diff --git a/browser/app/winlauncher/LaunchUnelevated.cpp b/browser/app/LaunchUnelevated.cpp similarity index 100% rename from browser/app/winlauncher/LaunchUnelevated.cpp rename to browser/app/LaunchUnelevated.cpp diff --git a/browser/app/winlauncher/LaunchUnelevated.h b/browser/app/LaunchUnelevated.h similarity index 100% rename from browser/app/winlauncher/LaunchUnelevated.h rename to browser/app/LaunchUnelevated.h diff --git a/browser/app/winlauncher/LauncherProcessWin.cpp b/browser/app/LauncherProcessWin.cpp similarity index 98% rename from browser/app/winlauncher/LauncherProcessWin.cpp rename to browser/app/LauncherProcessWin.cpp index a9f5ebfea8cc..ed338cf2ae55 100644 --- a/browser/app/winlauncher/LauncherProcessWin.cpp +++ b/browser/app/LauncherProcessWin.cpp @@ -21,7 +21,6 @@ #include #include -#include "DllBlocklistWin.h" #include "LaunchUnelevated.h" #include "ProcThreadAttributes.h" @@ -35,7 +34,7 @@ static bool PostCreationSetup(HANDLE aChildProcess, HANDLE aChildMainThread, const bool aIsSafeMode) { - return mozilla::InitializeDllBlocklistOOP(aChildProcess); + return true; } #if !defined(PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_ALWAYS_ON) diff --git a/browser/app/winlauncher/LauncherProcessWin.h b/browser/app/LauncherProcessWin.h similarity index 100% rename from browser/app/winlauncher/LauncherProcessWin.h rename to browser/app/LauncherProcessWin.h diff --git a/browser/app/winlauncher/ProcThreadAttributes.h b/browser/app/ProcThreadAttributes.h similarity index 100% rename from browser/app/winlauncher/ProcThreadAttributes.h rename to browser/app/ProcThreadAttributes.h diff --git a/browser/app/moz.build b/browser/app/moz.build index 3cda1fd26ff1..4a17916b085d 100644 --- a/browser/app/moz.build +++ b/browser/app/moz.build @@ -62,14 +62,17 @@ if CONFIG['CC_TYPE'] in ('msvc', 'clang-cl'): if CONFIG['OS_ARCH'] == 'WINNT': RCINCLUDE = 'splash.rc' DEFINES['MOZ_PHOENIX'] = True - DIRS += [ - 'winlauncher', + SOURCES += [ + 'LauncherProcessWin.cpp', + 'LaunchUnelevated.cpp', ] - USE_LIBS += [ - 'winlauncher', + DELAYLOAD_DLLS += [ + 'oleaut32.dll', + 'ole32.dll', ] - LOCAL_INCLUDES += [ - '/browser/app/winlauncher', + OS_LIBS += [ + 'oleaut32', + 'ole32', ] if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_ARCH'] == 'WINNT': diff --git a/browser/app/nsBrowserApp.cpp b/browser/app/nsBrowserApp.cpp index ef4ebad9ca67..f9491f43137b 100644 --- a/browser/app/nsBrowserApp.cpp +++ b/browser/app/nsBrowserApp.cpp @@ -254,11 +254,6 @@ InitXPCOMGlue() return NS_OK; } -#ifdef HAS_DLL_BLOCKLIST -// NB: This must be extern, as this value is checked elsewhere -uint32_t gBlocklistInitFlags = eDllBlocklistInitFlagDefault; -#endif - int main(int argc, char* argv[], char* envp[]) { mozilla::TimeStamp start = mozilla::TimeStamp::Now(); @@ -294,7 +289,7 @@ int main(int argc, char* argv[], char* envp[]) #endif #ifdef HAS_DLL_BLOCKLIST - DllBlocklist_Initialize(gBlocklistInitFlags); + DllBlocklist_Initialize(); #endif nsresult rv = InitXPCOMGlue(); diff --git a/browser/app/winlauncher/DllBlocklistWin.cpp b/browser/app/winlauncher/DllBlocklistWin.cpp deleted file mode 100644 index 82e1d77d3722..000000000000 --- a/browser/app/winlauncher/DllBlocklistWin.cpp +++ /dev/null @@ -1,431 +0,0 @@ -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* vim: set ts=8 sts=2 et sw=2 tw=80: */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at https://mozilla.org/MPL/2.0/. */ - -#include "NativeNt.h" -#include "nsWindowsDllInterceptor.h" -#include "mozilla/ArrayUtils.h" -#include "mozilla/Attributes.h" -#include "mozilla/Types.h" -#include "mozilla/WindowsDllBlocklist.h" - -#define DLL_BLOCKLIST_ENTRY(name, ...) \ - { L##name, __VA_ARGS__ }, -#define DLL_BLOCKLIST_CHAR_TYPE wchar_t - -// Restrict the blocklist definitions to Nightly-only for now -#if defined(NIGHTLY_BUILD) -#include "mozilla/WindowsDllBlocklistDefs.h" -#else -#include "mozilla/WindowsDllBlocklistCommon.h" -DLL_BLOCKLIST_DEFINITIONS_BEGIN -DLL_BLOCKLIST_DEFINITIONS_END -#endif - -extern uint32_t gBlocklistInitFlags; - -static const HANDLE kCurrentProcess = reinterpret_cast(-1); - -class MOZ_STATIC_CLASS MOZ_TRIVIAL_CTOR_DTOR NativeNtBlockSet final -{ - struct NativeNtBlockSetEntry - { - NativeNtBlockSetEntry() = default; - ~NativeNtBlockSetEntry() = default; - NativeNtBlockSetEntry(const wchar_t* aName, uint64_t aVersion, - NativeNtBlockSetEntry* aNext) - : mName(aName) - , mVersion(aVersion) - , mNext(aNext) - {} - const wchar_t* mName; - uint64_t mVersion; - NativeNtBlockSetEntry* mNext; - }; - -public: - // Constructor and destructor MUST be trivial - NativeNtBlockSet() = default; - ~NativeNtBlockSet() = default; - - void Add(const wchar_t* aName, uint64_t aVersion); - void Write(HANDLE aFile); - -private: - static NativeNtBlockSetEntry* NewEntry(const wchar_t* aName, uint64_t aVersion, - NativeNtBlockSetEntry* aNextEntry); - -private: - NativeNtBlockSetEntry* mFirstEntry; - // SRWLOCK_INIT == 0, so this is okay to use without any additional work as - // long as NativeNtBlockSet is instantiated statically - SRWLOCK mLock; -}; - -NativeNtBlockSet::NativeNtBlockSetEntry* -NativeNtBlockSet::NewEntry(const wchar_t* aName, uint64_t aVersion, - NativeNtBlockSet::NativeNtBlockSetEntry* aNextEntry) -{ - HANDLE processHeap = mozilla::nt::RtlGetProcessHeap(); - if (!processHeap) { - return nullptr; - } - - PVOID memory = ::RtlAllocateHeap(processHeap, 0, sizeof(NativeNtBlockSetEntry)); - if (!memory) { - return nullptr; - } - - return new (memory) NativeNtBlockSetEntry(aName, aVersion, aNextEntry); -} - -void -NativeNtBlockSet::Add(const wchar_t* aName, uint64_t aVersion) -{ - ::RtlAcquireSRWLockExclusive(&mLock); - - for (NativeNtBlockSetEntry* entry = mFirstEntry; entry; entry = entry->mNext) { - // We just need to compare the string pointers, not the strings themselves, - // as we always pass in the strings statically defined in the blocklist. - if (aName == entry->mName && aVersion == entry->mVersion) { - ::RtlReleaseSRWLockExclusive(&mLock); - return; - } - } - - // Not present, add it - NativeNtBlockSetEntry* newEntry = NewEntry(aName, aVersion, mFirstEntry); - mFirstEntry = newEntry; - - ::RtlReleaseSRWLockExclusive(&mLock); -} - -void -NativeNtBlockSet::Write(HANDLE aFile) -{ - // NB: If this function is called, it is long after kernel32 is initialized, - // so it is safe to use Win32 calls here. - DWORD nBytes; - char buf[MAX_PATH]; - - // It would be nicer to use RAII here. However, its destructor - // might not run if an exception occurs, in which case we would never release - // the lock (MSVC warns about this possibility). So we acquire and release - // manually. - ::AcquireSRWLockExclusive(&mLock); - - MOZ_SEH_TRY { - for (auto entry = mFirstEntry; entry; entry = entry->mNext) { - int convOk = ::WideCharToMultiByte(CP_UTF8, 0, entry->mName, -1, buf, - sizeof(buf), nullptr, nullptr); - if (!convOk) { - continue; - } - - // write name[,v.v.v.v]; - if (!WriteFile(aFile, buf, convOk, &nBytes, nullptr)) { - continue; - } - - if (entry->mVersion != ALL_VERSIONS) { - WriteFile(aFile, ",", 1, &nBytes, nullptr); - uint16_t parts[4]; - parts[0] = entry->mVersion >> 48; - parts[1] = (entry->mVersion >> 32) & 0xFFFF; - parts[2] = (entry->mVersion >> 16) & 0xFFFF; - parts[3] = entry->mVersion & 0xFFFF; - for (size_t p = 0; p < mozilla::ArrayLength(parts); ++p) { - ltoa(parts[p], buf, 10); - WriteFile(aFile, buf, strlen(buf), &nBytes, nullptr); - if (p != mozilla::ArrayLength(parts) - 1) { - WriteFile(aFile, ".", 1, &nBytes, nullptr); - } - } - } - WriteFile(aFile, ";", 1, &nBytes, nullptr); - } - } - MOZ_SEH_EXCEPT (EXCEPTION_EXECUTE_HANDLER) { - } - - ::ReleaseSRWLockExclusive(&mLock); -} - -static NativeNtBlockSet gBlockSet; - -extern "C" void MOZ_EXPORT -NativeNtBlockSet_Write(HANDLE aHandle) -{ - gBlockSet.Write(aHandle); -} - -static bool -CheckBlockInfo(const DllBlockInfo* aInfo, void* aBaseAddress, uint64_t& aVersion) -{ - aVersion = ALL_VERSIONS; - - if (aInfo->flags & (DllBlockInfo::BLOCK_WIN8PLUS_ONLY | DllBlockInfo::BLOCK_WIN8_ONLY)) { - RTL_OSVERSIONINFOW osv; - NTSTATUS ntStatus = ::RtlGetVersion(&osv); - if (!NT_SUCCESS(ntStatus)) { - // huh? - return false; - } - - if (osv.dwMajorVersion < 8) { - return true; - } - - if ((aInfo->flags & DllBlockInfo::BLOCK_WIN8_ONLY) && (osv.dwMajorVersion > 8 || - (osv.dwMajorVersion == 8 && osv.dwMinorVersion > 0))) { - return true; - } - } - - // We're not bootstrapping child processes at this time, so this case is - // always true. - if (aInfo->flags & DllBlockInfo::CHILD_PROCESSES_ONLY) { - return true; - } - - if (aInfo->maxVersion == ALL_VERSIONS) { - return false; - } - - mozilla::nt::PEHeaders headers(aBaseAddress); - if (!headers) { - return false; - } - - if (aInfo->flags & DllBlockInfo::USE_TIMESTAMP) { - DWORD timestamp; - if (!headers.GetTimeStamp(timestamp)) { - return false; - } - - return timestamp > aInfo->maxVersion; - } - - // Else we try to get the file version information. Note that we don't have - // access to GetFileVersionInfo* APIs. - if (!headers.GetVersionInfo(aVersion)) { - return false; - } - - return aVersion > aInfo->maxVersion; -} - -static bool -IsDllAllowed(const UNICODE_STRING& aLeafName, void* aBaseAddress) -{ - if (mozilla::nt::Contains12DigitHexString(aLeafName) || - mozilla::nt::IsFileNameAtLeast16HexDigits(aLeafName)) { - return false; - } - - UNICODE_STRING testStr; - DECLARE_POINTER_TO_FIRST_DLL_BLOCKLIST_ENTRY(info); - while (info->name) { - ::RtlInitUnicodeString(&testStr, info->name); - if (::RtlEqualUnicodeString(&aLeafName, &testStr, TRUE)) { - break; - } - - ++info; - } - - uint64_t version; - if (info->name && !CheckBlockInfo(info, aBaseAddress, version)) { - gBlockSet.Add(info->name, version); - return false; - } - - return true; -} - -typedef decltype(&NtMapViewOfSection) NtMapViewOfSection_func; -static NtMapViewOfSection_func stub_NtMapViewOfSection; - -static NTSTATUS NTAPI -patched_NtMapViewOfSection(HANDLE aSection, HANDLE aProcess, PVOID* aBaseAddress, - ULONG_PTR aZeroBits, SIZE_T aCommitSize, - PLARGE_INTEGER aSectionOffset, PSIZE_T aViewSize, - SECTION_INHERIT aInheritDisposition, - ULONG aAllocationType, ULONG aProtectionFlags) -{ - // We always map first, then we check for additional info after. - NTSTATUS stubStatus = stub_NtMapViewOfSection(aSection, aProcess, aBaseAddress, - aZeroBits, aCommitSize, - aSectionOffset, aViewSize, - aInheritDisposition, - aAllocationType, aProtectionFlags); - if (!NT_SUCCESS(stubStatus)) { - return stubStatus; - } - - if (aProcess != kCurrentProcess) { - // We're only interested in mapping for the current process. - return stubStatus; - } - - // Do a query to see if the memory is MEM_IMAGE. If not, continue - MEMORY_BASIC_INFORMATION mbi; - NTSTATUS ntStatus = ::NtQueryVirtualMemory(aProcess, *aBaseAddress, - MemoryBasicInformation, &mbi, - sizeof(mbi), nullptr); - if (!NT_SUCCESS(ntStatus)) { - ::NtUnmapViewOfSection(aProcess, *aBaseAddress); - return STATUS_ACCESS_DENIED; - } - - // We don't care about mappings that aren't MEM_IMAGE - if (!(mbi.Type & MEM_IMAGE)) { - return stubStatus; - } - - // Get the section name - mozilla::nt::MemorySectionNameBuf buf; - - ntStatus = ::NtQueryVirtualMemory(aProcess, *aBaseAddress, MemorySectionName, - &buf, sizeof(buf), nullptr); - if (!NT_SUCCESS(ntStatus)) { - ::NtUnmapViewOfSection(aProcess, *aBaseAddress); - return STATUS_ACCESS_DENIED; - } - - // Find the leaf name - UNICODE_STRING leaf; - mozilla::nt::GetLeafName(&leaf, &buf.mSectionFileName); - - // Check blocklist - if (IsDllAllowed(leaf, *aBaseAddress)) { - return stubStatus; - } - - ::NtUnmapViewOfSection(aProcess, *aBaseAddress); - return STATUS_ACCESS_DENIED; -} - -namespace mozilla { - -class MOZ_RAII AutoVirtualProtect final -{ -public: - AutoVirtualProtect(void* aAddress, size_t aLength, DWORD aProtFlags, - HANDLE aTargetProcess = nullptr) - : mAddress(aAddress) - , mLength(aLength) - , mTargetProcess(aTargetProcess) - , mPrevProt(0) - { - ::VirtualProtectEx(aTargetProcess, aAddress, aLength, aProtFlags, - &mPrevProt); - } - - ~AutoVirtualProtect() - { - if (!mPrevProt) { - return; - } - - ::VirtualProtectEx(mTargetProcess, mAddress, mLength, mPrevProt, - &mPrevProt); - } - - explicit operator bool() const - { - return !!mPrevProt; - } - - AutoVirtualProtect(const AutoVirtualProtect&) = delete; - AutoVirtualProtect(AutoVirtualProtect&&) = delete; - AutoVirtualProtect& operator=(const AutoVirtualProtect&) = delete; - AutoVirtualProtect& operator=(AutoVirtualProtect&&) = delete; - -private: - void* mAddress; - size_t mLength; - HANDLE mTargetProcess; - DWORD mPrevProt; -}; - -bool -InitializeDllBlocklistOOP(HANDLE aChildProcess) -{ - mozilla::CrossProcessDllInterceptor intcpt(aChildProcess); - intcpt.Init(L"ntdll.dll"); - bool ok = intcpt.AddDetour("NtMapViewOfSection", - reinterpret_cast(&patched_NtMapViewOfSection), - (void**) &stub_NtMapViewOfSection); - if (!ok) { - return false; - } - - // Set the child process's copy of stub_NtMapViewOfSection - SIZE_T bytesWritten; - ok = !!::WriteProcessMemory(aChildProcess, &stub_NtMapViewOfSection, - &stub_NtMapViewOfSection, - sizeof(stub_NtMapViewOfSection), &bytesWritten); - if (!ok) { - return false; - } - - // Because aChildProcess has just been created in a suspended state, its - // dynamic linker has not yet been initialized, thus its executable has - // not yet been linked with ntdll.dll. If the blocklist hook intercepts a - // library load prior to the link, the hook will be unable to invoke any - // ntdll.dll functions. - // - // We know that the executable for our *current* process's binary is already - // linked into ntdll, so we obtain the IAT from our own executable and graft - // it onto the child process's IAT, thus enabling the child process's hook to - // safely make its ntdll calls. - mozilla::nt::PEHeaders ourExeImage(::GetModuleHandleW(nullptr)); - if (!ourExeImage) { - return false; - } - - PIMAGE_IMPORT_DESCRIPTOR impDesc = ourExeImage.GetIATForModule("ntdll.dll"); - if (!impDesc) { - return false; - } - - // This is the pointer we need to write - auto firstIatThunk = ourExeImage.template - RVAToPtr(impDesc->FirstThunk); - if (!firstIatThunk) { - return false; - } - - // Find the length by iterating through the table until we find a null entry - PIMAGE_THUNK_DATA curIatThunk = firstIatThunk; - while (mozilla::nt::PEHeaders::IsValid(curIatThunk)) { - ++curIatThunk; - } - - ptrdiff_t iatLength = (curIatThunk - firstIatThunk) * sizeof(IMAGE_THUNK_DATA); - - { // Scope for prot - AutoVirtualProtect prot(firstIatThunk, iatLength, PAGE_READWRITE, - aChildProcess); - if (!prot) { - return false; - } - - ok = !!::WriteProcessMemory(aChildProcess, firstIatThunk, firstIatThunk, - iatLength, &bytesWritten); - if (!ok) { - return false; - } - } - - // Tell the mozglue blocklist that we have bootstrapped - uint32_t newFlags = eDllBlocklistInitFlagWasBootstrapped; - ok = !!::WriteProcessMemory(aChildProcess, &gBlocklistInitFlags, &newFlags, - sizeof(newFlags), &bytesWritten); - return ok; -} - -} // namespace mozilla diff --git a/browser/app/winlauncher/DllBlocklistWin.h b/browser/app/winlauncher/DllBlocklistWin.h deleted file mode 100644 index 5f7ca47e079d..000000000000 --- a/browser/app/winlauncher/DllBlocklistWin.h +++ /dev/null @@ -1,18 +0,0 @@ -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* vim: set ts=8 sts=2 et sw=2 tw=80: */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at https://mozilla.org/MPL/2.0/. */ - -#ifndef mozilla_DllBlocklistWin_h -#define mozilla_DllBlocklistWin_h - -#include - -namespace mozilla { - -bool InitializeDllBlocklistOOP(HANDLE aChildProcess); - -} // namespace mozilla - -#endif // mozilla_DllBlocklistWin_h diff --git a/browser/app/winlauncher/NativeNt.h b/browser/app/winlauncher/NativeNt.h deleted file mode 100644 index a504275343ac..000000000000 --- a/browser/app/winlauncher/NativeNt.h +++ /dev/null @@ -1,546 +0,0 @@ -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* vim: set ts=8 sts=2 et sw=2 tw=80: */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at https://mozilla.org/MPL/2.0/. */ - -#ifndef mozilla_NativeNt_h -#define mozilla_NativeNt_h - -#if defined(MOZILLA_INTERNAL_API) -#error "This header is for initial process initialization. You don't want to be including this here." -#endif // defined(MOZILLA_INTERNAL_API) - -#include -#include -#include -#include - -#include "mozilla/ArrayUtils.h" -#include "mozilla/Attributes.h" - -extern "C" { - -#if !defined(STATUS_ACCESS_DENIED) -#define STATUS_ACCESS_DENIED ((NTSTATUS)0xC0000022L) -#endif // !defined(STATUS_ACCESS_DENIED) - -#if !defined(STATUS_DLL_NOT_FOUND) -#define STATUS_DLL_NOT_FOUND ((NTSTATUS)0xC0000135L) -#endif // !defined(STATUS_DLL_NOT_FOUND) - -enum SECTION_INHERIT -{ - ViewShare = 1, - ViewUnmap = 2 -}; - -NTSTATUS NTAPI -NtMapViewOfSection(HANDLE aSection, HANDLE aProcess, PVOID* aBaseAddress, - ULONG_PTR aZeroBits, SIZE_T aCommitSize, - PLARGE_INTEGER aSectionOffset, PSIZE_T aViewSize, - SECTION_INHERIT aInheritDisposition, ULONG aAllocationType, - ULONG aProtectionFlags); - -NTSTATUS NTAPI -NtUnmapViewOfSection(HANDLE aProcess, PVOID aBaseAddress); - -enum MEMORY_INFORMATION_CLASS -{ - MemoryBasicInformation = 0, - MemorySectionName = 2 -}; - -// NB: When allocating, space for the buffer must also be included -typedef struct _MEMORY_SECTION_NAME -{ - UNICODE_STRING mSectionFileName; -} MEMORY_SECTION_NAME, *PMEMORY_SECTION_NAME; - -NTSTATUS NTAPI -NtQueryVirtualMemory(HANDLE aProcess, PVOID aBaseAddress, - MEMORY_INFORMATION_CLASS aMemInfoClass, PVOID aMemInfo, - SIZE_T aMemInfoLen, PSIZE_T aReturnLen); - -LONG NTAPI -RtlCompareUnicodeString(PCUNICODE_STRING aStr1, PCUNICODE_STRING aStr2, - BOOLEAN aCaseInsensitive); - -BOOLEAN NTAPI -RtlEqualUnicodeString(PCUNICODE_STRING aStr1, PCUNICODE_STRING aStr2, - BOOLEAN aCaseInsensitive); - -NTSTATUS NTAPI -RtlGetVersion(PRTL_OSVERSIONINFOW aOutVersionInformation); - -PVOID NTAPI -RtlAllocateHeap(PVOID aHeapHandle, ULONG aFlags, SIZE_T aSize); - -PVOID NTAPI -RtlReAllocateHeap(PVOID aHeapHandle, ULONG aFlags, LPVOID aMem, SIZE_T aNewSize); - -BOOLEAN NTAPI -RtlFreeHeap(PVOID aHeapHandle, ULONG aFlags, PVOID aHeapBase); - -VOID NTAPI -RtlAcquireSRWLockExclusive(PSRWLOCK aLock); - -VOID NTAPI -RtlReleaseSRWLockExclusive(PSRWLOCK aLock); - -} // extern "C" - -namespace mozilla { -namespace nt { - -struct MemorySectionNameBuf : public _MEMORY_SECTION_NAME -{ - MemorySectionNameBuf() - { - mSectionFileName.Length = 0; - mSectionFileName.MaximumLength = sizeof(mBuf); - mSectionFileName.Buffer = mBuf; - } - - WCHAR mBuf[MAX_PATH]; -}; - -inline bool -FindCharInUnicodeString(const UNICODE_STRING& aStr, WCHAR aChar, uint16_t& aPos, - uint16_t aStartIndex = 0) -{ - const uint16_t aMaxIndex = aStr.Length / sizeof(WCHAR); - - for (uint16_t curIndex = aStartIndex; curIndex < aMaxIndex; ++curIndex) { - if (aStr.Buffer[curIndex] == aChar) { - aPos = curIndex; - return true; - } - } - - return false; -} - -inline bool -IsHexDigit(WCHAR aChar) -{ - return aChar >= L'0' && aChar <= L'9' || - aChar >= L'A' && aChar <= L'F' || - aChar >= L'a' && aChar <= L'f'; -} - -inline bool -MatchUnicodeString(const UNICODE_STRING& aStr, bool (*aPredicate)(WCHAR)) -{ - WCHAR* cur = aStr.Buffer; - WCHAR* end = &aStr.Buffer[aStr.Length / sizeof(WCHAR)]; - while (cur < end) { - if (!aPredicate(*cur)) { - return false; - } - - ++cur; - } - - return true; -} - -inline bool -Contains12DigitHexString(const UNICODE_STRING& aLeafName) -{ - uint16_t start, end; - if (!FindCharInUnicodeString(aLeafName, L'.', start)) { - return false; - } - - ++start; - if (!FindCharInUnicodeString(aLeafName, L'.', end, start)) { - return false; - } - - if (end - start != 12) { - return false; - } - - UNICODE_STRING test; - test.Buffer = &aLeafName.Buffer[start]; - test.Length = (end - start) * sizeof(WCHAR); - test.MaximumLength = test.Length; - - return MatchUnicodeString(test, &IsHexDigit); -} - -inline bool -IsFileNameAtLeast16HexDigits(const UNICODE_STRING& aLeafName) -{ - uint16_t dotIndex; - if (!FindCharInUnicodeString(aLeafName, L'.', dotIndex)) { - return false; - } - - if (dotIndex < 16) { - return false; - } - - UNICODE_STRING test; - test.Buffer = aLeafName.Buffer; - test.Length = dotIndex * sizeof(WCHAR); - test.MaximumLength = aLeafName.MaximumLength; - - return MatchUnicodeString(test, &IsHexDigit); -} - -inline void -GetLeafName(PUNICODE_STRING aDestString, PCUNICODE_STRING aSrcString) -{ - WCHAR* buf = aSrcString->Buffer; - WCHAR* end = &aSrcString->Buffer[(aSrcString->Length / sizeof(WCHAR)) - 1]; - WCHAR* cur = end; - while (cur >= buf) { - if (*cur == L'\\') { - break; - } - - --cur; - } - - // At this point, either cur points to the final backslash, or it points to - // buf - 1. Either way, we're interested in cur + 1 as the desired buffer. - aDestString->Buffer = cur + 1; - aDestString->Length = (end - aDestString->Buffer + 1) * sizeof(WCHAR); - aDestString->MaximumLength = aDestString->Length; -} - -inline char -EnsureLowerCaseASCII(char aChar) -{ - if (aChar >= 'A' && aChar <= 'Z') { - aChar -= 'A' - 'a'; - } - - return aChar; -} - -inline int -StricmpASCII(const char* aLeft, const char* aRight) -{ - char curLeft, curRight; - - do { - curLeft = EnsureLowerCaseASCII(*(aLeft++)); - curRight = EnsureLowerCaseASCII(*(aRight++)); - } while(curLeft && curLeft == curRight); - - return curLeft - curRight; -} - -class MOZ_RAII PEHeaders final -{ - /** - * This structure is documented on MSDN as VS_VERSIONINFO, but is not present - * in SDK headers because it cannot be specified as a C struct. The following - * structure contains the fixed-length fields at the beginning of - * VS_VERSIONINFO. - */ - struct VS_VERSIONINFO_HEADER - { - WORD wLength; - WORD wValueLength; - WORD wType; - WCHAR szKey[16]; // ArrayLength(L"VS_VERSION_INFO") - // Additional data goes here, aligned on a 4-byte boundary - }; - -public: - explicit PEHeaders(void* aBaseAddress) - : PEHeaders(reinterpret_cast(aBaseAddress)) - { - } - - // The lowest two bits of an HMODULE are used as flags. Stripping those bits - // from the HMODULE yields the base address of the binary's memory mapping. - // (See LoadLibraryEx docs on MSDN) - explicit PEHeaders(HMODULE aModule) - : PEHeaders(reinterpret_cast( - reinterpret_cast(aModule) & ~uintptr_t(3))) - { - } - - explicit operator bool() const - { - return !!mImageLimit; - } - - /** - * This overload computes absolute virtual addresses relative to the base - * address of the binary. - */ - template - T RVAToPtr(R aRva) - { - return RVAToPtr(mMzHeader, aRva); - } - - /** - * This overload computes a result by adding aRva to aBase, but also ensures - * that the resulting pointer falls within the bounds of this binary's memory - * mapping. - */ - template - T RVAToPtr(void* aBase, R aRva) - { - if (!mImageLimit) { - return nullptr; - } - - char* absAddress = reinterpret_cast(aBase) + aRva; - if (absAddress < reinterpret_cast(mMzHeader) || - absAddress > reinterpret_cast(mImageLimit)) { - return nullptr; - } - - return reinterpret_cast(absAddress); - } - - PIMAGE_IMPORT_DESCRIPTOR GetImportDirectory() - { - return GetImageDirectoryEntry( - IMAGE_DIRECTORY_ENTRY_IMPORT); - } - - PIMAGE_RESOURCE_DIRECTORY GetResourceTable() - { - return GetImageDirectoryEntry( - IMAGE_DIRECTORY_ENTRY_RESOURCE); - } - - bool - GetVersionInfo(uint64_t& aOutVersion) - { - // RT_VERSION == 16 - // Version resources require an id of 1 - auto root = FindResourceLeaf(16, 1); - if (!root) { - return false; - } - - VS_FIXEDFILEINFO* fixedInfo = GetFixedFileInfo(root); - if (!fixedInfo) { - return false; - } - - aOutVersion = ((static_cast(fixedInfo->dwFileVersionMS) << 32) | - static_cast(fixedInfo->dwFileVersionLS)); - return true; - } - - bool - GetTimeStamp(DWORD& aResult) - { - if (!