += [
'DllBlocklistWin.cpp',
'LauncherProcessWin.cpp',
'LaunchUnelevated.cpp',
]
DELAYLOAD_DLLS += [
'oleaut32.dll',
'ole32.dll',
]
OS_LIBS += [
'ntdll',
'oleaut32',
'ole32',
]
TEST_DIRS += [
'test',
]
DisableStlWrapping()

97
browser/app/winlauncher/test/TestNativeNt.cpp
View File

@ -1,97 +0,0 @@
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
#include "NativeNt.h"
#include <stdio.h>
const wchar_t kNormal[] = L"Foo.dll";
const wchar_t kHex12[] = L"Foo.ABCDEF012345.dll";
const wchar_t kHex15[] = L"ABCDEF012345678.dll";
const wchar_t kHex16[] = L"ABCDEF0123456789.dll";
const wchar_t kHex17[] = L"ABCDEF0123456789a.dll";
const wchar_t kHex24[] = L"ABCDEF0123456789cdabef98.dll";
const wchar_t kHex8[] = L"01234567.dll";
const wchar_t kNonHex12[] = L"Foo.ABCDEFG12345.dll";
const wchar_t kHex13[] = L"Foo.ABCDEF0123456.dll";
const wchar_t kHex11[] = L"Foo.ABCDEF01234.dll";
const wchar_t kPrefixedHex16[] = L"Pabcdef0123456789.dll";
const char kFailFmt[] = "TEST-FAILED | NativeNt | %s(%s) should have returned %s but did not\n";
#define RUN_TEST(fn, varName, expected) \
if (fn(varName) == !expected) { \
printf(kFailFmt, #fn, #varName, #expected); \
return 1; \
}
#define EXPECT_FAIL(fn, varName) \
RUN_TEST(fn, varName, false) \
#define EXPECT_SUCCESS(fn, varName) \
RUN_TEST(fn, varName, true)
using namespace mozilla::nt;
int main(int argc, char* argv[])
{
UNICODE_STRING normal;
::RtlInitUnicodeString(&normal, kNormal);
UNICODE_STRING hex12;
::RtlInitUnicodeString(&hex12, kHex12);
UNICODE_STRING hex16;
::RtlInitUnicodeString(&hex16, kHex16);
UNICODE_STRING hex24;
::RtlInitUnicodeString(&hex24, kHex24);
UNICODE_STRING hex8;
::RtlInitUnicodeString(&hex8, kHex8);
UNICODE_STRING nonHex12;
::RtlInitUnicodeString(&nonHex12, kNonHex12);
UNICODE_STRING hex13;
::RtlInitUnicodeString(&hex13, kHex13);
UNICODE_STRING hex11;
::RtlInitUnicodeString(&hex11, kHex11);
UNICODE_STRING hex15;
::RtlInitUnicodeString(&hex15, kHex15);
UNICODE_STRING hex17;
::RtlInitUnicodeString(&hex17, kHex17);
UNICODE_STRING prefixedHex16;
::RtlInitUnicodeString(&prefixedHex16, kPrefixedHex16);
EXPECT_FAIL(Contains12DigitHexString, normal);
EXPECT_SUCCESS(Contains12DigitHexString, hex12);
EXPECT_FAIL(Contains12DigitHexString, hex13);
EXPECT_FAIL(Contains12DigitHexString, hex11);
EXPECT_FAIL(Contains12DigitHexString, hex16);
EXPECT_FAIL(Contains12DigitHexString, nonHex12);
EXPECT_FAIL(IsFileNameAtLeast16HexDigits, normal);
EXPECT_FAIL(IsFileNameAtLeast16HexDigits, hex12);
EXPECT_SUCCESS(IsFileNameAtLeast16HexDigits, hex24);
EXPECT_SUCCESS(IsFileNameAtLeast16HexDigits, hex16);
EXPECT_SUCCESS(IsFileNameAtLeast16HexDigits, hex17);
EXPECT_FAIL(IsFileNameAtLeast16HexDigits, hex8);
EXPECT_FAIL(IsFileNameAtLeast16HexDigits, hex15);
EXPECT_FAIL(IsFileNameAtLeast16HexDigits, prefixedHex16);
if (RtlGetProcessHeap() != ::GetProcessHeap()) {
printf("TEST-FAILED | NativeNt | RtlGetProcessHeap() is broken\n");
return 1;
}
return 0;
}

17
browser/app/winlauncher/test/moz.build
View File

@ -1,17 +0,0 @@
# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
# vim: set filetype=python:
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
DisableStlWrapping()
CppUnitTests(['TestNativeNt'])
LOCAL_INCLUDES += [
'/browser/app/winlauncher',
]
OS_LIBS += [
'ntdll',
]

465
mozglue/build/WindowsDllBlocklist.cpp
View File

@ -38,10 +38,246 @@
using namespace mozilla;
#define DLL_BLOCKLIST_ENTRY(name, ...) \
{ name, __VA_ARGS__ },
#define DLL_BLOCKLIST_CHAR_TYPE char
#include "mozilla/WindowsDllBlocklistDefs.h"
#define ALL_VERSIONS ((unsigned long long)-1LL)
// DLLs sometimes ship without a version number, particularly early
// releases. Blocking "version <= 0" has the effect of blocking unversioned
// DLLs (since the call to get version info fails), but not blocking
// any versioned instance.
#define UNVERSIONED ((unsigned long long)0LL)
// Convert the 4 (decimal) components of a DLL version number into a
// single unsigned long long, as needed by the blocklist
#define MAKE_VERSION(a,b,c,d)\
((a##ULL << 48) + (b##ULL << 32) + (c##ULL << 16) + d##ULL)
struct DllBlockInfo {
// The name of the DLL -- in LOWERCASE! It will be compared to
// a lowercase version of the DLL name only.
const char *name;
// If maxVersion is ALL_VERSIONS, we'll block all versions of this
// dll. Otherwise, we'll block all versions less than or equal to
// the given version, as queried by GetFileVersionInfo and
// VS_FIXEDFILEINFO's dwFileVersionMS and dwFileVersionLS fields.
//
// Note that the version is usually 4 components, which is A.B.C.D
// encoded as 0x AAAA BBBB CCCC DDDD ULL (spaces added for clarity),
// but it's not required to be of that format.
//
// If the USE_TIMESTAMP flag is set, then we use the timestamp from
// the IMAGE_FILE_HEADER in lieu of a version number.
//
// If the CHILD_PROCESSES_ONLY flag is set, then the dll is blocked
// only when we are a child process.
unsigned long long maxVersion;
enum {
FLAGS_DEFAULT = 0,
BLOCK_WIN8PLUS_ONLY = 1,
BLOCK_WIN8_ONLY = 2,
USE_TIMESTAMP = 4,
CHILD_PROCESSES_ONLY = 8
} flags;
};
static const DllBlockInfo sWindowsDllBlocklist[] = {
// EXAMPLE:
// { "uxtheme.dll", ALL_VERSIONS },
// { "uxtheme.dll", 0x0000123400000000ULL },
// The DLL name must be in lowercase!
// The version field is a maximum, that is, we block anything that is
// less-than or equal to that version.
// NPFFAddon - Known malware
{ "npffaddon.dll", ALL_VERSIONS},
// AVG 8 - Antivirus vendor AVG, old version, plugin already blocklisted
{"avgrsstx.dll", MAKE_VERSION(8,5,0,401)},
// calc.dll - Suspected malware
{"calc.dll", MAKE_VERSION(1,0,0,1)},
// hook.dll - Suspected malware
{"hook.dll", ALL_VERSIONS},
// GoogleDesktopNetwork3.dll - Extremely old, unversioned instances
// of this DLL cause crashes
{"googledesktopnetwork3.dll", UNVERSIONED},
// rdolib.dll - Suspected malware
{"rdolib.dll", MAKE_VERSION(6,0,88,4)},
// fgjk4wvb.dll - Suspected malware
{"fgjk4wvb.dll", MAKE_VERSION(8,8,8,8)},
// radhslib.dll - Naomi internet filter - unmaintained since 2006
{"radhslib.dll", UNVERSIONED},
// Music download filter for vkontakte.ru - old instances
// of this DLL cause crashes
{"vksaver.dll", MAKE_VERSION(2,2,2,0)},
// Topcrash in Firefox 4.0b1
{"rlxf.dll", MAKE_VERSION(1,2,323,1)},
// psicon.dll - Topcrashes in Thunderbird, and some crashes in Firefox
// Adobe photoshop library, now redundant in later installations
{"psicon.dll", ALL_VERSIONS},
// Topcrash in Firefox 4 betas (bug 618899)
{"accelerator.dll", MAKE_VERSION(3,2,1,6)},
// Topcrash with Roboform in Firefox 8 (bug 699134)
{"rf-firefox.dll", MAKE_VERSION(7,6,1,0)},
{"roboform.dll", MAKE_VERSION(7,6,1,0)},
// Topcrash with Babylon Toolbar on FF16+ (bug 721264)
{"babyfox.dll", ALL_VERSIONS},
// sprotector.dll crashes, bug 957258
{"sprotector.dll", ALL_VERSIONS},
// leave these two in always for tests
{ "mozdllblockingtest.dll", ALL_VERSIONS },
{ "mozdllblockingtest_versioned.dll", 0x0000000400000000ULL },
// Windows Media Foundation FLAC decoder and type sniffer (bug 839031).
{ "mfflac.dll", ALL_VERSIONS },
// Older Relevant Knowledge DLLs cause us to crash (bug 904001).
{ "rlnx.dll", MAKE_VERSION(1, 3, 334, 9) },
{ "pmnx.dll", MAKE_VERSION(1, 3, 334, 9) },
{ "opnx.dll", MAKE_VERSION(1, 3, 334, 9) },
{ "prnx.dll", MAKE_VERSION(1, 3, 334, 9) },
// Older belgian ID card software causes Firefox to crash or hang on
// shutdown, bug 831285 and 918399.
{ "beid35cardlayer.dll", MAKE_VERSION(3, 5, 6, 6968) },
// bug 925459, bitguard crashes
{ "bitguard.dll", ALL_VERSIONS },
// bug 812683 - crashes in Windows library when Asus Gamer OSD is installed
// Software is discontinued/unsupported
{ "atkdx11disp.dll", ALL_VERSIONS },
// Topcrash with Conduit SearchProtect, bug 944542
{ "spvc32.dll", ALL_VERSIONS },
// Topcrash with V-bates, bug 1002748 and bug 1023239
{ "libinject.dll", UNVERSIONED },
{ "libinject2.dll", 0x537DDC93, DllBlockInfo::USE_TIMESTAMP },
{ "libredir2.dll", 0x5385B7ED, DllBlockInfo::USE_TIMESTAMP },
// Crashes with RoboForm2Go written against old SDK, bug 988311/1196859
{ "rf-firefox-22.dll", ALL_VERSIONS },
{ "rf-firefox-40.dll", ALL_VERSIONS },
// Crashes with DesktopTemperature, bug 1046382
{ "dtwxsvc.dll", 0x53153234, DllBlockInfo::USE_TIMESTAMP },
// Startup crashes with Lenovo Onekey Theater, bug 1123778
{ "activedetect32.dll", UNVERSIONED },
{ "activedetect64.dll", UNVERSIONED },
{ "windowsapihookdll32.dll", UNVERSIONED },
{ "windowsapihookdll64.dll", UNVERSIONED },
// Flash crashes with RealNetworks RealDownloader, bug 1132663
{ "rndlnpshimswf.dll", ALL_VERSIONS },
{ "rndlmainbrowserrecordplugin.dll", ALL_VERSIONS },
// Startup crashes with RealNetworks Browser Record Plugin, bug 1170141
{ "nprpffbrowserrecordext.dll", ALL_VERSIONS },
{ "nprndlffbrowserrecordext.dll", ALL_VERSIONS },
// Crashes with CyberLink YouCam, bug 1136968
{ "ycwebcamerasource.ax", MAKE_VERSION(2, 0, 0, 1611) },
// Old version of WebcamMax crashes WebRTC, bug 1130061
{ "vwcsource.ax", MAKE_VERSION(1, 5, 0, 0) },
// NetOp School, discontinued product, bug 763395
{ "nlsp.dll", MAKE_VERSION(6, 23, 2012, 19) },
// Orbit Downloader, bug 1222819
{ "grabdll.dll", MAKE_VERSION(2, 6, 1, 0) },
{ "grabkernel.dll", MAKE_VERSION(1, 0, 0, 1) },
// ESET, bug 1229252
{ "eoppmonitor.dll", ALL_VERSIONS },
// SS2OSD, bug 1262348
{ "ss2osd.dll", ALL_VERSIONS },
{ "ss2devprops.dll", ALL_VERSIONS },
// NHASUSSTRIXOSD.DLL, bug 1269244
{ "nhasusstrixosd.dll", ALL_VERSIONS },
{ "nhasusstrixdevprops.dll", ALL_VERSIONS },
// Crashes with PremierOpinion/RelevantKnowledge, bug 1277846
{ "opls.dll", ALL_VERSIONS },
{ "opls64.dll", ALL_VERSIONS },
{ "pmls.dll", ALL_VERSIONS },
{ "pmls64.dll", ALL_VERSIONS },
{ "prls.dll", ALL_VERSIONS },
{ "prls64.dll", ALL_VERSIONS },
{ "rlls.dll", ALL_VERSIONS },
{ "rlls64.dll", ALL_VERSIONS },
// Vorbis DirectShow filters, bug 1239690.
{ "vorbis.acm", MAKE_VERSION(0, 0, 3, 6) },
// AhnLab Internet Security, bug 1311969
{ "nzbrcom.dll", ALL_VERSIONS },
// K7TotalSecurity, bug 1339083.
{ "k7pswsen.dll", MAKE_VERSION(15, 2, 2, 95) },
// smci*.dll - goobzo crashware (bug 1339908)
{ "smci32.dll", ALL_VERSIONS },
{ "smci64.dll", ALL_VERSIONS },
// Crashes with Internet Download Manager, bug 1333486
{ "idmcchandler7.dll", ALL_VERSIONS },
{ "idmcchandler7_64.dll", ALL_VERSIONS },
{ "idmcchandler5.dll", ALL_VERSIONS },
{ "idmcchandler5_64.dll", ALL_VERSIONS },
// Nahimic 2 breaks applicaton update (bug 1356637)
{ "nahimic2devprops.dll", MAKE_VERSION(2, 5, 19, 0xffff) },
// Nahimic is causing crashes, bug 1233556
{ "nahimicmsiosd.dll", UNVERSIONED },
// Nahimic is causing crashes, bug 1360029
{ "nahimicvrdevprops.dll", UNVERSIONED },
{ "nahimic2osd.dll", MAKE_VERSION(2, 5, 19, 0xffff) },
{ "nahimicmsidevprops.dll", UNVERSIONED },
// Bug 1268470 - crashes with Kaspersky Lab on Windows 8
{ "klsihk64.dll", MAKE_VERSION(14, 0, 456, 0xffff), DllBlockInfo::BLOCK_WIN8_ONLY },
// Bug 1407337, crashes with OpenSC < 0.16.0
{ "onepin-opensc-pkcs11.dll", MAKE_VERSION(0, 15, 0xffff, 0xffff) },
// Avecto Privilege Guard causes crashes, bug 1385542
{ "pghook.dll", ALL_VERSIONS },
// Old versions of G DATA BankGuard, bug 1421991
{ "banksafe64.dll", MAKE_VERSION(1, 2, 15299, 65535) },
// Old versions of G DATA, bug 1043775
{ "gdkbfltdll64.dll", MAKE_VERSION(1, 0, 14141, 240) },
// Dell Backup and Recovery tool causes crashes, bug 1433408
{ "dbroverlayiconnotbackuped.dll", MAKE_VERSION(1, 8, 0, 9) },
{ "dbroverlayiconbackuped.dll", MAKE_VERSION(1, 8, 0, 9) },
{ nullptr, 0 }
};
#ifndef STATUS_DLL_NOT_FOUND
#define STATUS_DLL_NOT_FOUND ((DWORD)0xC0000135L)
#endif
// define this for very verbose dll load debug spew
#undef DEBUG_very_verbose
@ -268,7 +504,7 @@ private:
{
}
const char* mName; // points into the gWindowsDllBlocklist string
const char* mName; // points into the sWindowsDllBlocklist string
unsigned long long mVersion;
DllBlockSet* mNext;
@ -387,6 +623,8 @@ patched_LdrLoadDll (PWCHAR filePath, PULONG flags, PUNICODE_STRING moduleFileNam
wchar_t *fname = moduleFileName->Buffer;
UniquePtr<wchar_t[]> full_fname;
const DllBlockInfo* info = &sWindowsDllBlocklist[0];
// The filename isn't guaranteed to be null terminated, but in practice
// it always will be; ensure that this is so, and bail if not.
