Closed
Bug 1775263
Opened 2 years ago
Closed 2 years ago
Crash in [@ RtlRaiseStatus | cyinjct.dll | NtSetInformationFile]
Categories
(External Software Affecting Firefox :: Other, defect)
Tracking
(firefox104 fixed)
RESOLVED
FIXED
| Tracking | Status | |
|---|---|---|
| firefox104 | --- | fixed |
People
(Reporter: gcp, Assigned: gerard-majax)
Details
(Keywords: crash)
Crash Data
Attachments
(4 files)
Crash report: https://crash-stats.mozilla.org/report/index/0087c18c-b736-4cfd-b6b3-cbf530220616
Reason: STATUS_DYNAMIC_CODE_BLOCKED
Top 10 frames of crashing thread:
0 ntdll.dll RtlRaiseStatus
1 cyinjct.dll cyinjct.dll@0x0000000000001fad
2 ntdll.dll NtSetInformationFile
3 cyinjct.dll cyinjct.dll@0x00000000000020d5
4 cyinjct.dll cyinjct.dll@0x00000000000000e7
5 cyinjct.dll cyinjct.dll@0x00000000000372cf
6 cyinjct.dll cyinjct.dll@0x00000000000032da
7 ntdll.dll RtlpAllocateHeapInternal
8 cyinjct.dll cyinjct.dll@0x0000000000009cfc
9 cyinjct.dll cyinjct.dll@0x0000000000002c5f
|
Reporter | |
Comment 1•2 years ago
|
||
Gabriele, Alexandre has been seeing this DLL crash when the Utility Process enables ACG/Dynamic Code Disable.
Do we have the ability to block it in that process only?
Flags: needinfo?(gsvelto)
|
|
Reporter | |
Comment 2•2 years ago
|
||
Note that I imagine we'd want ACG in Content too at some point.
|
||
Comment 3•2 years ago
|
||
(In reply to Gian-Carlo Pascutto [:gcp] from comment #1)
Do we have the ability to block it in that process only?
Not yet, we only have "all processes", "parent" and "child" options at the moment. It would be a matter to add support by tweaking gen_dll_blocklist_defs.py and then we'd have to set gBlocklistInitFlags in the right place with a new flag for blocking only in the utility process.
Flags: needinfo?(gsvelto)
|
Assignee | |
Updated•2 years ago
|
Assignee: nobody → lissyx+mozillians
|
|
Assignee | |
Comment 4•2 years ago
|
||
|
|
Assignee | |
Comment 5•2 years ago
|
||
So from https://www.bussink.net/cortex-xdr-components/ it looks like it is part of a Palo Alto Networks product « Cortex XDR » : https://docs.paloaltonetworks.com/cortex/cortex-xdr claiming to use machine learning for attack detections etc. So maybe not so surprising it is using some dynamic code when injected ?
|
|
Assignee | |
Comment 6•2 years ago
|
||
I had to hack a bit our sandbox and build as release, but I have managed to use https://crates.io/crates/dll-syringe and build a fake cyinjct.dll to verify we can properly block it on the utility process:
Hello, world!
ALL CMDs: [["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.19.2123639656\\1021869387", "-childID", "17", "-isForBrowser", "-prefsHandle", "8468", "-prefMapHandle", "8464", "-prefsLen", "30368", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "8864", "1fd5be99a80", "tab"], [], ["C:\\Windows\\SystemApps\\Microsoft.Windows.Search_cw5n1h2txyewy\\SearchApp.exe", "-ServerName:ShellFeedsUI.AppX88fpyyrd21w8wqe62wzsjh5agex7tf1e.mca"], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.13.1811718806\\320049100", "-childID", "11", "-isForBrowser", "-prefsHandle", "9560", "-prefMapHandle", "9556", "-prefsLen", "30368", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "9676", "1fd5b603b80", "tab"], [], [], [], [], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.11.959117060\\1954151003", "-childID", "9", "-isForBrowser", "-prefsHandle", "10056", "-prefMapHandle", "10052", "-prefsLen", "30368", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "10360", "1fd587e4b80", "tab"], ["C:\\Windows\\system32\\ApplicationFrameHost.exe", "-Embedding"], [], [], [], ["sihost.exe"], [], [], [], ["C:\\Windows\\system32\\DllHost.exe", "/Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}"], ["C:\\Windows\\SystemApps\\ShellExperienceHost_cw5n1h2txyewy\\ShellExperienceHost.exe", "-ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca"], ["C:\\Windows\\System32\\RuntimeBroker.exe", "-Embedding"], ["C:\\Program Files\\Notepad++\\notepad++.exe", "toto"], ["F:\\mozilla-build\\msys\\bin\\bash", "--login", "-i"], [], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.16.947580897\\376555457", "-childID", "14", "-isForBrowser", "-prefsHandle", "9536", "-prefMapHandle", "9560", "-prefsLen", "30368", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "9112", "1fd4e711080", "tab"], ["C:\\Windows\\system32\\cmd.exe", "/c", "F:\\mozilla-build\\start-shell.bat"], [], [], ["C:\\Windows\\system32\\cmd.exe", "/c", "F:\\mozilla-build\\start-shell.bat"], [], ["F:\\mozilla-build\\msys\\bin\\bash.exe"], ["C:\\Windows\\System32\\RuntimeBroker.exe", "-Embedding"], [], ["C:\\Windows\\system32\\cmd.exe", "/c", "F:\\mozilla-build\\start-shell.bat"], [], [], [], [], ["taskhostw.exe", "{222A245B-E637-4AE9-A93F-A59CA119A75E}"], [], ["C:\\Program Files\\WindowsApps\\Microsoft.WindowsTerminal_1.13.11431.0_x64__8wekyb3d8bbwe\\OpenConsole.exe", "--headless", "--win32input", "--resizeQuirk", "--width", "336", "--height", "73", "--signal", "0x904", "--server", "0x914"], [], ["rdpclip"], ["C:\\Windows\\System32\\RuntimeBroker.exe", "-Embedding"], [], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.3.1152061373\\1999795832", "-childID", "3", "-isForBrowser", "-prefsHandle", "5064", "-prefMapHandle", "5060", "-prefsLen", "30259", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "5032", "1fd54d9db80", "tab"], [], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.17.798214220\\2035978203", "-childID", "15", "-isForBrowser", "-prefsHandle", "8832", "-prefMapHandle", "8836", "-prefsLen", "30368", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "8872", "1fd5b83c880", "tab"], [], [], [], [], [], [], [], ["C:\\Windows\\system32\\svchost.exe", "-k", "UnistackSvcGroup", "-s", "WpnUserService"], ["C:\\Windows\\System32\\svchost.exe", "-k", "UnistackSvcGroup"], [], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.4.1195493331\\1733674586", "-childID", "4", "-isForBrowser", "-prefsHandle", "5080", "-prefMapHandle", "5076", "-prefsLen", "30259", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "4260", "1fd54d9f980", "tab"], [], ["C:\\Windows\\System32\\SecurityHealthSystray.exe"], [], ["C:\\Windows\\System32\\oobe\\UserOOBEBroker.exe", "-Embedding"], [], [], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-no-remote", "-profile", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\tmp\\profile-default", "-attach-console"], ["C:\\Program Files\\WindowsApps\\Microsoft.WindowsTerminal_1.13.11431.0_x64__8wekyb3d8bbwe\\OpenConsole.exe", "--headless", "--win32input", "--resizeQuirk", "--width", "336", "--height", "73", "--signal", "0xc90", "--server", "0xc8c"], ["C:\\Windows\\system32\\DllHost.exe", "/Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}"], ["f:\\mozilla-build\\python3\\python3.exe", "./mach", "run"], ["C:\\Program Files\\WindowsApps\\Microsoft.YourPhone_1.22052.136.0_x64__8wekyb3d8bbwe\\YourPhone.exe", "-ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca"], [], [], ["F:\\mozilla-build\\msys\\bin\\bash", "--login", "-i"], ["C:\\Windows\\System32\\RuntimeBroker.exe", "-Embedding"], [], [], [], [], [], ["C:\\Windows\\System32\\RuntimeBroker.exe", "-Embedding"], [], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.8.676245442\\309270935", "-parentBuildID", "20220718232420", "-sandboxingKind", "1", "-prefsHandle", "6216", "-prefMapHandle", "6212", "-prefsLen", "30368", "-prefMapSize", "230655", "-win32kLockedDown", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "6340", "1fd544f3480", "utility"], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.6.1802546992\\2142739474", "-childID", "6", "-isForBrowser", "-prefsHandle", "6080", "-prefMapHandle", "6076", "-prefsLen", "30368", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "6092", "1fd57d35b80", "tab"], [], [], [], [], [], [], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.12.1747387596\\1324694714", "-childID", "10", "-isForBrowser", "-prefsHandle", "9716", "-prefMapHandle", "9724", "-prefsLen", "30368", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "9884", "1fd5b9ab480", "tab"], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.7.396492911\\954745721", "-parentBuildID", "20220718232420", "-prefsHandle", "6244", "-prefMapHandle", "6120", "-prefsLen", "30368", "-prefMapSize", "230655", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "6312", "1fd544f3180", "rdd"], [], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.0.154269994\\334590158", "-parentBuildID", "20220718232420", "-prefsHandle", "2184", "-prefMapHandle", "2176", "-prefsLen", "24514", "-prefMapSize", "230655", "-win32kLockedDown", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "2216", "1fd40785e80", "socket"], [], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.15.1971578296\\1399028358", "-childID", "13", "-isForBrowser", "-prefsHandle", "9104", "-prefMapHandle", "9088", "-prefsLen", "30368", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "9172", "1fd4e711c80", "tab"], [], ["cmd.exe", "/c", "F:\\mozilla-build\\bin\\watchman.exe --foreground"], [], ["F:\\mozilla-build\\msys\\bin\\bash", "--login", "-i"], ["F:\\mozilla-build\\msys\\bin\\ssh-agent.exe"], [], [], [], [], [], [], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.9.1193044104\\638004333", "-childID", "7", "-isForBrowser", "-prefsHandle", "10368", "-prefMapHandle", "10372", "-prefsLen", "30368", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "10424", "1fd57042e80", "tab"], [], [], [], [], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.14.2036321492\\1796873068", "-childID", "12", "-isForBrowser", "-prefsHandle", "9536", "-prefMapHandle", "9560", "-prefsLen", "30368", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "9252", "1fd5bec4480", "tab"], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.10.435736476\\1489028585", "-childID", "8", "-isForBrowser", "-prefsHandle", "10188", "-prefMapHandle", "10184", "-prefsLen", "30368", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "10424", "1fd587e5a80", "tab"], ["C:\\Windows\\System32\\RuntimeBroker.exe", "-Embedding"], ["f:\\cyinjct_dll\\target\\debug\\cyinjct_test.exe"], ["C:\\Windows\\Explorer.EXE"], [], [], [], ["F:\\mozilla-build\\msys\\bin\\env.exe"], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.20.367770145\\1272275724", "-childID", "18", "-isForBrowser", "-prefsHandle", "8260", "-prefMapHandle", "8256", "-prefsLen", "30368", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "8484", "1fd5be9be80", "tab"], [], ["F:\\mozilla-build\\msys\\bin\\bash.exe"], [], [], [], [], [], [], ["C:\\Program Files\\WindowsApps\\Microsoft.WindowsTerminal_1.13.11431.0_x64__8wekyb3d8bbwe\\OpenConsole.exe", "--headless", "--win32input", "--resizeQuirk", "--width", "336", "--height", "73", "--signal", "0xd8c", "--server", "0xd88"], [], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.1.1320902025\\1561451624", "-childID", "1", "-isForBrowser", "-prefsHandle", "2988", "-prefMapHandle", "2984", "-prefsLen", "24605", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "3000", "1fd431bfb80", "tab"], [], [], [], ["C:\\Program Files\\WindowsApps\\Microsoft.WindowsTerminal_1.13.11431.0_x64__8wekyb3d8bbwe\\OpenConsole.exe", "--headless", "--win32input", "--resizeQuirk", "--width", "120", "--height", "30", "--signal", "0xa00", "--server", "0x9ec"], [], [], ["C:\\Program Files\\WindowsApps\\Microsoft.WindowsTerminal_1.13.11431.0_x64__8wekyb3d8bbwe\\OpenConsole.exe", "--headless", "--win32input", "--resizeQuirk", "--width", "336", "--height", "73", "--signal", "0xf64", "--server", "0xf60"], [], [], [], ["c:\\tools\\vim\\vim82\\vim.exe", "-p", "toolkit/xre/dllservices/mozglue/WindowsDllBlocklistDefs.in"], [], [], ["C:\\Windows\\SystemApps\\Microsoft.LockApp_cw5n1h2txyewy\\LockApp.exe", "-ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca"], ["F:\\mozilla-build\\msys\\bin\\bash", "--login", "-i"], ["c:\\tools\\vim\\vim82\\vim.exe", "-p", "src/main.rs"], ["C:\\Windows\\system32\\cmd.exe", "/c", "F:\\mozilla-build\\start-shell.bat"], [], ["C:\\Program Files\\WindowsApps\\Microsoft.WindowsTerminal_1.13.11431.0_x64__8wekyb3d8bbwe\\WindowsTerminal.exe"], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.2.385477420\\2040592655", "-childID", "2", "-isForBrowser", "-prefsHandle", "4308", "-prefMapHandle", "4304", "-prefsLen", "29402", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "4296", "1fd40784280", "tab"], ["C:\\Windows\\SystemApps\\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\\TextInputHost.exe", "-ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mca"], ["C:\\Windows\\System32\\RuntimeBroker.exe", "-Embedding"], ["C:\\Windows\\system32\\svchost.exe", "-k", "ClipboardSvcGroup", "-p", "-s", "cbdhsvc"], ["C:\\Windows\\system32\\cmd.exe", "/c", "F:\\mozilla-build\\start-shell.bat"], ["C:\\Users\\user\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe", "/background"], ["C:\\Windows\\SystemApps\\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\\StartMenuExperienceHost.exe", "-ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca"], [], [], [], ["C:\\Windows\\system32\\svchost.exe", "-k", "UnistackSvcGroup", "-s", "CDPUserSvc"], ["C:\\Windows\\ImmersiveControlPanel\\SystemSettings.exe", "-ServerName:microsoft.windows.immersivecontrolpanel"], [], [], [], [], [], ["F:\\mozilla-build\\msys\\bin\\bash.exe"], [], [], [], [], [], ["C:\\Windows\\SystemApps\\Microsoft.Windows.Search_cw5n1h2txyewy\\SearchApp.exe", "-ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca"], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.5.1816343257\\1161019381", "-childID", "5", "-isForBrowser", "-prefsHandle", "5172", "-prefMapHandle", "5032", "-prefsLen", "30259", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "5448", "1fd54da0e80", "tab"], [], ["F:/mozilla-source/mozilla-unified/obj-browser-dbg\\dist\\bin\\firefox.exe", "-no-remote", "-wait-for-browser", "-profile", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\tmp\\profile-default", "-attach-console"], [], [], ["C:\\Program Files\\WindowsApps\\Microsoft.Windows.Photos_2022.30060.30007.0_x64__8wekyb3d8bbwe\\Microsoft.Photos.exe", "-ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca"], [], ["C:\\Windows\\System32\\RuntimeBroker.exe", "-Embedding"], [], [], ["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.18.2129034922\\1359409470", "-childID", "16", "-isForBrowser", "-prefsHandle", "8560", "-prefMapHandle", "8568", "-prefsLen", "30368", "-prefMapSize", "230655", "-jsInitHandle", "1388", "-jsInitLen", "290464", "-a11yResourceId", "64", "-parentBuildID", "20220718232420", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "8968", "1fd57f54980", "tab"], [], [], [], ["F:\\mozilla-build\\msys\\bin\\bash", "--login", "-i"], [], ["F:\\mozilla-build\\bin\\watchman.exe", "--foreground"], [], [], [], ["\\??\\C:\\Windows\\system32\\conhost.exe", "0x4"], [], []]
CMDs: [["F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\firefox.exe", "-contentproc", "--channel=13780.8.676245442\\309270935", "-parentBuildID", "20220718232420", "-sandboxingKind", "1", "-prefsHandle", "6216", "-prefMapHandle", "6212", "-prefsLen", "30368", "-prefMapSize", "230655", "-win32kLockedDown", "-appDir", "F:\\mozilla-source\\mozilla-unified\\obj-browser-dbg\\dist\\bin\\browser", "-", "13780", "-", "6340", "1fd544f3480", "utility"]]
PIDs: [1452]
target_process: OwnedProcess(OwnedHandle { handle: 0x2f4 })
syringe: Syringe { inject_help_data: OnceCell(Uninit), remote_allocator: RemoteBoxAllocator(RemoteBoxAllocatorInner { process: OwnedProcess(OwnedHandle { handle: 0x2f4 }), allocator: RefCell { value: DynamicMultiBufferAllocator { process: BorrowedProcess(BorrowedHandle { handle: 0x2f4 }), pages: [] } } }), load_library_w_stub: OnceCell(Uninit), get_proc_address_stub: OnceCell(Uninit) }
payload: "lib/target/debug/cyinjct.dll" => "\\\\?\\F:\\cyinjct_dll\\lib\\target\\debug\\cyinjct.dll"
Error: RemoteIo(Os { code: 5, kind: PermissionDenied, message: "Accès refusé." })
|
|
Assignee | |
Comment 7•2 years ago
|
||
|
|
Assignee | |
Comment 8•2 years ago
|
||
|
||
Updated•2 years ago
|
Attachment #9283432 -
Attachment description: WIP: Bug 1775263 - Block cyinjct.dll from being injected in Utility → Bug 1775263 - Block cyinjct.dll from being injected in Utility r?bobowen!,haik!
|
|
||
Updated•2 years ago
|
Attachment #9283432 -
Attachment description: Bug 1775263 - Block cyinjct.dll from being injected in Utility r?bobowen!,haik! → Bug 1775263 - Block cyinjct.dll from being injected in Utility r?handyman!,haik!
|
|
Assignee | |
Comment 9•2 years ago
|
||
|
||
Comment 10•2 years ago
|
||
Pushed by alissy@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/15ad3ac1bf2b Block cyinjct.dll from being injected in Utility r=haik,handyman
|
||
Comment 11•2 years ago
|
||
| bugherder | ||
|
|
Reporter | |
Comment 12•2 years ago
|
||
https://crash-stats.mozilla.org/report/index/c81601b2-053f-439c-a206-5a21a0220803
https://crash-stats.mozilla.org/report/index/d5dd460e-6f3a-436d-8e64-e787d0220803
Our blocks don't appear to be effective against this junk :-(
|
|
||
Comment 13•2 years ago
|
||
We've got fresh crashes: https://crash-stats.mozilla.org/report/index/4e7dc503-0509-4bd2-bf8f-5af500221102
Shall we reopen this bug?
You need to log in
before you can comment on or make changes to this bug.
Description
•