(*this)) { - return false; - } - - aResult = mPeHeader->FileHeader.TimeDateStamp; - return true; - } - - PIMAGE_IMPORT_DESCRIPTOR - GetIATForModule(const char* aModuleNameASCII) - { - for (PIMAGE_IMPORT_DESCRIPTOR curImpDesc = GetImportDirectory(); - IsValid(curImpDesc); ++curImpDesc) { - auto curName = RVAToPtr(curImpDesc->Name); - if (!curName) { - return nullptr; - } - - if (StricmpASCII(aModuleNameASCII, curName)) { - continue; - } - - // curImpDesc now points to the IAT for the module we're interested in - return curImpDesc; - } - - return nullptr; - } - - /** - * Resources are stored in a three-level tree. To locate a particular entry, - * you must supply a resource type, the resource id, and then the language id. - * If aLangId == 0, we just resolve the first entry regardless of language. - */ - template T - FindResourceLeaf(WORD aType, WORD aResId, WORD aLangId = 0) - { - PIMAGE_RESOURCE_DIRECTORY topLevel = GetResourceTable(); - if (!topLevel) { - return nullptr; - } - - PIMAGE_RESOURCE_DIRECTORY_ENTRY typeEntry = FindResourceEntry(topLevel, - aType); - if (!typeEntry || !typeEntry->DataIsDirectory) { - return nullptr; - } - - auto idDir = RVAToPtr(topLevel, - typeEntry->OffsetToDirectory); - PIMAGE_RESOURCE_DIRECTORY_ENTRY idEntry = FindResourceEntry(idDir, aResId); - if (!idEntry || !idEntry->DataIsDirectory) { - return nullptr; - } - - auto langDir = RVAToPtr(topLevel, - idEntry->OffsetToDirectory); - PIMAGE_RESOURCE_DIRECTORY_ENTRY langEntry; - if (aLangId) { - langEntry = FindResourceEntry(langDir, aLangId); - } else { - langEntry = FindFirstResourceEntry(langDir); - } - - if (!langEntry || langEntry->DataIsDirectory) { - return nullptr; - } - - auto dataEntry = RVAToPtr(topLevel, - langEntry->OffsetToData); - return RVAToPtr(dataEntry->OffsetToData); - } - - static bool IsValid(PIMAGE_IMPORT_DESCRIPTOR aImpDesc) - { - return aImpDesc && aImpDesc->OriginalFirstThunk != 0; - } - - static bool IsValid(PIMAGE_THUNK_DATA aImgThunk) - { - return aImgThunk && aImgThunk->u1.Ordinal != 0; - } - -private: - explicit PEHeaders(PIMAGE_DOS_HEADER aMzHeader) - : mMzHeader(aMzHeader) - , mPeHeader(nullptr) - , mImageLimit(nullptr) - { - if (!mMzHeader || mMzHeader->e_magic != IMAGE_DOS_SIGNATURE) { - return; - } - - mPeHeader = RVAToPtrUnchecked(mMzHeader->e_lfanew); - if (!mPeHeader || mPeHeader->Signature != IMAGE_NT_SIGNATURE) { - return; - } - - mImageLimit = - RVAToPtrUnchecked(mPeHeader->OptionalHeader.SizeOfImage - 1UL); - } - - template - T GetImageDirectoryEntry(unsigned int aDirectoryIndex) - { - if (aDirectoryIndex >= IMAGE_NUMBEROF_DIRECTORY_ENTRIES) { - return nullptr; - } - - IMAGE_DATA_DIRECTORY& dirEntry = - mPeHeader->OptionalHeader.DataDirectory[aDirectoryIndex]; - return RVAToPtr(dirEntry.VirtualAddress); - } - - // This private overload does not have bounds checks, because we need to be - // able to resolve the bounds themselves. - template - T RVAToPtrUnchecked(R aRva) - { - return reinterpret_cast(reinterpret_cast(mMzHeader) + aRva); - } - - PIMAGE_RESOURCE_DIRECTORY_ENTRY - FindResourceEntry(PIMAGE_RESOURCE_DIRECTORY aCurLevel, WORD aId) - { - // Immediately after the IMAGE_RESOURCE_DIRECTORY structure is an array - // of IMAGE_RESOURCE_DIRECTORY_ENTRY structures. Since this function - // searches by ID, we need to skip past any named entries before iterating. - auto dirEnt = - reinterpret_cast(aCurLevel + 1) + - aCurLevel->NumberOfNamedEntries; - for (WORD i = 0; i < aCurLevel->NumberOfIdEntries; ++i) { - if (dirEnt[i].Id == aId) { - return &dirEnt[i]; - } - } - - return nullptr; - } - - PIMAGE_RESOURCE_DIRECTORY_ENTRY - FindFirstResourceEntry(PIMAGE_RESOURCE_DIRECTORY aCurLevel) - { - // Immediately after the IMAGE_RESOURCE_DIRECTORY structure is an array - // of IMAGE_RESOURCE_DIRECTORY_ENTRY structures. We just return the first - // entry, regardless of whether it is indexed by name or by id. - auto dirEnt = reinterpret_cast(aCurLevel + 1); - WORD numEntries = aCurLevel->NumberOfNamedEntries + - aCurLevel->NumberOfIdEntries; - if (!numEntries) { - return nullptr; - } - - return dirEnt; - } - - VS_FIXEDFILEINFO* - GetFixedFileInfo(VS_VERSIONINFO_HEADER* aVerInfo) - { - WORD length = aVerInfo->wLength; - WORD offset = sizeof(VS_VERSIONINFO_HEADER); - if (!offset) { - return nullptr; - } - - const wchar_t kVersionInfoKey[] = L"VS_VERSION_INFO"; - if (::RtlCompareMemory(aVerInfo->szKey, kVersionInfoKey, - ArrayLength(kVersionInfoKey)) != - ArrayLength(kVersionInfoKey)) { - return nullptr; - } - - uintptr_t base = reinterpret_cast(aVerInfo); - // Align up to 4-byte boundary -#pragma warning(suppress: 4146) - offset += (-(base + offset) & 3); - - if (offset > length) { - return nullptr; - } - - auto result = reinterpret_cast(base + offset); - if (result->dwSignature != 0xFEEF04BD) { - return nullptr; - } - - return result; - } - -private: - PIMAGE_DOS_HEADER mMzHeader; - PIMAGE_NT_HEADERS mPeHeader; - void* mImageLimit; -}; - -inline HANDLE -RtlGetProcessHeap() -{ - PTEB teb = ::NtCurrentTeb(); - PPEB peb = teb->ProcessEnvironmentBlock; - return peb->Reserved4[1]; -} - -} // namespace nt -} // namespace mozilla - -#endif // mozilla_NativeNt_h diff --git a/browser/app/winlauncher/moz.build b/browser/app/winlauncher/moz.build deleted file mode 100644 index b1961b6008a1..000000000000 --- a/browser/app/winlauncher/moz.build +++ /dev/null @@ -1,32 +0,0 @@ -# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- -# vim: set filetype=python: -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -Library('winlauncher') - -FORCE_STATIC_LIB = True - -UNIFIED_SOURCES += [ - 'DllBlocklistWin.cpp', - 'LauncherProcessWin.cpp', - 'LaunchUnelevated.cpp', -] - -DELAYLOAD_DLLS += [ - 'oleaut32.dll', - 'ole32.dll', -] - -OS_LIBS += [ - 'ntdll', - 'oleaut32', - 'ole32', -] - -TEST_DIRS += [ - 'test', -] - -DisableStlWrapping() diff --git a/browser/app/winlauncher/test/TestNativeNt.cpp b/browser/app/winlauncher/test/TestNativeNt.cpp deleted file mode 100644 index f024c3ae2514..000000000000 --- a/browser/app/winlauncher/test/TestNativeNt.cpp +++ /dev/null @@ -1,97 +0,0 @@ -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* vim: set ts=8 sts=2 et sw=2 tw=80: */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at https://mozilla.org/MPL/2.0/. */ - -#include "NativeNt.h" - -#include - -const wchar_t kNormal[] = L"Foo.dll"; -const wchar_t kHex12[] = L"Foo.ABCDEF012345.dll"; -const wchar_t kHex15[] = L"ABCDEF012345678.dll"; -const wchar_t kHex16[] = L"ABCDEF0123456789.dll"; -const wchar_t kHex17[] = L"ABCDEF0123456789a.dll"; -const wchar_t kHex24[] = L"ABCDEF0123456789cdabef98.dll"; -const wchar_t kHex8[] = L"01234567.dll"; -const wchar_t kNonHex12[] = L"Foo.ABCDEFG12345.dll"; -const wchar_t kHex13[] = L"Foo.ABCDEF0123456.dll"; -const wchar_t kHex11[] = L"Foo.ABCDEF01234.dll"; -const wchar_t kPrefixedHex16[] = L"Pabcdef0123456789.dll"; - -const char kFailFmt[] = "TEST-FAILED | NativeNt | %s(%s) should have returned %s but did not\n"; - -#define RUN_TEST(fn, varName, expected) \ - if (fn(varName) == !expected) { \ - printf(kFailFmt, #fn, #varName, #expected); \ - return 1; \ - } - -#define EXPECT_FAIL(fn, varName) \ - RUN_TEST(fn, varName, false) \ - -#define EXPECT_SUCCESS(fn, varName) \ - RUN_TEST(fn, varName, true) - -using namespace mozilla::nt; - -int main(int argc, char* argv[]) -{ - UNICODE_STRING normal; - ::RtlInitUnicodeString(&normal, kNormal); - - UNICODE_STRING hex12; - ::RtlInitUnicodeString(&hex12, kHex12); - - UNICODE_STRING hex16; - ::RtlInitUnicodeString(&hex16, kHex16); - - UNICODE_STRING hex24; - ::RtlInitUnicodeString(&hex24, kHex24); - - UNICODE_STRING hex8; - ::RtlInitUnicodeString(&hex8, kHex8); - - UNICODE_STRING nonHex12; - ::RtlInitUnicodeString(&nonHex12, kNonHex12); - - UNICODE_STRING hex13; - ::RtlInitUnicodeString(&hex13, kHex13); - - UNICODE_STRING hex11; - ::RtlInitUnicodeString(&hex11, kHex11); - - UNICODE_STRING hex15; - ::RtlInitUnicodeString(&hex15, kHex15); - - UNICODE_STRING hex17; - ::RtlInitUnicodeString(&hex17, kHex17); - - UNICODE_STRING prefixedHex16; - ::RtlInitUnicodeString(&prefixedHex16, kPrefixedHex16); - - EXPECT_FAIL(Contains12DigitHexString, normal); - EXPECT_SUCCESS(Contains12DigitHexString, hex12); - EXPECT_FAIL(Contains12DigitHexString, hex13); - EXPECT_FAIL(Contains12DigitHexString, hex11); - EXPECT_FAIL(Contains12DigitHexString, hex16); - EXPECT_FAIL(Contains12DigitHexString, nonHex12); - - EXPECT_FAIL(IsFileNameAtLeast16HexDigits, normal); - EXPECT_FAIL(IsFileNameAtLeast16HexDigits, hex12); - EXPECT_SUCCESS(IsFileNameAtLeast16HexDigits, hex24); - EXPECT_SUCCESS(IsFileNameAtLeast16HexDigits, hex16); - EXPECT_SUCCESS(IsFileNameAtLeast16HexDigits, hex17); - EXPECT_FAIL(IsFileNameAtLeast16HexDigits, hex8); - EXPECT_FAIL(IsFileNameAtLeast16HexDigits, hex15); - EXPECT_FAIL(IsFileNameAtLeast16HexDigits, prefixedHex16); - - if (RtlGetProcessHeap() != ::GetProcessHeap()) { - printf("TEST-FAILED | NativeNt | RtlGetProcessHeap() is broken\n"); - return 1; - } - - return 0; -} - diff --git a/browser/app/winlauncher/test/moz.build b/browser/app/winlauncher/test/moz.build deleted file mode 100644 index 31fbe296eeb2..000000000000 --- a/browser/app/winlauncher/test/moz.build +++ /dev/null @@ -1,17 +0,0 @@ -# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- -# vim: set filetype=python: -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -DisableStlWrapping() - -CppUnitTests(['TestNativeNt']) - -LOCAL_INCLUDES += [ - '/browser/app/winlauncher', -] - -OS_LIBS += [ - 'ntdll', -] diff --git a/mozglue/build/WindowsDllBlocklist.cpp b/mozglue/build/WindowsDllBlocklist.cpp index 6071e4241986..3eecf2d6b662 100644 --- a/mozglue/build/WindowsDllBlocklist.cpp +++ b/mozglue/build/WindowsDllBlocklist.cpp @@ -38,10 +38,246 @@ using namespace mozilla; -#define DLL_BLOCKLIST_ENTRY(name, ...) \ - { name, __VA_ARGS__ }, -#define DLL_BLOCKLIST_CHAR_TYPE char -#include "mozilla/WindowsDllBlocklistDefs.h" +#define ALL_VERSIONS ((unsigned long long)-1LL) + +// DLLs sometimes ship without a version number, particularly early +// releases. Blocking "version <= 0" has the effect of blocking unversioned +// DLLs (since the call to get version info fails), but not blocking +// any versioned instance. +#define UNVERSIONED ((unsigned long long)0LL) + +// Convert the 4 (decimal) components of a DLL version number into a +// single unsigned long long, as needed by the blocklist +#define MAKE_VERSION(a,b,c,d)\ + ((a##ULL << 48) + (b##ULL << 32) + (c##ULL << 16) + d##ULL) + +struct DllBlockInfo { + // The name of the DLL -- in LOWERCASE! It will be compared to + // a lowercase version of the DLL name only. + const char *name; + + // If maxVersion is ALL_VERSIONS, we'll block all versions of this + // dll. Otherwise, we'll block all versions less than or equal to + // the given version, as queried by GetFileVersionInfo and + // VS_FIXEDFILEINFO's dwFileVersionMS and dwFileVersionLS fields. + // + // Note that the version is usually 4 components, which is A.B.C.D + // encoded as 0x AAAA BBBB CCCC DDDD ULL (spaces added for clarity), + // but it's not required to be of that format. + // + // If the USE_TIMESTAMP flag is set, then we use the timestamp from + // the IMAGE_FILE_HEADER in lieu of a version number. + // + // If the CHILD_PROCESSES_ONLY flag is set, then the dll is blocked + // only when we are a child process. + unsigned long long maxVersion; + + enum { + FLAGS_DEFAULT = 0, + BLOCK_WIN8PLUS_ONLY = 1, + BLOCK_WIN8_ONLY = 2, + USE_TIMESTAMP = 4, + CHILD_PROCESSES_ONLY = 8 + } flags; +}; + +static const DllBlockInfo sWindowsDllBlocklist[] = { + // EXAMPLE: + // { "uxtheme.dll", ALL_VERSIONS }, + // { "uxtheme.dll", 0x0000123400000000ULL }, + // The DLL name must be in lowercase! + // The version field is a maximum, that is, we block anything that is + // less-than or equal to that version. + + // NPFFAddon - Known malware + { "npffaddon.dll", ALL_VERSIONS}, + + // AVG 8 - Antivirus vendor AVG, old version, plugin already blocklisted + {"avgrsstx.dll", MAKE_VERSION(8,5,0,401)}, + + // calc.dll - Suspected malware + {"calc.dll", MAKE_VERSION(1,0,0,1)}, + + // hook.dll - Suspected malware + {"hook.dll", ALL_VERSIONS}, + + // GoogleDesktopNetwork3.dll - Extremely old, unversioned instances + // of this DLL cause crashes + {"googledesktopnetwork3.dll", UNVERSIONED}, + + // rdolib.dll - Suspected malware + {"rdolib.dll", MAKE_VERSION(6,0,88,4)}, + + // fgjk4wvb.dll - Suspected malware + {"fgjk4wvb.dll", MAKE_VERSION(8,8,8,8)}, + + // radhslib.dll - Naomi internet filter - unmaintained since 2006 + {"radhslib.dll", UNVERSIONED}, + + // Music download filter for vkontakte.ru - old instances + // of this DLL cause crashes + {"vksaver.dll", MAKE_VERSION(2,2,2,0)}, + + // Topcrash in Firefox 4.0b1 + {"rlxf.dll", MAKE_VERSION(1,2,323,1)}, + + // psicon.dll - Topcrashes in Thunderbird, and some crashes in Firefox + // Adobe photoshop library, now redundant in later installations + {"psicon.dll", ALL_VERSIONS}, + + // Topcrash in Firefox 4 betas (bug 618899) + {"accelerator.dll", MAKE_VERSION(3,2,1,6)}, + + // Topcrash with Roboform in Firefox 8 (bug 699134) + {"rf-firefox.dll", MAKE_VERSION(7,6,1,0)}, + {"roboform.dll", MAKE_VERSION(7,6,1,0)}, + + // Topcrash with Babylon Toolbar on FF16+ (bug 721264) + {"babyfox.dll", ALL_VERSIONS}, + + // sprotector.dll crashes, bug 957258 + {"sprotector.dll", ALL_VERSIONS}, + + // leave these two in always for tests + { "mozdllblockingtest.dll", ALL_VERSIONS }, + { "mozdllblockingtest_versioned.dll", 0x0000000400000000ULL }, + + // Windows Media Foundation FLAC decoder and type sniffer (bug 839031). + { "mfflac.dll", ALL_VERSIONS }, + + // Older Relevant Knowledge DLLs cause us to crash (bug 904001). + { "rlnx.dll", MAKE_VERSION(1, 3, 334, 9) }, + { "pmnx.dll", MAKE_VERSION(1, 3, 334, 9) }, + { "opnx.dll", MAKE_VERSION(1, 3, 334, 9) }, + { "prnx.dll", MAKE_VERSION(1, 3, 334, 9) }, + + // Older belgian ID card software causes Firefox to crash or hang on + // shutdown, bug 831285 and 918399. + { "beid35cardlayer.dll", MAKE_VERSION(3, 5, 6, 6968) }, + + // bug 925459, bitguard crashes + { "bitguard.dll", ALL_VERSIONS }, + + // bug 812683 - crashes in Windows library when Asus Gamer OSD is installed + // Software is discontinued/unsupported + { "atkdx11disp.dll", ALL_VERSIONS }, + + // Topcrash with Conduit SearchProtect, bug 944542 + { "spvc32.dll", ALL_VERSIONS }, + + // Topcrash with V-bates, bug 1002748 and bug 1023239 + { "libinject.dll", UNVERSIONED }, + { "libinject2.dll", 0x537DDC93, DllBlockInfo::USE_TIMESTAMP }, + { "libredir2.dll", 0x5385B7ED, DllBlockInfo::USE_TIMESTAMP }, + + // Crashes with RoboForm2Go written against old SDK, bug 988311/1196859 + { "rf-firefox-22.dll", ALL_VERSIONS }, + { "rf-firefox-40.dll", ALL_VERSIONS }, + + // Crashes with DesktopTemperature, bug 1046382 + { "dtwxsvc.dll", 0x53153234, DllBlockInfo::USE_TIMESTAMP }, + + // Startup crashes with Lenovo Onekey Theater, bug 1123778 + { "activedetect32.dll", UNVERSIONED }, + { "activedetect64.dll", UNVERSIONED }, + { "windowsapihookdll32.dll", UNVERSIONED }, + { "windowsapihookdll64.dll", UNVERSIONED }, + + // Flash crashes with RealNetworks RealDownloader, bug 1132663 + { "rndlnpshimswf.dll", ALL_VERSIONS }, + { "rndlmainbrowserrecordplugin.dll", ALL_VERSIONS }, + + // Startup crashes with RealNetworks Browser Record Plugin, bug 1170141 + { "nprpffbrowserrecordext.dll", ALL_VERSIONS }, + { "nprndlffbrowserrecordext.dll", ALL_VERSIONS }, + + // Crashes with CyberLink YouCam, bug 1136968 + { "ycwebcamerasource.ax", MAKE_VERSION(2, 0, 0, 1611) }, + + // Old version of WebcamMax crashes