Closed Bug 1453929 Opened 4 years ago Closed 4 years ago

Enable handle verifier on 32-bit EARLY_BETA_OR_EARLIER


(Core :: Security: Process Sandboxing, enhancement, P1)

61 Branch



Tracking Status
firefox61 --- fixed


(Reporter: bobowen, Assigned: bobowen)




(1 file)

Bug 1452090 landed changes to enabled hooks on CloseHandle and DuplicateHandle to try and catch where we have Windows handle management issues.
We're fairly sure we have these because they cause crashes in various places.
This uses the handle verifier in the chromium sandbox code, so it means that all handle closes are checked against ones used and tracked by the sandbox.

Also, we now disable the handle verifier in anything other than Nightly and Debug 32-bit builds.

We don't have good coverage for 32-bit on Nightly, so it would be good if we could enable this for EARLY_BETA_OR_EARLIER instead of NIGHTLY_BUILD (I assume that EARLY_BETA_OR_EARLIER includes NIGHTLY_BUILD).

That way we stand a much better chance of catching these handle issues, but we'll still run late Beta with the verifier disabled as for release.

RyanVM - are you the right person to authorise the use of EARLY_BETA_OR_EARLIER?
We could just do it for 61, but it would be good to leave it on as it could catch future problems.
Flags: needinfo?(ryanvm)
I don't think EARLY_BETA_OR_EARLIER needs any sort of authorization to use beyond passing code review since by definition it means code we'll never ship to release users (and we do have safeguards in place to ensure it's the case even if we somehow forgot to unset it mid-cycle). The only caveat is to make sure that the code builds and passes tests either way so you don't end up getting an "XYZ is going to permafail" bug filed on you later :).
Flags: needinfo?(ryanvm)
Attachment #8967792 - Flags: review?(jmathies) → review+
Pushed by
Enable handle verifier on 32-bit EARLY_BETA_OR_EARLIER. r=jimm
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla61
You need to log in before you can comment on or make changes to this bug.