Closed Bug 1229804 Opened 9 years ago Closed 9 years ago

Incorrect string length specified in Windows sandbox logging.

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla45

Tracking Flags:

Tracking

Status

firefox45

---

fixed

People

(Reporter: bobowen, Assigned: bobowen)

Details

Attachments

(1 file)

Use the correct string length in Windows sandbox logging 9 years ago Bob Owen (:bobowen) 3.22 KB, patch	TimAbraldes : review+	Details \| Diff \| Splinter Review

Bob Owen (:bobowen)

Assignee

Description

•

9 years ago

It seems that the Length in UNICODE_STRING that I use is in bytes, even though the buffer pointer in the same structure is effectively a wchar_t* (which is always 2 bytes on Windows).

Bob Owen (:bobowen)

Assignee

Comment 1

•

9 years ago

Attached patch Use the correct string length in Windows sandbox logging — Details — Splinter Review

Bob Owen (:bobowen)

Assignee

Updated

•

9 years ago

Attachment #8694797 - Flags: review?(tabraldes)

Bob Owen (:bobowen)

Assignee

Comment 2

•

9 years ago

https://treeherder.mozilla.org/#/jobs?repo=try&revision=bb231036fe2d

Tim Abraldes [:TimAbraldes] [:tabraldes]

Comment 3

•

9 years ago

Comment on attachment 8694797 [details] [diff] [review]
Use the correct string length in Windows sandbox logging

Review of attachment 8694797 [details] [diff] [review]:
-----------------------------------------------------------------

::: security/sandbox/chromium-shim/sandbox/win/sandboxLogging.cpp
@@ +65,5 @@
>  {
>    if (sLogFunction) {
>      // Skip an extra frame to allow for this function.
>      LogBlocked(aFunctionName,
> +               base::WideToUTF8(std::wstring(aContext, aLengthInBytes / sizeof(wchar_t))).c_str(),

I think we could take advantage of the `std::wstring(const_pointer _First, const_pointer _Last)` constructor [1] to rewrite this instead as `base::WideToUTF8(std::wstring(aContext, aContext + aLengthInBytes)).c_str(),`

[1] https://msdn.microsoft.com/en-us/library/y22b7w38.aspx

Attachment #8694797 - Flags: review?(tabraldes) → review+

Tim Abraldes [:TimAbraldes] [:tabraldes]

Comment 4

•

9 years ago

(In reply to Tim Abraldes [:TimAbraldes] [:tabraldes] from comment #3)
> Comment on attachment 8694797 [details] [diff] [review]
> Use the correct string length in Windows sandbox logging
> 
> Review of attachment 8694797 [details] [diff] [review]:
> -----------------------------------------------------------------
> 
> ::: security/sandbox/chromium-shim/sandbox/win/sandboxLogging.cpp
> @@ +65,5 @@
> >  {
> >    if (sLogFunction) {
> >      // Skip an extra frame to allow for this function.
> >      LogBlocked(aFunctionName,
> > +               base::WideToUTF8(std::wstring(aContext, aLengthInBytes / sizeof(wchar_t))).c_str(),
> 
> I think we could take advantage of the `std::wstring(const_pointer _First,
> const_pointer _Last)` constructor [1] to rewrite this instead as
> `base::WideToUTF8(std::wstring(aContext, aContext +
> aLengthInBytes)).c_str(),`
> 
> [1] https://msdn.microsoft.com/en-us/library/y22b7w38.aspx

There might be an off-by-one error in this suggestion. It might need to be `aContext + aLengthInBytes - 1`. I'm not sure from the documentation that I've read

Bob Owen (:bobowen)

Assignee

Comment 5

•

9 years ago

Thanks Tim.

(In reply to Tim Abraldes [:TimAbraldes] [:tabraldes] from comment #3)

> > +               base::WideToUTF8(std::wstring(aContext, aLengthInBytes / sizeof(wchar_t))).c_str(),
> 
> I think we could take advantage of the `std::wstring(const_pointer _First,
> const_pointer _Last)` constructor [1] to rewrite this instead as
> `base::WideToUTF8(std::wstring(aContext, aContext +
> aLengthInBytes)).c_str(),`

But aContext is a wchar_t* (wchar_t is 2 bytes on Windows), so with pointer arithmetic, as the length is in bytes _Last would be at a point double the length of the string.

Pulsebot

Comment 6

•

9 years ago

https://hg.mozilla.org/integration/mozilla-inbound/rev/29408f18b82e

Tim Abraldes [:TimAbraldes] [:tabraldes]

Comment 7

•

9 years ago

(In reply to Bob Owen (:bobowen) from comment #5)
> Thanks Tim.
> 
> (In reply to Tim Abraldes [:TimAbraldes] [:tabraldes] from comment #3)
> 
> > > +               base::WideToUTF8(std::wstring(aContext, aLengthInBytes / sizeof(wchar_t))).c_str(),
> > 
> > I think we could take advantage of the `std::wstring(const_pointer _First,
> > const_pointer _Last)` constructor [1] to rewrite this instead as
> > `base::WideToUTF8(std::wstring(aContext, aContext +
> > aLengthInBytes)).c_str(),`
> 
> But aContext is a wchar_t* (wchar_t is 2 bytes on Windows), so with pointer
> arithmetic, as the length is in bytes _Last would be at a point double the
> length of the string.

Ah, good point. We'd have to do some casting or do the exact same math for that approach to work.

Wes Kocher (:KWierso) (Not reading bugmail; email directly if needed)

Comment 8

•

9 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/29408f18b82e

Status: ASSIGNED → RESOLVED

Closed: 9 years ago

status-firefox45: affected → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla45

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Incorrect string length specified in Windows sandbox logging.

Categories

(Core :: Security: Process Sandboxing, defect)

Tracking

()

People

(Reporter: bobowen, Assigned: bobowen)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Updated

Comment 2

Comment 3

Comment 4

Comment 5

Comment 6

Comment 7

Comment 8

Attachment

General

Description

File Name

Content Type