|
@@ -0,0 +1,90 @@
|
|
|
+
|
|
|
+# HG changeset patch
|
|
|
+# User Bill Gianopoulos <wgianopoulos@gmail.com>
|
|
|
+# Date 1725364198 0
|
|
|
+Bug 9999999 - Allow sandbox null dll blocklist if suite.
|
|
|
+
|
|
|
+diff --git a/python/mozbuild/mozbuild/base.py b/python/mozbuild/mozbuild/base.py
|
|
|
+--- a/python/mozbuild/mozbuild/base.py
|
|
|
++++ b/python/mozbuild/mozbuild/base.py
|
|
|
+@@ -968,16 +968,25 @@ class MachCommandConditions(object):
|
|
|
+ @staticmethod
|
|
|
+ def is_jsshell(cls):
|
|
|
+ """Must have a jsshell build."""
|
|
|
+ if hasattr(cls, "substs"):
|
|
|
+ return cls.substs.get("MOZ_BUILD_APP") == "js"
|
|
|
+ return False
|
|
|
+
|
|
|
+ @staticmethod
|
|
|
++ def is_comm_suite(cls):
|
|
|
++ """Must have a comm suite build"""
|
|
|
++ if hasattr(cls, "substs"):
|
|
|
++ build_app = cls.substs.get("MOZ_BUILD_APP")
|
|
|
++ if build_app" == "comm/suite"):
|
|
|
++ return True
|
|
|
++ return False
|
|
|
++
|
|
|
++ @staticmethod
|
|
|
+ def is_thunderbird(cls):
|
|
|
+ """Must have a Thunderbird build."""
|
|
|
+ if hasattr(cls, "substs"):
|
|
|
+ return cls.substs.get("MOZ_BUILD_APP") == "comm/mail"
|
|
|
+ return False
|
|
|
+
|
|
|
+ @staticmethod
|
|
|
+ def is_firefox_or_thunderbird(cls):
|
|
|
+@@ -1007,17 +1016,19 @@ class MachCommandConditions(object):
|
|
|
+ cls
|
|
|
+ ) or MachCommandConditions.is_android(cls)
|
|
|
+
|
|
|
+ @staticmethod
|
|
|
+ def has_build(cls):
|
|
|
+ """Must have a build."""
|
|
|
+ return MachCommandConditions.is_firefox_or_android(
|
|
|
+ cls
|
|
|
+- ) or MachCommandConditions.is_thunderbird(cls)
|
|
|
++ ) or MachCommandConditions.is_thunderbird(
|
|
|
++ cls
|
|
|
++ ) or MachCommandConditions.is_comm_suite(cls)
|
|
|
+
|
|
|
+ @staticmethod
|
|
|
+ def has_build_or_shell(cls):
|
|
|
+ """Must have a build or a shell build."""
|
|
|
+ return MachCommandConditions.has_build(cls) or MachCommandConditions.is_jsshell(
|
|
|
+ cls
|
|
|
+ )
|
|
|
+
|
|
|
+diff --git a/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp b/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
|
|
|
+--- a/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
|
|
|
++++ b/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
|
|
|
+@@ -394,25 +394,25 @@ Result<Ok, mozilla::ipc::LaunchError> Sa
|
|
|
+ return Err(mozilla::ipc::LaunchError::FromWin32Error("SB::LA::SpawnTarget",
|
|
|
+ last_error));
|
|
|
+ } else if (sandbox::SBOX_ALL_OK != last_warning) {
|
|
|
+ // If there was a warning (but the result was still ok), log it and proceed.
|
|
|
+ LOG_W("Warning on SpawnTarget with last_error=%lu, last_warning=%d",
|
|
|
+ last_error, last_warning);
|
|
|
+ }
|
|
|
+
|
|
|
+-#ifdef MOZ_THUNDERBIRD
|
|
|
+- // In Thunderbird, mInitDllBlocklistOOP is null, so InitDllBlocklistOOP would
|
|
|
++#if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE)
|
|
|
++ // In Thunderbird and SeaMonkey, mInitDllBlocklistOOP is null, so InitDllBlocklistOOP would
|
|
|
+ // hit MOZ_RELEASE_ASSERT.
|
|
|
+- constexpr bool isThunderbird = true;
|
|
|
++ constexpr bool hasNullDllBlocklistOOP = true;
|
|
|
+ #else
|
|
|
+- constexpr bool isThunderbird = false;
|
|
|
++ constexpr bool hasNullDllBlocklistOOP = false;
|
|
|
+ #endif
|
|
|
+
|
|
|
+- if (!isThunderbird &&
|
|
|
++ if (!hasNullDllBlocklistOOP &&
|
|
|
+ XRE_GetChildProcBinPathType(aProcessType) == BinPathType::Self) {
|
|
|
+ RefPtr<DllServices> dllSvc(DllServices::Get());
|
|
|
+ LauncherVoidResultWithLineInfo blocklistInitOk =
|
|
|
+ dllSvc->InitDllBlocklistOOP(aPath, targetInfo.hProcess,
|
|
|
+ aCachedNtdllThunk, aProcessType);
|
|
|
+ if (blocklistInitOk.isErr()) {
|
|
|
+ dllSvc->HandleLauncherError(blocklistInitOk.unwrapErr(),
|
|
|
+ XRE_GeckoProcessTypeToString(aProcessType));
|