[tbb-commits] [tor-browser/tor-browser-52.3.0esr-7.5-2] Bug 16010: Fixing sandbox compile issues
gk at torproject.org
gk at torproject.org
Thu Sep 21 20:49:15 UTC 2017
commit 99e8c2c94986940de47d5f50a4b863cb6127df3d
Author: Georg Koppen <gk at torproject.org>
Date: Fri Aug 11 08:08:39 2017 +0000
Bug 16010: Fixing sandbox compile issues
---
dom/media/gmp/rlz/GMPDeviceBinding.cpp | 2 +-
js/xpconnect/src/XPCShellImpl.cpp | 2 +-
security/sandbox/chromium-shim/base/win/sdkdecls.h | 2 +-
.../sandbox/chromium/base/strings/utf_string_conversion_utils.cc | 4 ++--
security/sandbox/chromium/base/threading/platform_thread_win.cc | 2 ++
security/sandbox/chromium/base/time/time_win.cc | 2 +-
security/sandbox/chromium/base/win/pe_image.h | 2 +-
security/sandbox/chromium/base/win/scoped_handle.h | 2 +-
security/sandbox/chromium/sandbox/win/src/acl.h | 2 +-
security/sandbox/chromium/sandbox/win/src/app_container.cc | 6 +++---
security/sandbox/chromium/sandbox/win/src/broker_services.cc | 2 +-
security/sandbox/chromium/sandbox/win/src/crosscall_params.h | 3 +++
security/sandbox/chromium/sandbox/win/src/handle_closer.cc | 2 +-
security/sandbox/chromium/sandbox/win/src/interception.cc | 8 ++++----
security/sandbox/chromium/sandbox/win/src/interception.h | 1 +
security/sandbox/chromium/sandbox/win/src/interception_internal.h | 1 +
security/sandbox/chromium/sandbox/win/src/resolver.cc | 2 +-
security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc | 8 ++++++++
security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h | 2 ++
security/sandbox/chromium/sandbox/win/src/sandbox_rand.cc | 2 +-
security/sandbox/chromium/sandbox/win/src/service_resolver.cc | 2 +-
.../chromium/sandbox/win/src/sidestep/mini_disassembler_types.h | 6 +++---
security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc | 8 ++++++--
security/sandbox/chromium/sandbox/win/src/target_process.cc | 4 ++--
toolkit/xre/nsAppRunner.cpp | 2 +-
25 files changed, 50 insertions(+), 29 deletions(-)
diff --git a/dom/media/gmp/rlz/GMPDeviceBinding.cpp b/dom/media/gmp/rlz/GMPDeviceBinding.cpp
index c8aee2bcd898..f3e3747e04c2 100644
--- a/dom/media/gmp/rlz/GMPDeviceBinding.cpp
+++ b/dom/media/gmp/rlz/GMPDeviceBinding.cpp
@@ -62,7 +62,7 @@ GetStackAfterCurrentFrame(uint8_t** aOutTop, uint8_t** aOutBottom)
{
// "Top" of the free space on the stack is directly after the memory
// holding our return address.
- uint8_t* top = (uint8_t*)_AddressOfReturnAddress();
+ uint8_t* top = (uint8_t*)__builtin_return_address(0);//_AddressOfReturnAddress();
// Look down the stack until we find the guard page...
