gecko-dev/mozglue
Toshihito Kikuchi b80c6d24b1 Bug 1642626 - Part3: Handle a detour pattern of multple jumps. r=handyman
AVG AntiVirus hooks ntdll!NtMapViewOfSection by planting two JMP instructions,
jumping to a trampoline area first, then jumping to aswhook.dll.

```
ntdll!NtMapViewOfSection:
00007ffa`6d77c560 e9d33cfebf      jmp     00007ffa`2d760238

00007ffa`2d760238 ff25f2ffffff    jmp     qword ptr [00007ffa`2d760230] --> 00007ffa`541e2ad0

aswhook+0x2ad0:
00007ffa`541e2ad0 4055            push    rbp
00007ffa`541e2ad2 53              push    rbx
00007ffa`541e2ad3 56              push    rsi
```

With this patch, our detour can detour on top of that pattern.  The first part is
to remove the MEM_IMAGE check from IsPageAccessible.  The second part is to introduce
a loop in ResolveRedirectedAddress to resolve a chain of jumps.

Differential Revision: https://phabricator.services.mozilla.com/D81582
2020-07-02 16:43:14 +00:00
..
android
baseprofiler Bug 1648507 - Distinguish pausing sampling only from pausing the whole profiler - r=canaltinova,perftest-reviewers,geckoview-reviewers,agi 2020-07-02 01:36:27 +00:00
build Bug 1647702 - Broaden the race supression for compacting race between updating ObjectGroups and Shapes r=sfink 2020-06-26 16:25:03 +00:00
dllservices
linker Bug 1648340 - Only call GetAndroidSDKVersion() on Android. r=froydnj 2020-06-25 10:59:19 +00:00
misc Bug 1642626 - Part3: Handle a detour pattern of multple jumps. r=handyman 2020-07-02 16:43:14 +00:00
static
tests Bug 1642626 - Part3: Handle a detour pattern of multple jumps. r=handyman 2020-07-02 16:43:14 +00:00
moz.build