Closed Bug 1671316 Opened 2 years ago Closed 2 years ago

WriteProcessMemory fails in FuncHookCrossProcess::CopyStubToChildProcess

Categories

(Firefox :: Launcher Process, defect)

Unspecified
Windows
defect

Tracking

()

RESOLVED FIXED
84 Branch
Tracking Status
firefox84 --- fixed

People

(Reporter: toshi, Assigned: toshi)

References

Details

Attachments

(3 files)

The launcher process ping shows failures with FUNCHOOKCROSSPROCESS_COPYSTUB_ERROR. The top win32 error in those instances is ERROR_NOACCESS. A possible reason is the same as bug 1662560 that the executable was mapped onto a different address in a child process.

This patch introduces a class CrossExecTransferManager to manage the data
transfer from the current process to a remote process via WriteProcessMemory.
The class also encapsulates a logic to bridge the gap between two executable's
imagebase.

The latest launcher process showed one of the top failures was WriteProcessMemory in
CopyStubToChildProcess failed with ERROR_INVALID_ADDRESS or ERROR_NOACCESS, that
is to store a trampoline address to the global variable of firefox.exe failed. Its root
cause should be the same as bug 1662560, the executable was loaded onto a different
address from the browser process.

The fix is to to expand the usage of CrossExecTransferManager to FuncHookCrossProcess
and Kernel32ExportsSolver.

Depends on D94652

Pushed by rmaries@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/62dcb07da00d
Part1. Introduce CrossExecTransferManager.  r=mhowell
https://hg.mozilla.org/integration/autoland/rev/fbac66dafee1
Part2. Pass CrossExecTransferManager to FuncHookCrossProcess and Kernel32ExportsSolver.  r=mhowell
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → 84 Branch

The issue is gone.

You need to log in before you can comment on or make changes to this bug.