MEMORY_BASIC_INFORMATION memInfo = {0};
diff --git a/js/xpconnect/src/XPCShellImpl.cpp b/js/xpconnect/src/XPCShellImpl.cpp
index d86b5c5d3e3d..bedcb9132fef 100644
--- a/js/xpconnect/src/XPCShellImpl.cpp
+++ b/js/xpconnect/src/XPCShellImpl.cpp
@@ -45,7 +45,7 @@
#include "mozilla/widget/AudioSession.h"
#include <windows.h>
#if defined(MOZ_SANDBOX)
-#include "SandboxBroker.h"
+#include "sandboxBroker.h"
#endif
#endif
diff --git a/security/sandbox/chromium-shim/base/win/sdkdecls.h b/security/sandbox/chromium-shim/base/win/sdkdecls.h
index e999ab967b72..127bfaabf5e9 100644
--- a/security/sandbox/chromium-shim/base/win/sdkdecls.h
+++ b/security/sandbox/chromium-shim/base/win/sdkdecls.h
@@ -115,7 +115,7 @@ QueryThreadCycleTime(
#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_RESERVED (0x00000003 << 28)
#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_MASK (0x00000003ui64 << 32)
#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_DEFER (0x00000000ui64 << 32)
-#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON (0x00000001ui64 << 32)
+#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON (0x00000001uLL << 32)
#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_OFF (0x00000002ui64 << 32)
#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_RESERVED (0x00000003ui64 << 32)
diff --git a/security/sandbox/chromium/base/strings/utf_string_conversion_utils.cc b/security/sandbox/chromium/base/strings/utf_string_conversion_utils.cc
index 3101a6028883..710fbd83a358 100644
--- a/security/sandbox/chromium/base/strings/utf_string_conversion_utils.cc
+++ b/security/sandbox/chromium/base/strings/utf_string_conversion_utils.cc
@@ -122,7 +122,7 @@ void PrepareForUTF8Output(const CHAR* src,
// Instantiate versions we know callers will need.
template void PrepareForUTF8Output(const wchar_t*, size_t, std::string*);
-template void PrepareForUTF8Output(const char16*, size_t, std::string*);
+//template void PrepareForUTF8Output(const char16*, size_t, std::string*);
template<typename STRING>
void PrepareForUTF16Or32Output(const char* src,
@@ -143,6 +143,6 @@ void PrepareForUTF16Or32Output(const char* src,
// Instantiate versions we know callers will need.
template void PrepareForUTF16Or32Output(const char*, size_t, std::wstring*);
-template void PrepareForUTF16Or32Output(const char*, size_t, string16*);
+//template void PrepareForUTF16Or32Output(const char*, size_t, string16*);
} // namespace base
diff --git a/security/sandbox/chromium/base/threading/platform_thread_win.cc b/security/sandbox/chromium/base/threading/platform_thread_win.cc
index d5bd9bed08e7..9750d99ed5fe 100644
--- a/security/sandbox/chromium/base/threading/platform_thread_win.cc
+++ b/security/sandbox/chromium/base/threading/platform_thread_win.cc
@@ -38,11 +38,13 @@ void SetNameInternal(PlatformThreadId thread_id, const char* name) {
info.dwThreadID = thread_id;
info.dwFlags = 0;
+#if 0
__try {
RaiseException(kVCThreadNameException, 0, sizeof(info)/sizeof(DWORD),
reinterpret_cast<DWORD_PTR*>(&info));
} __except(EXCEPTION_CONTINUE_EXECUTION) {
}
+#endif
}
struct ThreadParams {
diff --git a/security/sandbox/chromium/base/time/time_win.cc b/security/sandbox/chromium/base/time/time_win.cc
index dc968ad63980..96ec6e2592cb 100644
--- a/security/sandbox/chromium/base/time/time_win.cc
+++ b/security/sandbox/chromium/base/time/time_win.cc
@@ -356,7 +356,7 @@ TimeDelta RolloverProtectedNow() {
// we keep last_seen_now stay correctly in sync.
DWORD now = g_tick_function();
if (now < g_last_seen_now)
- g_rollover_ms += 0x100000000I64; // ~49.7 days.
+ g_rollover_ms += 0x100000000LL; // ~49.7 days.
g_last_seen_now = now;
return TimeDelta::FromMilliseconds(now + g_rollover_ms);
}
diff --git a/security/sandbox/chromium/base/win/pe_image.h b/security/sandbox/chromium/base/win/pe_image.h
index 4c36bcf850e6..66897186d075 100644
--- a/security/sandbox/chromium/base/win/pe_image.h
+++ b/security/sandbox/chromium/base/win/pe_image.h
@@ -17,7 +17,7 @@
// The Windows 8 SDK defines FACILITY_VISUALCPP in winerror.h.