// This is done instead of the more robust approach because of bug 527122,
@ -445,117 +683,114 @@ patched_LdrLoadDll (PWCHAR filePath, PULONG flags, PUNICODE_STRING moduleFileNam
printf_stderr("LdrLoadDll: dll name '%s'\n", dllName);
#endif
if (!(sInitFlags & eDllBlocklistInitFlagWasBootstrapped)) {
// Block a suspicious binary that uses various 12-digit hex strings
// e.g. MovieMode.48CA2AEFA22D.dll (bug 973138)
dot = strchr(dllName, '.');
if (dot && (strchr(dot+1, '.') == dot+13)) {
char * end = nullptr;
_strtoui64(dot+1, &end, 16);
if (end == dot+13) {
return STATUS_DLL_NOT_FOUND;
}
// Block a suspicious binary that uses various 12-digit hex strings
// e.g. MovieMode.48CA2AEFA22D.dll (bug 973138)
dot = strchr(dllName, '.');
if (dot && (strchr(dot+1, '.') == dot+13)) {
char * end = nullptr;
_strtoui64(dot+1, &end, 16);
if (end == dot+13) {
return STATUS_DLL_NOT_FOUND;
}
// Block binaries where the filename is at least 16 hex digits
if (dot && ((dot - dllName) >= 16)) {
char * current = dllName;
while (current < dot && isxdigit(*current)) {
current++;
}
if (current == dot) {
return STATUS_DLL_NOT_FOUND;
}
}
// Block binaries where the filename is at least 16 hex digits
if (dot && ((dot - dllName) >= 16)) {
char * current = dllName;
while (current < dot && isxdigit(*current)) {
current++;
}
// then compare to everything on the blocklist
DECLARE_POINTER_TO_FIRST_DLL_BLOCKLIST_ENTRY(info);
while (info->name) {
if (strcmp(info->name, dllName) == 0)
break;
info++;
if (current == dot) {
return STATUS_DLL_NOT_FOUND;
}
}
if (info->name) {
bool load_ok = false;
// then compare to everything on the blocklist
while (info->name) {
if (strcmp(info->name, dllName) == 0)
break;
info++;
}
if (info->name) {
bool load_ok = false;
#ifdef DEBUG_very_verbose
printf_stderr("LdrLoadDll: info->name: '%s'\n", info->name);
printf_stderr("LdrLoadDll: info->name: '%s'\n", info->name);
#endif
if ((info->flags & DllBlockInfo::BLOCK_WIN8PLUS_ONLY) &&
!IsWin8OrLater()) {
if ((info->flags & DllBlockInfo::BLOCK_WIN8PLUS_ONLY) &&
!IsWin8OrLater()) {
goto continue_loading;
}
if ((info->flags & DllBlockInfo::BLOCK_WIN8_ONLY) &&
(!IsWin8OrLater() || IsWin8Point1OrLater())) {
goto continue_loading;
}
if ((info->flags & DllBlockInfo::CHILD_PROCESSES_ONLY) &&
!(sInitFlags & eDllBlocklistInitFlagIsChildProcess)) {
goto continue_loading;
}
unsigned long long fVersion = ALL_VERSIONS;
if (info->maxVersion != ALL_VERSIONS) {
ReentrancySentinel sentinel(dllName);
if (sentinel.BailOut()) {
goto continue_loading;
}
if ((info->flags & DllBlockInfo::BLOCK_WIN8_ONLY) &&
(!IsWin8OrLater() || IsWin8Point1OrLater())) {
goto continue_loading;
}
if ((info->flags & DllBlockInfo::CHILD_PROCESSES_ONLY) &&
!(sInitFlags & eDllBlocklistInitFlagIsChildProcess)) {
goto continue_loading;
}
unsigned long long fVersion = ALL_VERSIONS;
if (info->maxVersion != ALL_VERSIONS) {
ReentrancySentinel sentinel(dllName);
if (sentinel.BailOut()) {
goto continue_loading;
}
full_fname = getFullPath(filePath, fname);
if (!full_fname) {
// uh, we couldn't find the DLL at all, so...