WebRTC, bug 1130061 + { "vwcsource.ax", MAKE_VERSION(1, 5, 0, 0) }, + + // NetOp School, discontinued product, bug 763395 + { "nlsp.dll", MAKE_VERSION(6, 23, 2012, 19) }, + + // Orbit Downloader, bug 1222819 + { "grabdll.dll", MAKE_VERSION(2, 6, 1, 0) }, + { "grabkernel.dll", MAKE_VERSION(1, 0, 0, 1) }, + + // ESET, bug 1229252 + { "eoppmonitor.dll", ALL_VERSIONS }, + + // SS2OSD, bug 1262348 + { "ss2osd.dll", ALL_VERSIONS }, + { "ss2devprops.dll", ALL_VERSIONS }, + + // NHASUSSTRIXOSD.DLL, bug 1269244 + { "nhasusstrixosd.dll", ALL_VERSIONS }, + { "nhasusstrixdevprops.dll", ALL_VERSIONS }, + + // Crashes with PremierOpinion/RelevantKnowledge, bug 1277846 + { "opls.dll", ALL_VERSIONS }, + { "opls64.dll", ALL_VERSIONS }, + { "pmls.dll", ALL_VERSIONS }, + { "pmls64.dll", ALL_VERSIONS }, + { "prls.dll", ALL_VERSIONS }, + { "prls64.dll", ALL_VERSIONS }, + { "rlls.dll", ALL_VERSIONS }, + { "rlls64.dll", ALL_VERSIONS }, + + // Vorbis DirectShow filters, bug 1239690. + { "vorbis.acm", MAKE_VERSION(0, 0, 3, 6) }, + + // AhnLab Internet Security, bug 1311969 + { "nzbrcom.dll", ALL_VERSIONS }, + + // K7TotalSecurity, bug 1339083. + { "k7pswsen.dll", MAKE_VERSION(15, 2, 2, 95) }, + + // smci*.dll - goobzo crashware (bug 1339908) + { "smci32.dll", ALL_VERSIONS }, + { "smci64.dll", ALL_VERSIONS }, + + // Crashes with Internet Download Manager, bug 1333486 + { "idmcchandler7.dll", ALL_VERSIONS }, + { "idmcchandler7_64.dll", ALL_VERSIONS }, + { "idmcchandler5.dll", ALL_VERSIONS }, + { "idmcchandler5_64.dll", ALL_VERSIONS }, + + // Nahimic 2 breaks applicaton update (bug 1356637) + { "nahimic2devprops.dll", MAKE_VERSION(2, 5, 19, 0xffff) }, + // Nahimic is causing crashes, bug 1233556 + { "nahimicmsiosd.dll", UNVERSIONED }, + // Nahimic is causing crashes, bug 1360029 + { "nahimicvrdevprops.dll", UNVERSIONED }, + { "nahimic2osd.dll", MAKE_VERSION(2, 5, 19, 0xffff) }, + { "nahimicmsidevprops.dll", UNVERSIONED }, + + // Bug 1268470 - crashes with Kaspersky Lab on Windows 8 + { "klsihk64.dll", MAKE_VERSION(14, 0, 456, 0xffff), DllBlockInfo::BLOCK_WIN8_ONLY }, + + // Bug 1407337, crashes with OpenSC < 0.16.0 + { "onepin-opensc-pkcs11.dll", MAKE_VERSION(0, 15, 0xffff, 0xffff) }, + + // Avecto Privilege Guard causes crashes, bug 1385542 + { "pghook.dll", ALL_VERSIONS }, + + // Old versions of G DATA BankGuard, bug 1421991 + { "banksafe64.dll", MAKE_VERSION(1, 2, 15299, 65535) }, + + // Old versions of G DATA, bug 1043775 + { "gdkbfltdll64.dll", MAKE_VERSION(1, 0, 14141, 240) }, + + // Dell Backup and Recovery tool causes crashes, bug 1433408 + { "dbroverlayiconnotbackuped.dll", MAKE_VERSION(1, 8, 0, 9) }, + { "dbroverlayiconbackuped.dll", MAKE_VERSION(1, 8, 0, 9) }, + + { nullptr, 0 } +}; + +#ifndef STATUS_DLL_NOT_FOUND +#define STATUS_DLL_NOT_FOUND ((DWORD)0xC0000135L) +#endif // define this for very verbose dll load debug spew #undef DEBUG_very_verbose @@ -268,7 +504,7 @@ private: { } - const char* mName; // points into the gWindowsDllBlocklist string + const char* mName; // points into the sWindowsDllBlocklist string unsigned long long mVersion; DllBlockSet* mNext; @@ -387,6 +623,8 @@ patched_LdrLoadDll (PWCHAR filePath, PULONG flags, PUNICODE_STRING moduleFileNam wchar_t *fname = moduleFileName->Buffer; UniquePtr full_fname; + const DllBlockInfo* info = &sWindowsDllBlocklist[0]; + // The filename isn't guaranteed to be null terminated, but in practice // it always will be; ensure that this is so, and bail if not. // This is done instead of the more robust approach because of bug 527122, @@ -445,117 +683,114 @@ patched_LdrLoadDll (PWCHAR filePath, PULONG flags, PUNICODE_STRING moduleFileNam printf_stderr("LdrLoadDll: dll name '%s'\n", dllName); #endif - if (!(sInitFlags & eDllBlocklistInitFlagWasBootstrapped)) { - // Block a suspicious binary that uses various 12-digit hex strings - // e.g. MovieMode.48CA2AEFA22D.dll (bug 973138) - dot = strchr(dllName, '.'); - if (dot && (strchr(dot+1, '.') == dot+13)) { - char * end = nullptr; - _strtoui64(dot+1, &end, 16); - if (end == dot+13) { - return STATUS_DLL_NOT_FOUND; - } + // Block a suspicious binary that uses various 12-digit hex strings + // e.g. MovieMode.48CA2AEFA22D.dll (bug 973138) + dot = strchr(dllName, '.'); + if (dot && (strchr(dot+1, '.') == dot+13)) { + char * end = nullptr; + _strtoui64(dot+1, &end, 16); + if (end == dot+13) { + return STATUS_DLL_NOT_FOUND; } - // Block binaries where the filename is at least 16 hex digits - if (dot && ((dot - dllName) >= 16)) { - char * current = dllName; - while (current < dot && isxdigit(*current)) { - current++; - } - if (current == dot) { - return STATUS_DLL_NOT_FOUND; - } + } + // Block binaries where the filename is at least 16 hex digits + if (dot && ((dot - dllName) >= 16)) { + char * current = dllName; + while (current < dot && isxdigit(*current)) { + current++; } - - // then compare to everything on the blocklist - DECLARE_POINTER_TO_FIRST_DLL_BLOCKLIST_ENTRY(info); - while (info->name) { - if (strcmp(info->name, dllName) == 0) - break; - - info++; + if (current == dot) { + return STATUS_DLL_NOT_FOUND; } + } - if (info->name) { - bool load_ok = false; + // then compare to everything on the blocklist + while (info->name) { + if (strcmp(info->name, dllName) == 0) + break; + + info++; + } + + if (info->name) { + bool load_ok = false; #ifdef DEBUG_very_verbose - printf_stderr("LdrLoadDll: info->name: '%s'\n", info->name); + printf_stderr("LdrLoadDll: info->name: '%s'\n", info->name); #endif - if ((info->flags & DllBlockInfo::BLOCK_WIN8PLUS_ONLY) && - !IsWin8OrLater()) { + if ((info->flags & DllBlockInfo::BLOCK_WIN8PLUS_ONLY) && + !IsWin8OrLater()) { + goto continue_loading; + } + + if ((info->flags & DllBlockInfo::BLOCK_WIN8_ONLY) && + (!IsWin8OrLater() || IsWin8Point1OrLater())) { + goto continue_loading; + } + + if ((info->flags & DllBlockInfo::CHILD_PROCESSES_ONLY) && + !(sInitFlags & eDllBlocklistInitFlagIsChildProcess)) { + goto continue_loading; + } + + unsigned long long fVersion = ALL_VERSIONS; + + if (info->maxVersion != ALL_VERSIONS) { + ReentrancySentinel sentinel(dllName); + if (sentinel.BailOut()) { goto continue_loading; } - if ((info->flags & DllBlockInfo::BLOCK_WIN8_ONLY) && - (!IsWin8OrLater() || IsWin8Point1OrLater())) { - goto continue_loading; - } - - if ((info->flags & DllBlockInfo::CHILD_PROCESSES_ONLY) && - !(sInitFlags & eDllBlocklistInitFlagIsChildProcess)) { - goto continue_loading; - } - - unsigned long long fVersion = ALL_VERSIONS; - - if (info->maxVersion != ALL_VERSIONS) { - ReentrancySentinel sentinel(dllName); - if (sentinel.BailOut()) { - goto continue_loading; - } - - full_fname = getFullPath(filePath, fname); - if (!full_fname) { - // uh, we couldn't find the DLL at all, so... - printf_stderr("LdrLoadDll: Blocking load of '%s' (SearchPathW didn't find it?)\n", dllName); - return STATUS_DLL_NOT_FOUND; - } - - if (info->flags & DllBlockInfo::USE_TIMESTAMP) { - fVersion = GetTimestamp(full_fname.get()); - if (fVersion > info->maxVersion) { - load_ok = true; - } - } else { - DWORD zero; - DWORD infoSize = GetFileVersionInfoSizeW(full_fname.get(), &zero); - - // If we failed to get the version information, we block. - - if (infoSize != 0) { - auto infoData = MakeUnique(infoSize); - VS_FIXEDFILEINFO *vInfo; - UINT vInfoLen; - - if (GetFileVersionInfoW(full_fname.get(), 0, infoSize, infoData.get()) && - VerQueryValueW(infoData.get(), L"\\", (LPVOID*) &vInfo, &vInfoLen)) - { - fVersion = - ((unsigned long long)vInfo->dwFileVersionMS) << 32 | - ((unsigned long long)vInfo->dwFileVersionLS); - - // finally do the version check, and if it's greater than our block - // version, keep loading - if (fVersion > info->maxVersion) - load_ok = true; - } - } - } - } - - if (!load_ok) { - printf_stderr("LdrLoadDll: Blocking load of '%s' -- see http://www.mozilla.com/en-US/blocklist/\n", dllName); - DllBlockSet::Add(info->name, fVersion); + full_fname = getFullPath(filePath, fname); + if (!full_fname) { + // uh, we couldn't find the DLL at all, so... + printf_stderr("LdrLoadDll: Blocking load of '%s' (SearchPathW didn't find it?)