#undef FACILITY_VISUALCPP
#endif
-#include <DelayIMP.h>
+#include <delayimp.h>
namespace base {
namespace win {
diff --git a/security/sandbox/chromium/base/win/scoped_handle.h b/security/sandbox/chromium/base/win/scoped_handle.h
index 404ab669385a..a5d9a5fe1c23 100644
--- a/security/sandbox/chromium/base/win/scoped_handle.h
+++ b/security/sandbox/chromium/base/win/scoped_handle.h
@@ -18,7 +18,7 @@
#include <intrin.h>
#define BASE_WIN_GET_CALLER _ReturnAddress()
#elif defined(COMPILER_GCC)
-#define BASE_WIN_GET_CALLER __builtin_extract_return_addr(\\
+#define BASE_WIN_GET_CALLER __builtin_extract_return_addr(\
__builtin_return_address(0))
#endif
diff --git a/security/sandbox/chromium/sandbox/win/src/acl.h b/security/sandbox/chromium/sandbox/win/src/acl.h
index b5021e7be865..098bc576c75c 100644
--- a/security/sandbox/chromium/sandbox/win/src/acl.h
+++ b/security/sandbox/chromium/sandbox/win/src/acl.h
@@ -5,7 +5,7 @@
#ifndef SANDBOX_SRC_ACL_H_
#define SANDBOX_SRC_ACL_H_
-#include <AccCtrl.h>
+#include <accctrl.h>
#include <windows.h>
#include "base/memory/scoped_ptr.h"
diff --git a/security/sandbox/chromium/sandbox/win/src/app_container.cc b/security/sandbox/chromium/sandbox/win/src/app_container.cc
index a51f09208239..a9919a1cac22 100644
--- a/security/sandbox/chromium/sandbox/win/src/app_container.cc
+++ b/security/sandbox/chromium/sandbox/win/src/app_container.cc
@@ -4,7 +4,7 @@
#include "sandbox/win/src/app_container.h"
-#include <Sddl.h>
+#include <sddl.h>
#include <stddef.h>
#include <vector>
@@ -27,10 +27,10 @@ PSID ConvertSid(const base::string16& sid) {
template <typename T>
T BindFunction(const char* name) {
HMODULE module = GetModuleHandle(sandbox::kKerneldllName);
- void* function = GetProcAddress(module, name);
+ void* function = (void*)GetProcAddress(module, name);
if (!function) {
module = GetModuleHandle(sandbox::kKernelBasedllName);
- function = GetProcAddress(module, name);
+ function = (void*)GetProcAddress(module, name);
}
return reinterpret_cast<T>(function);
}
diff --git a/security/sandbox/chromium/sandbox/win/src/broker_services.cc b/security/sandbox/chromium/sandbox/win/src/broker_services.cc
index d6acb66fdd79..1ea5da796363 100644
--- a/security/sandbox/chromium/sandbox/win/src/broker_services.cc
+++ b/security/sandbox/chromium/sandbox/win/src/broker_services.cc
@@ -4,7 +4,7 @@
#include "sandbox/win/src/broker_services.h"
-#include <AclAPI.h>
+#include <aclapi.h>
#include <stddef.h>
#include "base/logging.h"
diff --git a/security/sandbox/chromium/sandbox/win/src/crosscall_params.h b/security/sandbox/chromium/sandbox/win/src/crosscall_params.h
index eb59c44239e2..dd1591304320 100644
--- a/security/sandbox/chromium/sandbox/win/src/crosscall_params.h
+++ b/security/sandbox/chromium/sandbox/win/src/crosscall_params.h
@@ -16,6 +16,9 @@
#include "sandbox/win/src/internal_types.h"
#include "sandbox/win/src/sandbox_types.h"
+#define __try if(true)
+#define __except(x) else
+
// Increases |value| until there is no need for padding given an int64_t
// alignment. Returns the increased value.
