Closed Bug 1347240 Opened 9 years ago Closed 8 years ago

PDF.js triggering buffer overflow protection

Categories

(External Software Affecting Firefox :: Other, defect)

Product:
External Software Affecting Firefox
Component:
Other
Platform:
x86_64
Windows
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: jjackson, Unassigned)

Details

(Whiteboard: [platform-rel-Sophos])

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0 Build ID: 20170303022339 Steps to reproduce: Opened an AcroForm PDF using Firefox's native PDF viewer (PDF.js) on a computer with security software that detects buffer overflows. Actual results: The browser stopped responding and didn't recover. Expected results: The PDF should have opened without causing the browser to stop responding.
Any AcroForm-based PDF causes the problem--I've tried ones generated with different software. Sometimes I have to reload the page a couple times to reproduce the issue. An example to test with: http://www.cic.gc.ca/english/passport/forms/pdf/pptc153.pdf Our security software is Sophos Endpoint Security and Control 10.6. If I disable the buffer overflow protection, the problem goes away. Also worth nothing, our previous version of Firefox, ESR 45.7 doesn't have this problem.
nothing=noting
Marco could you figure out next steps for this? I can think of the following possibilities: * there's a pdf.js or JS engine bug which is in fact causing buffer overflow * Sophos endpoint has a bug where it's detecting perfectly valid software as buggy From bug 1300480, I think you have contacts at Sophos already. I don't know whether they can provide us with sample installs and/or details about how to collect a memory dump at the point where they detect a buffer overflow error.
Flags: needinfo?(mcastelluccio)
Component: Untriaged → PDF Viewer
OS: Unspecified → Windows 7
Hardware: Unspecified → x86_64
I've contacted Sophos, will report back when they reply.
platform-rel: --- → ?
Whiteboard: [platform-rel-Sophos]
Moving back to untriaged because we don't yet know whether this is a PDF/JS engine/Sophos bug.
Component: PDF Viewer → Untriaged
I did some further testing on versions. Note that each of the major versions has a different version of PDF.js. * ESR 45.7 -- no problem * ESR 45.8 -- no problem * ESR 52.0 -- problem exists * Beta 53.0b5 -- problem exists Next I tried downloading PDF.js from Github. I used their stable version, 1.6.210. I opened its viewer.html in different versions of Firefox, then used its open button to selected a locally saved copy of the example PDF document. Just like before, ESR 45 was okay, ESR 52 and Beta 53 were not. Correct me if I'm wrong, but I believe this indicates it's JS engine issue, and not a PDF.js issue.
Problem also exists on Windows 10 1607.
OS: Windows 7 → Windows
Jason, that is likely. If you have time, one of the options here is to find the specific nightly build where this started happening. There is a tool which semi-automates this. If you are able to use this tool and find a regression range, that could really help! http://mozilla.github.io/mozregression/
Flags: needinfo?(jjackson)
I didn't do the nightly/regression thing yet, but I did narrow it down further: RR 49.0 -- no problem RR 49.0.2 -- no problem RR 50.0 -- problem exists RR 51.0 -- problem exists
I used Mozregression-gui, and this was the result from the end of the log. 2017-04-03T11:08:34: DEBUG : Starting merge handling... 2017-04-03T11:08:34: DEBUG : Using url: https://hg.mozilla.org/integration/mozilla-inbound/json-pushes?changeset=4e03f2bc5a99f4d19785cf04e4f3ed4a22f65aa4&full=1 2017-04-03T11:08:34: DEBUG : Found commit message: Bug 1114647 - Use firefox for child processes instead of plugin-container. r=ted Disabled on Mac (content processes need to use plugin-container.app for UI reasons) and on Linux unless --disable-sandboxing (build issues).
Flags: needinfo?(jjackson)
No reply from Sophos so far :(
platform-rel: ? → -
From comment 10 this issue seems to be related to Sophos. Marco, any reply from Sophos ?
> Marco, any reply from Sophos ? Not yet. At this point, I guess they won't reply.
> Not yet. At this point, I guess they won't reply. I've also talked with RyanVM and in his opinion this bug is a Sophos issue.
platform-rel: - → ---
Component: Untriaged → Other
Product: Firefox → External Software Affecting Firefox
Version: 52 Branch → unspecified
Hello Jason, Sophos replied and they can't reproduce the issue with Firefox 53 or 54. Can I put you in touch with them?
Flags: needinfo?(mcastelluccio) → needinfo?(jjackson)
(In reply to Marco Castelluccio [:marco] from comment #15) > Hello Jason, Sophos replied and they can't reproduce the issue with Firefox > 53 or 54. > > Can I put you in touch with them? Yes, for sure. Coincidentally, I have a colleague who can reproduce the issue currently in contact with Sophos. Perhaps this is what triggered their response finally.
Flags: needinfo?(jjackson)
I was able to produce a similar problem with SESC and Excel 2016 (32-bit) when opening network files. Sophos Buffer Overflow Protection is obviously broken and we're disabling it entirely from now on.
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.