printf_stderr("LdrLoadDll: Blocking load of '%s' (SearchPathW didn't find it?)\n", dllName);
return STATUS_DLL_NOT_FOUND;
}
if (info->flags & DllBlockInfo::USE_TIMESTAMP) {
fVersion = GetTimestamp(full_fname.get());
if (fVersion > info->maxVersion) {
load_ok = true;
}
} else {
DWORD zero;
DWORD infoSize = GetFileVersionInfoSizeW(full_fname.get(), &zero);
// If we failed to get the version information, we block.
if (infoSize != 0) {
auto infoData = MakeUnique<unsigned char[]>(infoSize);
VS_FIXEDFILEINFO *vInfo;
UINT vInfoLen;
if (GetFileVersionInfoW(full_fname.get(), 0, infoSize, infoData.get()) &&
VerQueryValueW(infoData.get(), L"\\", (LPVOID*) &vInfo, &vInfoLen))
{
fVersion =
((unsigned long long)vInfo->dwFileVersionMS) << 32 |
((unsigned long long)vInfo->dwFileVersionLS);
// finally do the version check, and if it's greater than our block
// version, keep loading
if (fVersion > info->maxVersion)
load_ok = true;
}
}
}
}
if (!load_ok) {
printf_stderr("LdrLoadDll: Blocking load of '%s' -- see http://www.mozilla.com/en-US/blocklist/\n", dllName);
DllBlockSet::Add(info->name, fVersion);
full_fname = getFullPath(filePath, fname);
if (!full_fname) {
// uh, we couldn't find the DLL at all, so...
printf_stderr("LdrLoadDll: Blocking load of '%s' (SearchPathW didn't find it?)\n", dllName);
return STATUS_DLL_NOT_FOUND;
}
if (info->flags & DllBlockInfo::USE_TIMESTAMP) {
fVersion = GetTimestamp(full_fname.get());
if (fVersion > info->maxVersion) {
load_ok = true;
}
} else {
DWORD zero;
DWORD infoSize = GetFileVersionInfoSizeW(full_fname.get(), &zero);
// If we failed to get the version information, we block.
if (infoSize != 0) {
auto infoData = MakeUnique<unsigned char[]>(infoSize);
VS_FIXEDFILEINFO *vInfo;
UINT vInfoLen;
if (GetFileVersionInfoW(full_fname.get(), 0, infoSize, infoData.get()) &&
VerQueryValueW(infoData.get(), L"\\", (LPVOID*) &vInfo, &vInfoLen))
{
fVersion =
((unsigned long long)vInfo->dwFileVersionMS) << 32 |
((unsigned long long)vInfo->dwFileVersionLS);
// finally do the version check, and if it's greater than our block
// version, keep loading
if (fVersion > info->maxVersion)
load_ok = true;
}
}
}
}
if (!load_ok) {
printf_stderr("LdrLoadDll: Blocking load of '%s' -- see http://www.mozilla.com/en-US/blocklist/\n", dllName);
DllBlockSet::Add(info->name, fVersion);
return STATUS_DLL_NOT_FOUND;
}
}
continue_loading:
#ifdef DEBUG_very_verbose
printf_stderr("LdrLoadDll: continuing load... ('%S')\n", moduleFileName->Buffer);
printf_stderr("LdrLoadDll: continuing load... ('%S')\n", moduleFileName->Buffer);
#endif
// A few DLLs such as xul.dll and nss3.dll get loaded before mozglue's
@ -626,9 +861,6 @@ patched_BaseThreadInitThunk(BOOL aIsInitialThread, void* aStartAddress,
static WindowsDllInterceptor NtDllIntercept;
static WindowsDllInterceptor Kernel32Intercept;
static void
GetNativeNtBlockSetWriter();
MFBT_API void
DllBlocklist_Initialize(uint32_t aInitFlags)
{
@ -636,11 +868,6 @@ DllBlocklist_Initialize(uint32_t aInitFlags)
return;
}
sInitFlags = aInitFlags;
if (sInitFlags & eDllBlocklistInitFlagWasBootstrapped) {
GetNativeNtBlockSetWriter();
}
sBlocklistInitAttempted = true;
#if defined(NIGHTLY_BUILD)
gStartAddressesToBlock = new mozilla::Vector<void*, 4>;
@ -696,7 +923,7 @@ DllBlocklist_Initialize(uint32_t aInitFlags)
reinterpret_cast<intptr_t>(patched_BaseThreadInitThunk),
(void**) &stub_BaseThreadInitThunk)) {
#ifdef DEBUG
printf_stderr("BaseThreadInitThunk hook failed\n");
printf_stderr("BaseThreadInitThunk hook failed\n");
#endif
}
}
@ -730,8 +957,8 @@ DllBlocklist_Initialize(uint32_t aInitFlags)
#endif
}
static void
InternalWriteNotes(HANDLE file)
MFBT_API void
DllBlocklist_WriteNotes(HANDLE file)
{
DWORD nBytes;
@ -750,26 +977,6 @@ InternalWriteNotes(HANDLE file)
}
}
using WriterFn = void (*)(HANDLE);
static WriterFn gWriterFn = &InternalWriteNotes;
static void
GetNativeNtBlockSetWriter()
{
auto nativeWriter = reinterpret_cast<WriterFn>(
::GetProcAddress(::GetModuleHandleW(nullptr), "NativeNtBlockSet_Write"));
if (nativeWriter) {
gWriterFn = nativeWriter;
}
}
MFBT_API void
DllBlocklist_WriteNotes(HANDLE file)
{
MOZ_ASSERT(gWriterFn);
gWriterFn(file);
}
MFBT_API bool
DllBlocklist_CheckStatus()
{

3
mozglue/build/WindowsDllBlocklist.h
View File

@ -17,8 +17,7 @@
enum DllBlocklistInitFlags
{
eDllBlocklistInitFlagDefault = 0,
eDllBlocklistInitFlagIsChildProcess = 1,
eDllBlocklistInitFlagWasBootstrapped = 2
eDllBlocklistInitFlagIsChildProcess = 1
};
MFBT_API void DllBlocklist_Initialize(uint32_t aInitFlags = eDllBlocklistInitFlagDefault);

83
mozglue/build/WindowsDllBlocklistCommon.h
View File

@ -1,83 +0,0 @@
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
#ifndef mozilla_WindowsDllBlocklistCommon_h
#define mozilla_WindowsDllBlocklistCommon_h
#include <stdint.h>
namespace mozilla {
template <typename CharType>
struct DllBlockInfoT {
// The name of the DLL -- in LOWERCASE! It will be compared to
// a lowercase version of the DLL name only.