inline uint32_t Align(uint32_t value) {
diff --git a/security/sandbox/chromium/sandbox/win/src/handle_closer.cc b/security/sandbox/chromium/sandbox/win/src/handle_closer.cc
index f2012b7e071f..670a64721537 100644
--- a/security/sandbox/chromium/sandbox/win/src/handle_closer.cc
+++ b/security/sandbox/chromium/sandbox/win/src/handle_closer.cc
@@ -145,7 +145,7 @@ bool HandleCloser::SetupHandleList(void* buffer, size_t buffer_bytes) {
output = &list_entry->handle_type[0];
// Copy the typename and set the offset and count.
- i->first._Copy_s(output, i->first.size(), i->first.size());
+ i->first.copy(output, i->first.size());
*(output += i->first.size()) = L'\0';
output++;
list_entry->offset_to_names = reinterpret_cast<char*>(output) -
diff --git a/security/sandbox/chromium/sandbox/win/src/interception.cc b/security/sandbox/chromium/sandbox/win/src/interception.cc
index f0a2a61fb379..9eec063f3888 100644
--- a/security/sandbox/chromium/sandbox/win/src/interception.cc
+++ b/security/sandbox/chromium/sandbox/win/src/interception.cc
@@ -23,7 +23,7 @@
#include "sandbox/win/src/service_resolver.h"
#include "sandbox/win/src/target_interceptions.h"
#include "sandbox/win/src/target_process.h"
-#include "sandbox/win/src/wow64.h"
+#include "sandbox/win/src/Wow64.h"
namespace sandbox {
@@ -265,7 +265,7 @@ bool InterceptionManager::SetupDllInfo(const InterceptionData& data,
dll_info->record_bytes = required;
dll_info->offset_to_functions = required;
dll_info->num_functions = 0;
- data.dll._Copy_s(dll_info->dll_name, data.dll.size(), data.dll.size());
+ data.dll.copy(dll_info->dll_name, data.dll.size());
dll_info->dll_name[data.dll.size()] = L'\0';
return true;
@@ -307,12 +307,12 @@ bool InterceptionManager::SetupInterceptionInfo(const InterceptionData& data,
function->interceptor_address = data.interceptor_address;
char* names = function->function;
- data.function._Copy_s(names, name_bytes, name_bytes);
+ data.function.copy(names, name_bytes);
names += name_bytes;
*names++ = '\0';
// interceptor follows the function_name
- data.interceptor._Copy_s(names, interceptor_bytes, interceptor_bytes);
+ data.interceptor.copy(names, interceptor_bytes);
names += interceptor_bytes;
*names++ = '\0';
diff --git a/security/sandbox/chromium/sandbox/win/src/interception.h b/security/sandbox/chromium/sandbox/win/src/interception.h
index 4d1ee82ba399..850e4eef54c6 100644
--- a/security/sandbox/chromium/sandbox/win/src/interception.h
+++ b/security/sandbox/chromium/sandbox/win/src/interception.h
@@ -18,6 +18,7 @@
#include "base/macros.h"
#include "base/strings/string16.h"
#include "sandbox/win/src/sandbox_types.h"
+#include "sandbox/win/src/interceptors.h"
namespace sandbox {
diff --git a/security/sandbox/chromium/sandbox/win/src/interception_internal.h b/security/sandbox/chromium/sandbox/win/src/interception_internal.h
index 45a0557e5efe..7f9cd0d763f0 100644
--- a/security/sandbox/chromium/sandbox/win/src/interception_internal.h
+++ b/security/sandbox/chromium/sandbox/win/src/interception_internal.h
@@ -12,6 +12,7 @@
#include <stddef.h>
#include "sandbox/win/src/sandbox_types.h"
+#include "sandbox/win/src/interceptors.h"
namespace sandbox {
diff --git a/security/sandbox/chromium/sandbox/win/src/resolver.cc b/security/sandbox/chromium/sandbox/win/src/resolver.cc
index d1719da51a57..508a305a140a 100644
--- a/security/sandbox/chromium/sandbox/win/src/resolver.cc
+++ b/security/sandbox/chromium/sandbox/win/src/resolver.cc
@@ -53,7 +53,7 @@ NTSTATUS ResolverThunk::ResolveInterceptor(const void* interceptor_module,
if (!pe.VerifyMagic())
