Opened 5 years ago

Closed 2 years ago

Last modified 2 years ago

#12426 closed enhancement (fixed)

Make use of HeapEnableTerminationOnCorruption in Tor Browser on Windows

Reported by: gk Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Major Keywords: tbb-security, tbb-firefox-patch, tbb-hardened, tbb-easy, TorBrowserTeam201704R
Cc: tom@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

This function gets defined in ipc/chromium/src/base/process_util* but is only used in the test suite: https://mxr.mozilla.org/mozilla-esr24/source/ipc/chromium/src/base/test_suite.h. We should make more use of it in the code itself. See: https://blogs.msdn.com/b/oldnewthing/archive/2013/12/27/10484882.aspx for more information.

Child Tickets

Change History (8)

comment:1 Changed 5 years ago by erinn

Component: Firefox Patch IssuesTor Browser
Keywords: tbb-firefox-patch added
Owner: changed from mikeperry to tbb-team

comment:2 Changed 5 years ago by tom

Cc: tom@… added

comment:3 Changed 4 years ago by gk

Keywords: tbb-hardening added

comment:4 Changed 4 years ago by gk

Keywords: tbb-hardened added; tbb-hardening removed

comment:5 Changed 2 years ago by cypherpunks

Keywords: tbb-easy TorBrowserTeam201704R added
Severity: Major
Status: newneeds_review
Summary: Make use of EnableTerminationOnHeapCorruption() in Tor BrowserMake use of HeapEnableTerminationOnCorruption in Tor Browser on Windows

One system function call that should have been applied long long ago. (For tor.exe and others, please, too.)
https://bugzilla.mozilla.org/show_bug.cgi?id=805173
P.S. It is not necessary for applications to enable it since Win 8 because the system uses it for all processes by default.

comment:6 Changed 2 years ago by gk

Resolution: fixed
Status: needs_reviewclosed

Okay, I cherry-picked that patch from gecko-dev/master. It is commit 49d21424d9d25b47a263bacec751742ac7370683 on tor-browser-52.0.2esr-7.0-2.

comment:7 Changed 2 years ago by gk

FWIW: We want to test it an alpha but think harder if we should pick that one for the 7.0 stable in case we don't get the sandbox compiled properly in time.

comment:8 in reply to:  7 Changed 2 years ago by cypherpunks

Replying to gk:

FWIW: We want to test it an alpha but think harder if we should pick that one for the 7.0 stable in case we don't get the sandbox compiled properly in time.

???
It has been tested in stable since 2012 when Win 8 was released which terminated all processes on heap corruption by default without any need for asking it through HeapSetInformation() calls. It is needed only for Win 7 or earlier. Would be nice to see it in 6.5 (in tor.exe near SetProcessDEPPolicy() too).
FWIW: we should also add EnableLowFragmentationHeap() modified from https://dxr.mozilla.org/mozilla-esr24/source/ipc/chromium/src/base/process_util_win.cc#867, but it's not so easy.

Note: See TracTickets for help on using tickets.