const CharType* name;
// If maxVersion is ALL_VERSIONS, we'll block all versions of this
// dll. Otherwise, we'll block all versions less than or equal to
// the given version, as queried by GetFileVersionInfo and
// VS_FIXEDFILEINFO's dwFileVersionMS and dwFileVersionLS fields.
//
// Note that the version is usually 4 components, which is A.B.C.D
// encoded as 0x AAAA BBBB CCCC DDDD ULL (spaces added for clarity),
// but it's not required to be of that format.
uint64_t maxVersion;
// If the USE_TIMESTAMP flag is set, then we use the timestamp from
// the IMAGE_FILE_HEADER in lieu of a version number.
//
// If the CHILD_PROCESSES_ONLY flag is set, then the dll is blocked
// only when we are a child process.
enum Flags {
FLAGS_DEFAULT = 0,
BLOCK_WIN8PLUS_ONLY = 1,
BLOCK_WIN8_ONLY = 2,
USE_TIMESTAMP = 4,
CHILD_PROCESSES_ONLY = 8
} flags;
static const uint64_t ALL_VERSIONS = (uint64_t) -1LL;
// DLLs sometimes ship without a version number, particularly early
// releases. Blocking "version <= 0" has the effect of blocking unversioned
// DLLs (since the call to get version info fails), but not blocking
// any versioned instance.
static const uint64_t UNVERSIONED = 0ULL;
};
} // namespace mozilla
// Convert the 4 (decimal) components of a DLL version number into a
// single unsigned long long, as needed by the blocklist
static inline constexpr uint64_t
MAKE_VERSION(uint16_t a, uint16_t b, uint16_t c, uint16_t d)
{
return static_cast<uint64_t>(a) << 48 |
static_cast<uint64_t>(b) << 32 |
static_cast<uint64_t>(c) << 16 |
static_cast<uint64_t>(d);
}
#if !defined(DLL_BLOCKLIST_CHAR_TYPE)
#error "You must define DLL_BLOCKLIST_CHAR_TYPE"
#endif // !defined(DLL_BLOCKLIST_CHAR_TYPE)
#define DLL_BLOCKLIST_DEFINITIONS_BEGIN \
using DllBlockInfo = mozilla::DllBlockInfoT<DLL_BLOCKLIST_CHAR_TYPE>; \
static const DllBlockInfo gWindowsDllBlocklist[] = {
#define ALL_VERSIONS DllBlockInfo::ALL_VERSIONS
#define UNVERSIONED DllBlockInfo::UNVERSIONED
#define DLL_BLOCKLIST_DEFINITIONS_END \
{nullptr, 0} \
};
#define DECLARE_POINTER_TO_FIRST_DLL_BLOCKLIST_ENTRY(name) \
const DllBlockInfo* name = &gWindowsDllBlocklist[0]
#endif // mozilla_WindowsDllBlocklistCommon_h

206
mozglue/build/WindowsDllBlocklistDefs.h
View File

@ -1,206 +0,0 @@
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
#ifndef mozilla_WindowsDllBlocklistDefs_h
#define mozilla_WindowsDllBlocklistDefs_h
#include "mozilla/WindowsDllBlocklistCommon.h"
DLL_BLOCKLIST_DEFINITIONS_BEGIN
// EXAMPLE:
// DLL_BLOCKLIST_ENTRY("uxtheme.dll", ALL_VERSIONS)
// DLL_BLOCKLIST_ENTRY("uxtheme.dll", 0x0000123400000000ULL)
// The DLL name must be in lowercase!
// The version field is a maximum, that is, we block anything that is
// less-than or equal to that version.
