Closed Bug 1615308 Opened 5 years ago Closed 5 years ago

The "firefox.exe - Application Error" dialog is popped up when Compatibility mode is on

Categories

(Firefox :: Launcher Process, defect, P1)

Product:
Firefox
Component:
Launcher Process
Platform:
Unspecified
Windows
Type:
defect

Tracking

()

Status:
VERIFIED FIXED
Milestone:
Firefox 75
Tracking Flags:
Tracking Status
firefox-esr68 --- unaffected
firefox73 - wontfix
firefox74 + wontfix
firefox75 + verified

People

(Reporter: toshi, Assigned: toshi)

References

Details

Attachments

(2 files)

c0000005.png
6.52 KB, image/png
Details
Bug 1615308 - Validate each entry of IAT for ntdll.dll before copying it into a new process. r=aklotz
47 bytes, text/x-phabricator-request
Details | Review
Attached image c0000005.png

On Windows 10, if Compatibility mode for firefox.exe is set to Windows 7, the [firefox.exe - Application Error] dialog saying "The application was unable to start correctly (0xc0000005). Click OK to close the application." is popped up at startup.

See Also: → 1614885

Changing the priority to p1 as the bug is tracked by a release manager for the current beta.
See What Do You Triage for more information

Priority: P3 → P1

We copy IAT for ntdll.dll into a new process so that our hook code can use
ntdll's functions even in the early stage. However, IAT can be modified and
some entries may point to an address which is not valid in the child process.
In such a case, we should not copy IAT. One example is Windows compat mode
which redirects some ntdll functions into AcLayers.dll via IAT.

With this patch, we verify each IAT entry and if any of them is outside ntdll,
we give up using the launcher process and start the browser process.

Toshi, any news about your patch?

Flags: needinfo?(tkikuchi)

Aaron, did you have any chance to look at the change? Since this is P1 issue, if you have any cycles to review my patches, please take a look at this one first.

Flags: needinfo?(tkikuchi) → needinfo?(aklotz)

Reviewing today.

Flags: needinfo?(aklotz)
Pushed by csabou@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/f080b12f030a Validate each entry of IAT for ntdll.dll before copying it into a new process. r=aklotz

https://hg.mozilla.org/mozilla-central/rev/f080b12f030a

Status: NEW → RESOLVED
Closed: 5 years ago
status-firefox75: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 75

Verified the fix with Firefox 75.0b2 on Windows 10 x86. The issue is no longer reproducible.

status-firefox75: fixedverified

Awesome, thanks!

Status: RESOLVED → VERIFIED
Regressions: 1629361
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: