Source code
Revision control
Copy as Markdown
Other Tools
# HG changeset patch
# User Greg Stoll <gstoll@mozilla.com>
# Date 1679671320 0
# Node ID 003b682fc8cd9836a32dbdd9a9e5061937b07b9f
# Parent 6d97efe0c291bc2cd2a192a732ec5e3389626653
diff --git a/sandbox/win/src/sandbox_nt_util.cc b/sandbox/win/src/sandbox_nt_util.cc
--- a/sandbox/win/src/sandbox_nt_util.cc
+++ b/sandbox/win/src/sandbox_nt_util.cc
@@ -399,16 +399,31 @@ bool IsValidImageSection(HANDLE section,
VERIFY_SUCCESS(g_nt.Close(query_section));
if (!NT_SUCCESS(ret) || sizeof(basic_info) != bytes_returned)
return false;
if (!(basic_info.Attributes & SEC_IMAGE))
return false;
+ // Windows 10 2009+ may open PEs as SEC_IMAGE_NO_EXECUTE in non-dll-loading
+ // paths which looks identical to dll-loading unless we check if the section
+ // handle has execute rights.
+ // Avoid memset inserted by -ftrivial-auto-var-init=pattern.
+ STACK_UNINITIALIZED OBJECT_BASIC_INFORMATION obj_info;
+ ULONG obj_size_returned;
+ ret = g_nt.QueryObject(section, ObjectBasicInformation, &obj_info,
+ sizeof(obj_info), &obj_size_returned);
+
+ if (!NT_SUCCESS(ret) || sizeof(obj_info) != obj_size_returned)
+ return false;
+
+ if (!(obj_info.GrantedAccess & SECTION_MAP_EXECUTE))
+ return false;
+
return true;
}
UNICODE_STRING* AnsiToUnicode(const char* string) {
ANSI_STRING ansi_string;
ansi_string.Length = static_cast<USHORT>(g_nt.strlen(string));
ansi_string.MaximumLength = ansi_string.Length + 1;
ansi_string.Buffer = const_cast<char*>(string);