// NPFFAddon - Known malware
DLL_BLOCKLIST_ENTRY("npffaddon.dll", ALL_VERSIONS)
// AVG 8 - Antivirus vendor AVG, old version, plugin already blocklisted
DLL_BLOCKLIST_ENTRY("avgrsstx.dll", MAKE_VERSION(8,5,0,401))
// calc.dll - Suspected malware
DLL_BLOCKLIST_ENTRY("calc.dll", MAKE_VERSION(1,0,0,1))
// hook.dll - Suspected malware
DLL_BLOCKLIST_ENTRY("hook.dll", ALL_VERSIONS)
// GoogleDesktopNetwork3.dll - Extremely old, unversioned instances
// of this DLL cause crashes
DLL_BLOCKLIST_ENTRY("googledesktopnetwork3.dll", UNVERSIONED)
// rdolib.dll - Suspected malware
DLL_BLOCKLIST_ENTRY("rdolib.dll", MAKE_VERSION(6,0,88,4))
// fgjk4wvb.dll - Suspected malware
DLL_BLOCKLIST_ENTRY("fgjk4wvb.dll", MAKE_VERSION(8,8,8,8))
// radhslib.dll - Naomi internet filter - unmaintained since 2006
DLL_BLOCKLIST_ENTRY("radhslib.dll", UNVERSIONED)
// Music download filter for vkontakte.ru - old instances
// of this DLL cause crashes
DLL_BLOCKLIST_ENTRY("vksaver.dll", MAKE_VERSION(2,2,2,0))
// Topcrash in Firefox 4.0b1
DLL_BLOCKLIST_ENTRY("rlxf.dll", MAKE_VERSION(1,2,323,1))
// psicon.dll - Topcrashes in Thunderbird, and some crashes in Firefox
// Adobe photoshop library, now redundant in later installations
DLL_BLOCKLIST_ENTRY("psicon.dll", ALL_VERSIONS)
// Topcrash in Firefox 4 betas (bug 618899)
DLL_BLOCKLIST_ENTRY("accelerator.dll", MAKE_VERSION(3,2,1,6))
// Topcrash with Roboform in Firefox 8 (bug 699134)
DLL_BLOCKLIST_ENTRY("rf-firefox.dll", MAKE_VERSION(7,6,1,0))
DLL_BLOCKLIST_ENTRY("roboform.dll", MAKE_VERSION(7,6,1,0))
// Topcrash with Babylon Toolbar on FF16+ (bug 721264)
DLL_BLOCKLIST_ENTRY("babyfox.dll", ALL_VERSIONS)
// sprotector.dll crashes, bug 957258
DLL_BLOCKLIST_ENTRY("sprotector.dll", ALL_VERSIONS)
// leave these two in always for tests
DLL_BLOCKLIST_ENTRY("mozdllblockingtest.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("mozdllblockingtest_versioned.dll", 0x0000000400000000ULL)
// Windows Media Foundation FLAC decoder and type sniffer (bug 839031).
DLL_BLOCKLIST_ENTRY("mfflac.dll", ALL_VERSIONS)
// Older Relevant Knowledge DLLs cause us to crash (bug 904001).
DLL_BLOCKLIST_ENTRY("rlnx.dll", MAKE_VERSION(1, 3, 334, 9))
DLL_BLOCKLIST_ENTRY("pmnx.dll", MAKE_VERSION(1, 3, 334, 9))
DLL_BLOCKLIST_ENTRY("opnx.dll", MAKE_VERSION(1, 3, 334, 9))
DLL_BLOCKLIST_ENTRY("prnx.dll", MAKE_VERSION(1, 3, 334, 9))
// Older belgian ID card software causes Firefox to crash or hang on
// shutdown, bug 831285 and 918399.
DLL_BLOCKLIST_ENTRY("beid35cardlayer.dll", MAKE_VERSION(3, 5, 6, 6968))
// bug 925459, bitguard crashes
DLL_BLOCKLIST_ENTRY("bitguard.dll", ALL_VERSIONS)
// bug 812683 - crashes in Windows library when Asus Gamer OSD is installed
// Software is discontinued/unsupported
DLL_BLOCKLIST_ENTRY("atkdx11disp.dll", ALL_VERSIONS)
// Topcrash with Conduit SearchProtect, bug 944542
DLL_BLOCKLIST_ENTRY("spvc32.dll", ALL_VERSIONS)
// Topcrash with V-bates, bug 1002748 and bug 1023239
DLL_BLOCKLIST_ENTRY("libinject.dll", UNVERSIONED)
DLL_BLOCKLIST_ENTRY("libinject2.dll", 0x537DDC93, DllBlockInfo::USE_TIMESTAMP)
DLL_BLOCKLIST_ENTRY("libredir2.dll", 0x5385B7ED, DllBlockInfo::USE_TIMESTAMP)
// Crashes with RoboForm2Go written against old SDK, bug 988311/1196859
DLL_BLOCKLIST_ENTRY("rf-firefox-22.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("rf-firefox-40.dll", ALL_VERSIONS)
// Crashes with DesktopTemperature, bug 1046382
DLL_BLOCKLIST_ENTRY("dtwxsvc.dll", 0x53153234, DllBlockInfo::USE_TIMESTAMP)
// Startup crashes with Lenovo Onekey Theater, bug 1123778
DLL_BLOCKLIST_ENTRY("activedetect32.dll", UNVERSIONED)
DLL_BLOCKLIST_ENTRY("activedetect64.dll", UNVERSIONED)
DLL_BLOCKLIST_ENTRY("windowsapihookdll32.dll", UNVERSIONED)
DLL_BLOCKLIST_ENTRY("windowsapihookdll64.dll", UNVERSIONED)
// Flash crashes with RealNetworks RealDownloader, bug 1132663
DLL_BLOCKLIST_ENTRY("rndlnpshimswf.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("rndlmainbrowserrecordplugin.dll", ALL_VERSIONS)
