Opened 3 years ago

Closed 3 years ago

#22267 closed defect (fixed)

Windows build of esr52 Tor Browser has no relocs, SSP and DEP/ASLR flags

Reported by: boklm Owned by: boklm
Priority: High Milestone:
Component: Applications/Tor Browser Version:
Severity: Major Keywords: TorBrowserTeam201705R, tbb-security, ff52-esr, tbb-7.0-must
Cc: tbb-team Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


The firefox.exe binary in doesn't have DEP and ASLR enabled.

It seems to affect only the binaries from the firefox part, as the tor.exe binary has DEP/ASLR enabled.

Child Tickets

Change History (5)

comment:1 Changed 3 years ago by gk

Keywords: TorBrowserTeam201705 added; TorTeam201705 tbb-hardened removed

comment:2 Changed 3 years ago by gk

Priority: MediumHigh

Raising prio.

comment:3 Changed 3 years ago by boklm

Keywords: TorBrowserTeam201705R added; TorBrowserTeam201705 removed
Status: newneeds_review

In gitian/descriptors/windows/gitian-firefox.yml we are adding the hardened wrappers to the PATH before the build, but after running the configure script. It seems that in ESR52, the compiler that is used during the build is the one that was in the PATH when the configure script was run.

I created a patch in the branch bug_22267 to fix that, adding the wrappers before running the configure script:

comment:4 Changed 3 years ago by cypherpunks

Severity: NormalMajor
Summary: Windows build of esr52 Tor Browser has no DEP/ASLRWindows build of esr52 Tor Browser has no relocs, SSP and DEP/ASLR flags

It has DEP, because you are using SetProcessDEPPolicy(), but it can't even be forced into ASLR without the .reloc section. (Checking real availability of mitigations, and not only flags, would be neat.)

comment:5 Changed 3 years ago by gk

Resolution: fixed
Status: needs_reviewclosed

Seems we are done here? The next nightly builds should have the fix (commit 2db406eba4657e5876994002070f92ace6d2dcc3 on master).

Note: See TracTickets for help on using tickets.