return STATUS_INVALID_IMAGE_FORMAT;
- *address = pe.GetProcAddress(interceptor_name);
+ *address = (void*)pe.GetProcAddress(interceptor_name);
if (!(*address))
return STATUS_PROCEDURE_NOT_FOUND;
diff --git a/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc b/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc
index 62f2422ca432..408d544a55e4 100644
--- a/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc
+++ b/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc
@@ -13,6 +13,9 @@
#include "sandbox/win/src/sandbox_factory.h"
#include "sandbox/win/src/target_services.h"
+#define __try if(true)
+#define __except(x) else
+
namespace sandbox {
// This is the list of all imported symbols from ntdll.dll.
@@ -645,6 +648,11 @@ void* operator new(size_t size, sandbox::AllocationType type,
return result;
}
+void* operator new [](size_t size, sandbox::AllocationType type,
+ void* near_to) {
+ return operator new(size, type, near_to);
+}
+
void operator delete(void* memory, sandbox::AllocationType type) {
if (type == sandbox::NT_ALLOC) {
// Use default flags.
diff --git a/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h b/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h
index 3e0238206768..d0bc4174ce46 100644
--- a/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h
+++ b/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h
@@ -16,6 +16,8 @@
// Placement new and delete to be used from ntdll interception code.
void* __cdecl operator new(size_t size, sandbox::AllocationType type,
void* near_to = NULL);
+void* __cdecl operator new[](size_t size, sandbox::AllocationType type,
+ void* near_to = NULL);
void __cdecl operator delete(void* memory, sandbox::AllocationType type);
// Add operator delete that matches the placement form of the operator new
// above. This is required by compiler to generate code to call operator delete
diff --git a/security/sandbox/chromium/sandbox/win/src/sandbox_rand.cc b/security/sandbox/chromium/sandbox/win/src/sandbox_rand.cc
index b3f977374b33..92d3e721fcec 100644
--- a/security/sandbox/chromium/sandbox/win/src/sandbox_rand.cc
+++ b/security/sandbox/chromium/sandbox/win/src/sandbox_rand.cc
@@ -10,7 +10,7 @@
// "Community Additions" comment on MSDN here:
// http://msdn.microsoft.com/en-us/library/windows/desktop/aa387694.aspx
#define SystemFunction036 NTAPI SystemFunction036
-#include <NTSecAPI.h>
+#include <ntsecapi.h>
#undef SystemFunction036
namespace sandbox {
diff --git a/security/sandbox/chromium/sandbox/win/src/service_resolver.cc b/security/sandbox/chromium/sandbox/win/src/service_resolver.cc
index 92f21a7c2c95..0e63d704f4e0 100644
--- a/security/sandbox/chromium/sandbox/win/src/service_resolver.cc
+++ b/security/sandbox/chromium/sandbox/win/src/service_resolver.cc
@@ -29,7 +29,7 @@ NTSTATUS ServiceResolverThunk::ResolveTarget(const void* module,
return STATUS_UNSUCCESSFUL;
base::win::PEImage module_image(module);
- *address = module_image.GetProcAddress(function_name);
+ *address = (void*)module_image.GetProcAddress(function_name);
if (NULL == *address) {
NOTREACHED_NT();
diff --git a/security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h b/security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h
index 1c1062631340..ed45f22bf0ff 100644
--- a/security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h
+++ b/security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h
@@ -148,9 +148,9 @@ struct Opcode {
// Description of the type of the dest, src and aux operands,
// put together from an enOperandType flag and an enAddressingMethod
// flag.
- int flag_dest_;
- int flag_source_;
- int flag_aux_;
+ unsigned int flag_dest_;
+ unsigned int flag_source_;
+ unsigned flag_aux_;
// We indicate the mnemonic for debugging purposes
const char* mnemonic_;
diff --git a/security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc b/security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc
index d5da2fbe95a5..072be907146b 100644
--- a/security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc
+++ b/security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc
@@ -108,14 +108,14 @@ NTSTATUS SmartSidestepResolverThunk::Setup(const void* target_module,
// to our internal smart interceptor.
size_t standard_bytes = storage_bytes - offsetof(SmartThunk, sidestep);
ret = SidestepResolverThunk::Setup(target_module, interceptor_module,
- target_name, NULL, &SmartStub,
+ target_name, NULL, (void*)&SmartStub,
&thunk->sidestep, standard_bytes, NULL);
if (!NT_SUCCESS(ret))
return ret;
// Fix the internal thunk to pass the whole buffer to the interceptor.
SetInternalThunk(&thunk->sidestep.internal_thunk, GetInternalThunkSize(),
- thunk_storage, &SmartStub);
+ thunk_storage, (void*)&SmartStub);
if (storage_used)
*storage_used = GetThunkSize();
@@ -148,6 +148,7 @@ size_t SmartSidestepResolverThunk::GetThunkSize() const {
// [xxx] [saved ebx] [xxx]
// [xxx] [saved ecx] [xxx]
// [xxx] [saved edx] [xxx]
+#if 0
__declspec(naked)
void SmartSidestepResolverThunk::SmartStub() {
__asm {
@@ -189,6 +190,9 @@ void SmartSidestepResolverThunk::SmartStub() {
ret // Jump to original function.
}
}
+#else
+void SmartSidestepResolverThunk::SmartStub() {} // FIXME !!
+#endif
bool SmartSidestepResolverThunk::IsInternalCall(const void* base,
void* return_address) {
diff --git a/security/sandbox/chromium/sandbox/win/src/target_process.cc b/security/sandbox/chromium/sandbox/win/src/target_process.cc
index e27655e7ecfb..92be96cc4173 100644
--- a/security/sandbox/chromium/sandbox/win/src/target_process.cc
+++ b/security/sandbox/chromium/sandbox/win/src/target_process.cc
@@ -221,7 +221,7 @@ DWORD TargetProcess::Create(const wchar_t* exe_path,
static_cast<PROCESS_INFORMATION_CLASS>(NtProcessInformationAccessToken),
&process_access_token, sizeof(process_access_token));
if (!NT_SUCCESS(status)) {
- win_result = ERROR_INVALID_TOKEN;
+ win_result = ::GetLastError(); //ERROR_INVALID_TOKEN;
::TerminateProcess(process_info.process_handle(), 0); // exit code
return win_result;
}
@@ -244,7 +244,7 @@ ResultCode TargetProcess::TransferVariable(const char* name, void* address,
if (NULL == module)
return SBOX_ERROR_GENERIC;
- child_var = ::GetProcAddress(module, name);
+ child_var = (void*)::GetProcAddress(module, name);
::FreeLibrary(module);
if (NULL == child_var)
diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
index 190fec19e520..bb469aa33100 100644
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
@@ -213,7 +213,7 @@
#if defined(XP_LINUX) && !defined(ANDROID)
#include "mozilla/SandboxInfo.h"
#elif defined(XP_WIN)
-#include "SandboxBroker.h"
+#include "sandboxBroker.h"
#endif
#endif
More information about the tbb-commits
mailing list