// Startup crashes with RealNetworks Browser Record Plugin, bug 1170141
DLL_BLOCKLIST_ENTRY("nprpffbrowserrecordext.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("nprndlffbrowserrecordext.dll", ALL_VERSIONS)
// Crashes with CyberLink YouCam, bug 1136968
DLL_BLOCKLIST_ENTRY("ycwebcamerasource.ax", MAKE_VERSION(2, 0, 0, 1611))
// Old version of WebcamMax crashes WebRTC, bug 1130061
DLL_BLOCKLIST_ENTRY("vwcsource.ax", MAKE_VERSION(1, 5, 0, 0))
// NetOp School, discontinued product, bug 763395
DLL_BLOCKLIST_ENTRY("nlsp.dll", MAKE_VERSION(6, 23, 2012, 19))
// Orbit Downloader, bug 1222819
DLL_BLOCKLIST_ENTRY("grabdll.dll", MAKE_VERSION(2, 6, 1, 0))
DLL_BLOCKLIST_ENTRY("grabkernel.dll", MAKE_VERSION(1, 0, 0, 1))
// ESET, bug 1229252
DLL_BLOCKLIST_ENTRY("eoppmonitor.dll", ALL_VERSIONS)
// SS2OSD, bug 1262348
DLL_BLOCKLIST_ENTRY("ss2osd.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("ss2devprops.dll", ALL_VERSIONS)
// NHASUSSTRIXOSD.DLL, bug 1269244
DLL_BLOCKLIST_ENTRY("nhasusstrixosd.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("nhasusstrixdevprops.dll", ALL_VERSIONS)
// Crashes with PremierOpinion/RelevantKnowledge, bug 1277846
DLL_BLOCKLIST_ENTRY("opls.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("opls64.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("pmls.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("pmls64.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("prls.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("prls64.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("rlls.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("rlls64.dll", ALL_VERSIONS)
// Vorbis DirectShow filters, bug 1239690.
DLL_BLOCKLIST_ENTRY("vorbis.acm", MAKE_VERSION(0, 0, 3, 6))
// AhnLab Internet Security, bug 1311969
DLL_BLOCKLIST_ENTRY("nzbrcom.dll", ALL_VERSIONS)
// K7TotalSecurity, bug 1339083.
DLL_BLOCKLIST_ENTRY("k7pswsen.dll", MAKE_VERSION(15, 2, 2, 95))
// smci*.dll - goobzo crashware (bug 1339908)
DLL_BLOCKLIST_ENTRY("smci32.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("smci64.dll", ALL_VERSIONS)
// Crashes with Internet Download Manager, bug 1333486
DLL_BLOCKLIST_ENTRY("idmcchandler7.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("idmcchandler7_64.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("idmcchandler5.dll", ALL_VERSIONS)
DLL_BLOCKLIST_ENTRY("idmcchandler5_64.dll", ALL_VERSIONS)
// Nahimic 2 breaks applicaton update (bug 1356637)
DLL_BLOCKLIST_ENTRY("nahimic2devprops.dll", MAKE_VERSION(2, 5, 19, 0xffff))
// Nahimic is causing crashes, bug 1233556
DLL_BLOCKLIST_ENTRY("nahimicmsiosd.dll", UNVERSIONED)
// Nahimic is causing crashes, bug 1360029
DLL_BLOCKLIST_ENTRY("nahimicvrdevprops.dll", UNVERSIONED)
DLL_BLOCKLIST_ENTRY("nahimic2osd.dll", MAKE_VERSION(2, 5, 19, 0xffff))
DLL_BLOCKLIST_ENTRY("nahimicmsidevprops.dll", UNVERSIONED)
// Bug 1268470 - crashes with Kaspersky Lab on Windows 8
DLL_BLOCKLIST_ENTRY("klsihk64.dll", MAKE_VERSION(14, 0, 456, 0xffff), DllBlockInfo::BLOCK_WIN8_ONLY)
// Bug 1407337, crashes with OpenSC < 0.16.0
DLL_BLOCKLIST_ENTRY("onepin-opensc-pkcs11.dll", MAKE_VERSION(0, 15, 0xffff, 0xffff))
// Avecto Privilege Guard causes crashes, bug 1385542
DLL_BLOCKLIST_ENTRY("pghook.dll", ALL_VERSIONS)
// Old versions of G DATA BankGuard, bug 1421991
DLL_BLOCKLIST_ENTRY("banksafe64.dll", MAKE_VERSION(1, 2, 15299, 65535))
// Old versions of G DATA, bug 1043775
DLL_BLOCKLIST_ENTRY("gdkbfltdll64.dll", MAKE_VERSION(1, 0, 14141, 240))
// Dell Backup and Recovery tool causes crashes, bug 1433408
DLL_BLOCKLIST_ENTRY("dbroverlayiconnotbackuped.dll", MAKE_VERSION(1, 8, 0, 9))
DLL_BLOCKLIST_ENTRY("dbroverlayiconbackuped.dll", MAKE_VERSION(1, 8, 0, 9))
DLL_BLOCKLIST_DEFINITIONS_END
#endif // mozilla_WindowsDllBlocklistDefs_h

2
mozglue/build/moz.build
View File

@ -72,8 +72,6 @@ if CONFIG['MOZ_WIDGET_TOOLKIT']:
]
EXPORTS.mozilla += [
'Authenticode.h',
'WindowsDllBlocklistCommon.h',
'WindowsDllBlocklistDefs.h',
]
EXPORTS.mozilla.glue += [
'WindowsDllServices.h',