\n", dllName); return STATUS_DLL_NOT_FOUND; } + + if (info->flags & DllBlockInfo::USE_TIMESTAMP) { + fVersion = GetTimestamp(full_fname.get()); + if (fVersion > info->maxVersion) { + load_ok = true; + } + } else { + DWORD zero; + DWORD infoSize = GetFileVersionInfoSizeW(full_fname.get(), &zero); + + // If we failed to get the version information, we block. + + if (infoSize != 0) { + auto infoData = MakeUnique(infoSize); + VS_FIXEDFILEINFO *vInfo; + UINT vInfoLen; + + if (GetFileVersionInfoW(full_fname.get(), 0, infoSize, infoData.get()) && + VerQueryValueW(infoData.get(), L"\\", (LPVOID*) &vInfo, &vInfoLen)) + { + fVersion = + ((unsigned long long)vInfo->dwFileVersionMS) << 32 | + ((unsigned long long)vInfo->dwFileVersionLS); + + // finally do the version check, and if it's greater than our block + // version, keep loading + if (fVersion > info->maxVersion) + load_ok = true; + } + } + } + } + + if (!load_ok) { + printf_stderr("LdrLoadDll: Blocking load of '%s' -- see http://www.mozilla.com/en-US/blocklist/\n", dllName); + DllBlockSet::Add(info->name, fVersion); + return STATUS_DLL_NOT_FOUND; } } continue_loading: #ifdef DEBUG_very_verbose - printf_stderr("LdrLoadDll: continuing load... ('%S')\n", moduleFileName->Buffer); + printf_stderr("LdrLoadDll: continuing load... ('%S')\n", moduleFileName->Buffer); #endif // A few DLLs such as xul.dll and nss3.dll get loaded before mozglue's @@ -626,9 +861,6 @@ patched_BaseThreadInitThunk(BOOL aIsInitialThread, void* aStartAddress, static WindowsDllInterceptor NtDllIntercept; static WindowsDllInterceptor Kernel32Intercept; -static void -GetNativeNtBlockSetWriter(); - MFBT_API void DllBlocklist_Initialize(uint32_t aInitFlags) { @@ -636,11 +868,6 @@ DllBlocklist_Initialize(uint32_t aInitFlags) return; } sInitFlags = aInitFlags; - - if (sInitFlags & eDllBlocklistInitFlagWasBootstrapped) { - GetNativeNtBlockSetWriter(); - } - sBlocklistInitAttempted = true; #if defined(NIGHTLY_BUILD) gStartAddressesToBlock = new mozilla::Vector; @@ -696,7 +923,7 @@ DllBlocklist_Initialize(uint32_t aInitFlags) reinterpret_cast(patched_BaseThreadInitThunk), (void**) &stub_BaseThreadInitThunk)) { #ifdef DEBUG - printf_stderr("BaseThreadInitThunk hook failed\n"); + printf_stderr("BaseThreadInitThunk hook failed\n"); #endif } } @@ -730,8 +957,8 @@ DllBlocklist_Initialize(uint32_t aInitFlags) #endif } -static void -InternalWriteNotes(HANDLE file) +MFBT_API void +DllBlocklist_WriteNotes(HANDLE file) { DWORD nBytes; @@ -750,26 +977,6 @@ InternalWriteNotes(HANDLE file) } } -using WriterFn = void (*)(HANDLE); -static WriterFn gWriterFn = &InternalWriteNotes; - -static void -GetNativeNtBlockSetWriter() -{ - auto nativeWriter = reinterpret_cast( - ::GetProcAddress(::GetModuleHandleW(nullptr), "NativeNtBlockSet_Write")); - if (nativeWriter) { - gWriterFn = nativeWriter; - } -} - -MFBT_API void -DllBlocklist_WriteNotes(HANDLE file) -{ - MOZ_ASSERT(gWriterFn); - gWriterFn(file); -} - MFBT_API bool DllBlocklist_CheckStatus() { diff --git a/mozglue/build/WindowsDllBlocklist.h b/mozglue/build/WindowsDllBlocklist.h index b49d643482dc..8b6ac1666cc2 100644 --- a/mozglue/build/WindowsDllBlocklist.h +++ b/mozglue/build/WindowsDllBlocklist.h @@ -17,8 +17,7 @@ enum DllBlocklistInitFlags { eDllBlocklistInitFlagDefault = 0, - eDllBlocklistInitFlagIsChildProcess = 1, - eDllBlocklistInitFlagWasBootstrapped = 2 + eDllBlocklistInitFlagIsChildProcess = 1 }; MFBT_API void DllBlocklist_Initialize(uint32_t aInitFlags = eDllBlocklistInitFlagDefault); diff --git a/mozglue/build/WindowsDllBlocklistCommon.h b/mozglue/build/WindowsDllBlocklistCommon.h deleted file mode 100644 index bc5e96f2b9b5..000000000000 --- a/mozglue/build/WindowsDllBlocklistCommon.h +++ /dev/null @@ -1,83 +0,0 @@ -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* vim: set ts=8 sts=2 et sw=2 tw=80: */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at https://mozilla.org/MPL/2.0/. */ - -#ifndef mozilla_WindowsDllBlocklistCommon_h -#define mozilla_WindowsDllBlocklistCommon_h - -#include - -namespace mozilla { - -template -struct DllBlockInfoT { - // The name of the DLL -- in LOWERCASE! It will be compared to - // a lowercase version of the DLL name only. - const CharType* name; - - // If maxVersion is ALL_VERSIONS, we'll block all versions of this - // dll. Otherwise, we'll block all versions less than or equal to - // the given version, as queried by GetFileVersionInfo and - // VS_FIXEDFILEINFO's dwFileVersionMS and dwFileVersionLS fields. - // - // Note that the version is usually 4 components, which is A.B.C.D - // encoded as 0x AAAA BBBB CCCC DDDD ULL (spaces added for clarity), - // but it's not required to be of that format. - uint64_t maxVersion; - - // If the USE_TIMESTAMP flag is set, then we use the timestamp from - // the IMAGE_FILE_HEADER in lieu of a version number. - // - // If the CHILD_PROCESSES_ONLY flag is set, then the dll is blocked - // only when we are a child process. - enum Flags { - FLAGS_DEFAULT = 0, - BLOCK_WIN8PLUS_ONLY = 1, - BLOCK_WIN8_ONLY = 2, - USE_TIMESTAMP = 4, - CHILD_PROCESSES_ONLY = 8 - } flags; - - static const uint64_t ALL_VERSIONS = (uint64_t) -1LL; - - // DLLs sometimes ship without a version number, particularly early - // releases. Blocking "version <= 0" has the effect of blocking unversioned - // DLLs (since the call to get version info fails), but not blocking - // any versioned instance. - static const uint64_t UNVERSIONED = 0ULL; -}; - -} // namespace mozilla - -// Convert the 4 (decimal) components of a DLL version number into a -// single unsigned long long, as needed by the blocklist -static inline constexpr uint64_t -MAKE_VERSION(uint16_t a, uint16_t b, uint16_t c, uint16_t d) -{ - return static_cast(a) << 48 | - static_cast(b) << 32 | - static_cast(c) << 16 | - static_cast(d); -} - -#if !defined(DLL_BLOCKLIST_CHAR_TYPE) -#error "You must define DLL_BLOCKLIST_CHAR_TYPE" -#endif // !defined(DLL_BLOCKLIST_CHAR_TYPE) - -#define DLL_BLOCKLIST_DEFINITIONS_BEGIN \ - using DllBlockInfo = mozilla::DllBlockInfoT; \ - static const DllBlockInfo gWindowsDllBlocklist[] = { - -#define ALL_VERSIONS DllBlockInfo::ALL_VERSIONS -#define UNVERSIONED DllBlockInfo::UNVERSIONED - -#define DLL_BLOCKLIST_DEFINITIONS_END \ - {nullptr, 0} \ - }; - -#define DECLARE_POINTER_TO_FIRST_DLL_BLOCKLIST_ENTRY(name) \ - const DllBlockInfo* name = &gWindowsDllBlocklist[0] - -#endif // mozilla_WindowsDllBlocklistCommon_h diff --git a/mozglue/build/WindowsDllBlocklistDefs.h b/mozglue/build/WindowsDllBlocklistDefs.h deleted file mode 100644 index 618db3d5e2e0..000000000000 --- a/mozglue/build/WindowsDllBlocklistDefs.h +++ /dev/null @@ -1,206 +0,0 @@ -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* vim: set ts=8 sts=2 et sw=2 tw=80: */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at https://mozilla.org/MPL/2.0/. */ - -#ifndef mozilla_WindowsDllBlocklistDefs_h -#define mozilla_WindowsDllBlocklistDefs_h - -#include "mozilla/WindowsDllBlocklistCommon.h" - -DLL_BLOCKLIST_DEFINITIONS_BEGIN - -// EXAMPLE: -// DLL_BLOCKLIST_ENTRY("uxtheme.dll", ALL_VERSIONS) -// DLL_BLOCKLIST_ENTRY("uxtheme.dll", 0x0000123400000000ULL) -// The DLL name must be in lowercase! -// The version field is a maximum, that is, we block anything that is -// less-than or equal to that version. - -// NPFFAddon - Known malware -DLL_BLOCKLIST_ENTRY("npffaddon.dll", ALL_VERSIONS) - -// AVG 8 - Antivirus vendor AVG, old version, plugin already blocklisted -DLL_BLOCKLIST_ENTRY("avgrsstx.dll", MAKE_VERSION(8,5,0,401)) - -// calc.dll - Suspected malware -DLL_BLOCKLIST_ENTRY("calc.dll", MAKE_VERSION(1,0,0,1)) - -// hook.dll - Suspected malware -DLL_BLOCKLIST_ENTRY("hook.dll", ALL_VERSIONS) - -// GoogleDesktopNetwork3.dll - Extremely old, unversioned instances -// of this DLL cause crashes -DLL_BLOCKLIST_ENTRY("googledesktopnetwork3.dll", UNVERSIONED) - -// rdolib.dll - Suspected malware -DLL_BLOCKLIST_ENTRY("rdolib.dll", MAKE_VERSION(6,0,88,4)) - -// fgjk4wvb.dll - Suspected malware -DLL_BLOCKLIST_ENTRY("fgjk4wvb.dll", MAKE_VERSION(8,8,8,8)) - -// radhslib.dll - Naomi internet filter - unmaintained since 2006 -DLL_BLOCKLIST_ENTRY("radhslib.dll", UNVERSIONED) - -// Music download filter for vkontakte.ru - old instances -// of this DLL cause crashes -DLL_BLOCKLIST_ENTRY("vksaver.dll", MAKE_VERSION(2,2,2,0)) - -// Topcrash in Firefox 4.0b1 -DLL_BLOCKLIST_ENTRY("rlxf.dll", MAKE_VERSION(1,2,323,1)) - -// psicon.dll - Topcrashes in Thunderbird, and some crashes in Firefox -// Adobe photoshop library, now redundant in later installations -DLL_BLOCKLIST_ENTRY("psicon.dll", ALL_VERSIONS) - -// Topcrash in Firefox 4 betas (bug 618899) -DLL_BLOCKLIST_ENTRY("accelerator.dll", MAKE_VERSION(3,2,1,6)) - -// Topcrash with Roboform in Firefox 8 (bug 699134) -DLL_BLOCKLIST_ENTRY("rf-firefox.dll", MAKE_VERSION(7,6,1,0)) -DLL_BLOCKLIST_ENTRY("roboform.dll", MAKE_VERSION(7,6,1,0)) - -// Topcrash with Babylon Toolbar on FF16+ (bug 721264) -DLL_BLOCKLIST_ENTRY("babyfox.dll", ALL_VERSIONS) - -// sprotector.dll crashes, bug 957258 -DLL_BLOCKLIST_ENTRY("sprotector.dll", ALL_VERSIONS) - -// leave these two in always for tests -DLL_BLOCKLIST_ENTRY("mozdllblockingtest.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("mozdllblockingtest_versioned.dll", 0x0000000400000000ULL) - -// Windows Media Foundation FLAC decoder and type sniffer (bug 839031). -DLL_BLOCKLIST_ENTRY("mfflac.dll", ALL_VERSIONS) - -// Older Relevant Knowledge DLLs cause us to crash (bug 904001). -DLL_BLOCKLIST_ENTRY("rlnx.dll", MAKE_VERSION(1, 3, 334, 9)) -DLL_BLOCKLIST_ENTRY("pmnx.dll", MAKE_VERSION(1, 3, 334, 9)) -DLL_BLOCKLIST_ENTRY("opnx.dll", MAKE_VERSION(1, 3, 334, 9)) -DLL_BLOCKLIST_ENTRY("prnx.dll", MAKE_VERSION(1, 3, 334, 9)) - -// Older belgian ID card software causes Firefox to crash or hang on -// shutdown, bug 831285 and 918399. -DLL_BLOCKLIST_ENTRY("beid35cardlayer.dll", MAKE_VERSION(3, 5, 6, 6968)) - -// bug 925459, bitguard crashes -DLL_BLOCKLIST_ENTRY("bitguard.dll", ALL_VERSIONS) - -// bug 812683 - crashes in Windows library when Asus Gamer OSD is installed -// Software is discontinued/unsupported -DLL_BLOCKLIST_ENTRY("atkdx11disp.dll", ALL_VERSIONS) - -// Topcrash with Conduit SearchProtect, bug 944542 -DLL_BLOCKLIST_ENTRY("spvc32.dll", ALL_VERSIONS) - -// Topcrash with V-bates, bug 1002748 and bug 1023239 -DLL_BLOCKLIST_ENTRY("libinject.dll", UNVERSIONED) -DLL_BLOCKLIST_ENTRY("libinject2.dll", 0x537DDC93, DllBlockInfo::USE_TIMESTAMP) -DLL_BLOCKLIST_ENTRY("libredir2.dll", 0x5385B7ED, DllBlockInfo::USE_TIMESTAMP) - -// Crashes with RoboForm2Go written against old SDK, bug 988311/1196859 -DLL_BLOCKLIST_ENTRY("rf-firefox-22.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("rf-firefox-40.dll", ALL_VERSIONS) - -// Crashes with DesktopTemperature, bug 1046382 -DLL_BLOCKLIST_ENTRY("dtwxsvc.dll", 0x53153234, DllBlockInfo::USE_TIMESTAMP) - -// Startup crashes with Lenovo Onekey Theater, bug 1123778 -DLL_BLOCKLIST_ENTRY("activedetect32.dll", UNVERSIONED) -DLL_BLOCKLIST_ENTRY("activedetect64.dll", UNVERSIONED) -DLL_BLOCKLIST_ENTRY("windowsapihookdll32.dll", UNVERSIONED) -DLL_BLOCKLIST_ENTRY("windowsapihookdll64.dll", UNVERSIONED) - -// Flash crashes with RealNetworks RealDownloader, bug 1132663 -DLL_BLOCKLIST_ENTRY("rndlnpshimswf.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("rndlmainbrowserrecordplugin.dll", ALL_VERSIONS) - -// Startup crashes with RealNetworks Browser Record Plugin, bug 1170141 -DLL_BLOCKLIST_ENTRY("nprpffbrowserrecordext.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("nprndlffbrowserrecordext.dll", ALL_VERSIONS) - -// Crashes with CyberLink YouCam, bug 1136968 -DLL_BLOCKLIST_ENTRY("ycwebcamerasource.ax", MAKE_VERSION(2, 0, 0, 1611)) - -// Old version of WebcamMax crashes WebRTC, bug 1130061 -DLL_BLOCKLIST_ENTRY("vwcsource.ax", MAKE_VERSION(1, 5, 0, 0)) - -// NetOp School, discontinued product, bug 763395 -DLL_BLOCKLIST_ENTRY("nlsp.dll", MAKE_VERSION(6, 23, 2012, 19)) - -// Orbit Downloader, bug 1222819 -DLL_BLOCKLIST_ENTRY("grabdll.dll", MAKE_VERSION(2, 6, 1, 0)) -DLL_BLOCKLIST_ENTRY("grabkernel.dll", MAKE_VERSION(1, 0, 0, 1)) - -// ESET, bug 1229252 -DLL_BLOCKLIST_ENTRY("eoppmonitor.dll", ALL_VERSIONS) - -// SS2OSD, bug 1262348 -DLL_BLOCKLIST_ENTRY("ss2osd.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("ss2devprops.dll", ALL_VERSIONS) - -// NHASUSSTRIXOSD.DLL, bug 1269244 -DLL_BLOCKLIST_ENTRY("nhasusstrixosd.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("nhasusstrixdevprops.dll", ALL_VERSIONS) - -// Crashes with PremierOpinion/RelevantKnowledge, bug 1277846 -DLL_BLOCKLIST_ENTRY("opls.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("opls64.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("pmls.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("pmls64.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("prls.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("prls64.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("rlls.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("rlls64.dll", ALL_VERSIONS) - -// Vorbis DirectShow filters, bug 1239690. -DLL_BLOCKLIST_ENTRY("vorbis.acm", MAKE_VERSION(0, 0, 3, 6)) - -// AhnLab Internet Security, bug 1311969 -DLL_BLOCKLIST_ENTRY("nzbrcom.dll", ALL_VERSIONS) - -// K7TotalSecurity, bug 1339083. -DLL_BLOCKLIST_ENTRY("k7pswsen.dll", MAKE_VERSION(15, 2, 2, 95)) - -// smci*.dll - goobzo crashware (bug 1339908) -DLL_BLOCKLIST_ENTRY("smci32.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("smci64.dll", ALL_VERSIONS) - -// Crashes with Internet Download Manager, bug 1333486 -DLL_BLOCKLIST_ENTRY("idmcchandler7.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("idmcchandler7_64.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("idmcchandler5.dll", ALL_VERSIONS) -DLL_BLOCKLIST_ENTRY("idmcchandler5_64.dll", ALL_VERSIONS) - -// Nahimic 2 breaks applicaton update (bug 1356637) -DLL_BLOCKLIST_ENTRY("nahimic2devprops.dll", MAKE_VERSION(2, 5, 19, 0xffff)) -// Nahimic is causing crashes, bug 1233556 -DLL_BLOCKLIST_ENTRY("nahimicmsiosd.dll", UNVERSIONED) -// Nahimic is causing crashes, bug 1360029 -DLL_BLOCKLIST_ENTRY("nahimicvrdevprops.dll", UNVERSIONED) -DLL_BLOCKLIST_ENTRY("nahimic2osd.dll", MAKE_VERSION(2, 5, 19, 0xffff)) -DLL_BLOCKLIST_ENTRY("nahimicmsidevprops.dll", UNVERSIONED) - -// Bug 1268470 - crashes with Kaspersky Lab on Windows 8 -DLL_BLOCKLIST_ENTRY("klsihk64.dll", MAKE_VERSION(14, 0, 456, 0xffff), DllBlockInfo::BLOCK_WIN8_ONLY) - -// Bug 1407337, crashes with OpenSC < 0.16.0 -DLL_BLOCKLIST_ENTRY("onepin-opensc-pkcs11.dll", MAKE_VERSION(0, 15, 0xffff, 0xffff)) - -// Avecto Privilege Guard causes crashes, bug 1385542 -DLL_BLOCKLIST_ENTRY("pghook.dll", ALL_VERSIONS) - -// Old versions of G DATA BankGuard, bug 1421991 -DLL_BLOCKLIST_ENTRY("banksafe64.dll", MAKE_VERSION(1, 2, 15299, 65535)) - -// Old versions of G DATA, bug 1043775 -DLL_BLOCKLIST_ENTRY("gdkbfltdll64.dll", MAKE_VERSION(1, 0, 14141, 240)) - -// Dell Backup and Recovery tool causes crashes, bug 1433408 -DLL_BLOCKLIST_ENTRY("dbroverlayiconnotbackuped.dll", MAKE_VERSION(1, 8, 0, 9)) -DLL_BLOCKLIST_ENTRY("dbroverlayiconbackuped.dll", MAKE_VERSION(1, 8, 0, 9)) - -DLL_BLOCKLIST_DEFINITIONS_END - -#endif // mozilla_WindowsDllBlocklistDefs_h diff --git a/mozglue/build/moz.build b/mozglue/build/moz.build index b16eb6b8aa18..53758485ac3d 100644 --- a/mozglue/build/moz.build +++ b/mozglue/build/moz.build @@ -72,8 +72,6 @@ if CONFIG['MOZ_WIDGET_TOOLKIT']: ] EXPORTS.mozilla += [ 'Authenticode.h', - 'WindowsDllBlocklistCommon.h', - 'WindowsDllBlocklistDefs.h', ] EXPORTS.mozilla.glue += [ 'WindowsDllServices.h',