Closed Bug 1460997 Opened 6 years ago Closed 6 years ago

Out-of-process interceptor using incorrect protection flags for trampoline memory

Categories

(Core :: General, enhancement, P1)

Product:
Core
Component:
General
Platform:
Unspecified
Windows
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla62
Tracking Flags:
Tracking Status
firefox62 --- fixed

People

(Reporter: bugzilla, Assigned: bugzilla)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Use r/w instead of r/w/x for local writing to out-of-process trampolines
2.15 KB, patch
handyman
: review+
Details | Diff | Splinter Review 
The out-of-process interceptor's trampolines create a section of shared memory. The local view only needs to be r/w because we only modify the trampolines, we don't execute them.

On Windows 7, VirtualProtect sometimes fails when we request r/w/x. We don't actually need our local view to be executable. When we request r/w, everything works.

I have a hypothesis as to why the failure only happened "sometimes," but it's clear from my testing that this fix is effective.
Attachment #8975174 - Flags: review?(davidp99) → review+
https://hg.mozilla.org/integration/mozilla-inbound/rev/3b78d37d61ae46ae3fc35305b27655b80fa06155
Bug 1460997: Out-of-process interceptors should use r/w instead of r/w/x when changing protection attributes prior to writing a trampoline; r=handyman
https://hg.mozilla.org/mozilla-central/rev/3b78d37d61ae
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
status-firefox62: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla62
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: