Closed Bug 1701778 Opened 5 years ago Closed 5 years ago

Invalid Win32k use in content process [USER32!RegisterWindowMessageW]

Categories

(Core :: Security: Process Sandboxing, defect)

Product:
Core
Component:
Security: Process Sandboxing
Platform:
All
Windows
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
89 Branch
Tracking Flags:
Tracking Status
firefox89 --- fixed

People

(Reporter: cmartin, Assigned: cmartin)

References

Details

Attachments

(1 file)

Bug 1701778 - Remove unused, statically-initialized WebRTC variable
48 bytes, text/x-phabricator-request
Details | Review

Caused by WebRTC static initializer

win32u!NtUserRegisterWindowMessage
USER32!RegisterWindowMessageW+0x33
ole32!_RegisterClipFormat+0x9f [com\oleaut32\stdtypes\propset.cpp @ 70]
ole32!InitPropset+0x9f [com\oleaut32\stdtypes\propset.cpp @ 76]
ole32!_typesDllMain+0xda [com\oleaut32\stdtypes\stdtyp.cpp @ 35]
ole32!OleautExtDllMain+0x175 [com\ole32\oleautext\oleautomation.cpp @ 77]
ole32!DllMain+0x5a [com\ole32\dll\dll.cpp @ 309]
ole32!dllmain_dispatch+0x8f [VCCRT\vcstartup\src\startup\dll_dllmain.cpp @ 200]
ntdll!LdrpCallInitRoutine+0x61
ntdll!LdrpInitializeNode+0x1d3
ntdll!LdrpInitializeGraphRecurse+0x42
ntdll!LdrpInitializeGraphRecurse+0xc8
ntdll!LdrpPrepareModuleForExecution+0xbf
ntdll!LdrpLoadDllInternal+0x19a
ntdll!LdrpLoadDll+0xa8
ntdll!LdrLoadDll+0xe4
firefox!mozilla::interceptor::FuncHookCrossProcess<mozilla::interceptor::WindowsDllInterceptor<mozilla::interceptor::VMSharingPolicyUnique<mozilla::interceptor::MMPolicyOutOfProcess> >,long (*)(wchar_t *, unsigned long *, _UNICODE_STRING *, void **)>::operator()+0x19 [c:\moz\mozilla-central\obj-x86_64-pc-mingw32\dist\include\nsWindowsDllInterceptor.h @ 254]
firefox!mozilla::freestanding::patched_LdrLoadDll+0x50 [c:\moz\mozilla-central\browser\app\winlauncher\freestanding\DllBlocklist.cpp @ 356]
KERNELBASE!LoadLibraryExW+0x162
firefox!GetLibHandle+0x11 [c:\moz\mozilla-central\xpcom\glue\standalone\nsXPCOMGlue.cpp @ 49]
firefox!ReadDependentCB+0x1b [c:\moz\mozilla-central\xpcom\glue\standalone\nsXPCOMGlue.cpp @ 148]
firefox!ReadDependentCB+0x48 [c:\moz\mozilla-central\xpcom\glue\standalone\nsXPCOMGlue.cpp @ 160]
firefox!XPCOMGlueLoad+0x32a [c:\moz\mozilla-central\xpcom\glue\standalone\nsXPCOMGlue.cpp @ 326]
firefox!mozilla::GetBootstrap+0x3ad [c:\moz\mozilla-central\xpcom\glue\standalone\nsXPCOMGlue.cpp @ 409]
firefox!InitXPCOMGlue+0xd6 [c:\moz\mozilla-central\browser\app\nsBrowserApp.cpp @ 236]
firefox!NS_internal_main+0x27b [c:\moz\mozilla-central\browser\app\nsBrowserApp.cpp @ 305]
firefox!wmain+0x1fe [c:\moz\mozilla-central\toolkit\xre\nsWindowsWMain.cpp @ 131]
firefox!invoke_main+0x22 [d:\agent_work\2\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl @ 90]
firefox!__scrt_common_main_seh+0x10c [d:\agent_work\2\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl @ 288]
KERNEL32!BaseThreadInitThunk+0x14
ntdll!RtlUserThreadStart+0x21

Assignee: nobody → cmartin
Blocks: 1546154
Status: NEW → ASSIGNED
Pushed by cmartin@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/07514278d050 Remove unused, statically-initialized WebRTC variable r=dminor,bobowen

https://hg.mozilla.org/mozilla-central/rev/07514278d050

Status: ASSIGNED → RESOLVED
Closed: 5 years ago
status-firefox89: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 89 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: