Closed Bug 1229804 Opened 10 years ago Closed 10 years ago

Incorrect string length specified in Windows sandbox logging.

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla45

Tracking Flags:

Tracking

Status

firefox45

---

fixed

People

(Reporter: bobowen, Assigned: bobowen)

Details

Attachments

(1 file)

Use the correct string length in Windows sandbox logging 10 years ago Bob Owen (:bobowen) 3.22 KB, patch	TimAbraldes : review+	Details \| Diff \| Splinter Review

Bob Owen (:bobowen)

Assignee

Description

•

10 years ago

It seems that the Length in UNICODE_STRING that I use is in bytes, even though the buffer pointer in the same structure is effectively a wchar_t* (which is always 2 bytes on Windows).

Bob Owen (:bobowen)

Assignee

Comment 1

•

10 years ago

Attached patch Use the correct string length in Windows sandbox logging — Details — Splinter Review

Bob Owen (:bobowen)

Assignee

Updated

•

10 years ago

Attachment #8694797 - Flags: review?(tabraldes)

Bob Owen (:bobowen)

Assignee

Comment 2

•

10 years ago

https://treeherder.mozilla.org/#/jobs?repo=try&revision=bb231036fe2d

Tim Abraldes [:TimAbraldes] [:tabraldes]

Comment 3

•

10 years ago

Comment on attachment 8694797 [details] [diff] [review] Use the correct string length in Windows sandbox logging Review of attachment 8694797 [details] [diff] [review]: ----------------------------------------------------------------- ::: security/sandbox/chromium-shim/sandbox/win/sandboxLogging.cpp @@ +65,5 @@ > { > if (sLogFunction) { > // Skip an extra frame to allow for this function. > LogBlocked(aFunctionName, > + base::WideToUTF8(std::wstring(aContext, aLengthInBytes / sizeof(wchar_t))).c_str(), I think we could take advantage of the `std::wstring(const_pointer _First, const_pointer _Last)` constructor [1] to rewrite this instead as `base::WideToUTF8(std::wstring(aContext, aContext + aLengthInBytes)).c_str(),` [1] https://msdn.microsoft.com/en-us/library/y22b7w38.aspx

Attachment #8694797 - Flags: review?(tabraldes) → review+

Tim Abraldes [:TimAbraldes] [:tabraldes]

Comment 4

•

10 years ago

(In reply to Tim Abraldes [:TimAbraldes] [:tabraldes] from comment #3) > Comment on attachment 8694797 [details] [diff] [review] > Use the correct string length in Windows sandbox logging > > Review of attachment 8694797 [details] [diff] [review]: > ----------------------------------------------------------------- > > ::: security/sandbox/chromium-shim/sandbox/win/sandboxLogging.cpp > @@ +65,5 @@ > > { > > if (sLogFunction) { > > // Skip an extra frame to allow for this function. > > LogBlocked(aFunctionName, > > + base::WideToUTF8(std::wstring(aContext, aLengthInBytes / sizeof(wchar_t))).c_str(), > > I think we could take advantage of the `std::wstring(const_pointer _First, > const_pointer _Last)` constructor [1] to rewrite this instead as > `base::WideToUTF8(std::wstring(aContext, aContext + > aLengthInBytes)).c_str(),` > > [1] https://msdn.microsoft.com/en-us/library/y22b7w38.aspx There might be an off-by-one error in this suggestion. It might need to be `aContext + aLengthInBytes - 1`. I'm not sure from the documentation that I've read

Bob Owen (:bobowen)

Assignee

Comment 5

•

10 years ago

Thanks Tim. (In reply to Tim Abraldes [:TimAbraldes] [:tabraldes] from comment #3) > > + base::WideToUTF8(std::wstring(aContext, aLengthInBytes / sizeof(wchar_t))).c_str(), > > I think we could take advantage of the `std::wstring(const_pointer _First, > const_pointer _Last)` constructor [1] to rewrite this instead as > `base::WideToUTF8(std::wstring(aContext, aContext + > aLengthInBytes)).c_str(),` But aContext is a wchar_t* (wchar_t is 2 bytes on Windows), so with pointer arithmetic, as the length is in bytes _Last would be at a point double the length of the string.

Pulsebot

Comment 6

•

10 years ago

https://hg.mozilla.org/integration/mozilla-inbound/rev/29408f18b82e

Tim Abraldes [:TimAbraldes] [:tabraldes]

Comment 7

•

10 years ago

(In reply to Bob Owen (:bobowen) from comment #5) > Thanks Tim. > > (In reply to Tim Abraldes [:TimAbraldes] [:tabraldes] from comment #3) > > > > + base::WideToUTF8(std::wstring(aContext, aLengthInBytes / sizeof(wchar_t))).c_str(), > > > > I think we could take advantage of the `std::wstring(const_pointer _First, > > const_pointer _Last)` constructor [1] to rewrite this instead as > > `base::WideToUTF8(std::wstring(aContext, aContext + > > aLengthInBytes)).c_str(),` > > But aContext is a wchar_t* (wchar_t is 2 bytes on Windows), so with pointer > arithmetic, as the length is in bytes _Last would be at a point double the > length of the string. Ah, good point. We'd have to do some casting or do the exact same math for that approach to work.

Wes Kocher (:KWierso) (Not reading bugmail; email directly if needed)

Comment 8

•

10 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/29408f18b82e

Status: ASSIGNED → RESOLVED

Closed: 10 years ago

status-firefox45: affected → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla45

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Incorrect string length specified in Windows sandbox logging.

Categories

(Core :: Security: Process Sandboxing, defect)

Tracking

()

People

(Reporter: bobowen, Assigned: bobowen)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Updated

Comment 2

Comment 3

Comment 4

Comment 5

Comment 6

Comment 7

Comment 8

Attachment

General

Description

File Name

Content Type