Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-27 23:02:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1819410 - Ensure we shutdown the RemoteSandboxBrokerParent IPDL instance during launch failures. r=jld

Browse Source 
If the process being launched by the sandbox broker crashes after we
setup the IPDL channel, but before we successfully complete the
initialization process, we don't explicitly teardown
RemoteSandboxBrokerParent. As such, when we destroy the owning objects,
it attempts to destroy RemoteSandboxBrokerParent while the protocol is
still open, triggering a release assert for destroying
PRemoteSandboxBrokerParent while the protocol/channel are still open.

This patch makes us explicitly teardown the channel if there is a launch
failure inside the sandbox broker.

Differential Revision: https://phabricator.services.mozilla.com/D171258
This commit is contained in:
Andrew Osmond 2023-03-07 16:25:18 +00:00
parent db773748bb
commit 54093fb0ef
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
security/sandbox/win/src/remotesandboxbroker/remoteSandboxBroker.cpp
View File

@ -103,6 +103,7 @@ bool RemoteSandboxBroker::LaunchApp(
bool rv = mParent.SendLaunchApp(std::move(mParameters), &ok, &handle) && ok; bool rv = mParent.SendLaunchApp(std::move(mParameters), &ok, &handle) && ok;
mParameters.shareHandles().Clear(); mParameters.shareHandles().Clear();
if (!rv) { if (!rv) {
mParent.Shutdown();
return false; return false;
} }
@ -111,6 +112,7 @@ bool RemoteSandboxBroker::LaunchApp(
HANDLE ourChildHandle = 0; HANDLE ourChildHandle = 0;
bool dh = mParent.DuplicateFromLauncher((HANDLE)handle, &ourChildHandle); bool dh = mParent.DuplicateFromLauncher((HANDLE)handle, &ourChildHandle);
if (!dh) { if (!dh) {
mParent.Shutdown();
return false; return false;
} }