mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-19 16:25:38 +00:00
e83bcb5130
When the browser process starts a sandbox process, we copy the executable's IAT for ntdll.dll into the new process to prevent DLL injection via IAT tampering as the launcher process does. However, if IAT has been modified by a module injected via `SetWindowHookEx`, the browser process cannot copy IAT because a modified IAT is invalid in a different process, failing to start any sandbox processes. The proposed fix is to cache IAT before COM initialization which may load modules via `SetWindowHookEx` for the first time in the process. Differential Revision: https://phabricator.services.mozilla.com/D73303
26 lines
839 B
C++
26 lines
839 B
C++
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
|
|
|
|
#ifndef mozilla_DllBlocklistInit_h
|
|
#define mozilla_DllBlocklistInit_h
|
|
|
|
#include <windows.h>
|
|
|
|
#include "mozilla/WinHeaderOnlyUtils.h"
|
|
|
|
namespace mozilla {
|
|
|
|
LauncherVoidResultWithLineInfo InitializeDllBlocklistOOP(
|
|
const wchar_t* aFullImagePath, HANDLE aChildProcess,
|
|
const IMAGE_THUNK_DATA* aCachedNtdllThunk);
|
|
|
|
LauncherVoidResultWithLineInfo InitializeDllBlocklistOOPFromLauncher(
|
|
const wchar_t* aFullImagePath, HANDLE aChildProcess);
|
|
|
|
} // namespace mozilla
|
|
|
|
#endif // mozilla_DllBlocklistInit_h
|