Crash in [@ MitLibTriggerFailFast]
Categories
(Core :: Security: Process Sandboxing, defect, P3)
Tracking
()
People
(Reporter: gsvelto, Unassigned)
References
Details
(Keywords: crash)
Crash Data
Crash report: https://crash-stats.mozilla.org/report/index/1eecd47b-f240-472f-8438-dfa010211220
Reason: EXCEPTION_STACK_BUFFER_OVERRUN / FAST_FAIL_PAYLOAD_RESTRICTION_VIOLATION
Top 10 frames of crashing thread:
0 payloadrestrictions.dll MitLibTriggerFailFast
1 payloadrestrictions.dll MitLibValidateAccessToProtectedPage
2 ntdll.dll RtlpCallVectoredHandlers
3 ntdll.dll RtlDispatchException
4 ntdll.dll KiUserExceptionDispatch
5 firefox.exe base::win::PEImage::VerifyMagic const security/sandbox/chromium/base/win/pe_image.cc:568
6 firefox.exe ResolveNTFunctionPtr security/sandbox/chromium/sandbox/win/src/win_utils.cc:609
7 firefox.exe sandbox::GetProcessBaseAddress security/sandbox/chromium/sandbox/win/src/win_utils.cc:524
8 firefox.exe sandbox::TargetProcess::Create security/sandbox/chromium/sandbox/win/src/target_process.cc:223
9 firefox.exe sandbox::BrokerServicesBase::SpawnTarget security/sandbox/chromium/sandbox/win/src/broker_services.cc:620
Really odd crashes, I'm not sure what's going on here. These are all caught by WER so we might have had them for a while without having been able to intercept them in the past.
|
||
Comment 1•2 years ago
|
||
This looks like a crash caused by EAF (= Export Address Filtering). Payloadrestrictions.dll is a system module and is injected when the process enables additional exploit protections.
|
||
Updated•2 years ago
|
|
|
||
Comment 2•2 years ago
|
||
I ran 91.4.1esr on Windows 10 with EAF+. Payloadrestrictions.dll was loaded but everything worked fine without crash. Our statement https://support.mozilla.org/en-US/kb/compatibility-exploit-protection-windows-10 is still valid. We recommend not enabling EAF for firefox.exe.
Description
•