[tbb-commits] [tor-browser/tor-browser-52.0.2esr-7.0-2] Bug 805173 - Enable HeapEnableTerminationOnCorruption for chrome processes on Windows. r=mhowell, tjr

[gk at torproject.org]

commit 49d21424d9d25b47a263bacec751742ac7370683
Author: Alex Gaynor <agaynor at mozilla.com>
Date:   Fri Mar 31 16:15:56 2017 -0400

    Bug 805173 - Enable HeapEnableTerminationOnCorruption for chrome processes on Windows. r=mhowell,tjr
    
    This is an exploit mitigation which causes the Windows system allocator to abort
    in the event it is in a corrupted state, rather than attempt to proceed in a
    potentially exploitable state.
    
    Because we use jemalloc, this only affects system libraries or plugins which
    still use the system allocator.
    
    The has been enabled on our content processes for a while without incident.
    
    r=mhowell,tjr
    
    MozReview-Commit-ID: 5ctXugtbI1A
    
    --HG--
    extra : rebase_source : f6f134404be3b258a8e522c22fa061c32a47e313
---
 toolkit/xre/nsAppRunner.cpp | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
index 455b142..721f599 100644
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
@@ -4189,6 +4189,13 @@ XREMain::XRE_mainStartup(bool* aExitFlag)
   }
 #endif /* DEBUG */
 
+#if defined(XP_WIN)
+  // Enable the HeapEnableTerminationOnCorruption exploit mitigation. We ignore
+  // the return code because it always returns success, although it has no
+  // effect on Windows older than XP SP3.
+  HeapSetInformation(NULL, HeapEnableTerminationOnCorruption, NULL, 0);
+#endif /* XP_WIN */
+
 #if defined(MOZ_WIDGET_GTK) || defined(MOZ_ENABLE_XREMOTE)
   // Stash DESKTOP_STARTUP_ID in malloc'ed memory because gtk_init will clear it.
 #define HAVE_DESKTOP_STARTUP_ID