[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #18171 [Tor Browser]: Dlls brokenness with Windows10 Build 14251



#18171: Dlls brokenness with Windows10 Build 14251
-------------------------------------------------+-------------------------
 Reporter:  Coh_t                                |          Owner:  tbb-
     Type:  defect                               |  team
 Priority:  High                                 |         Status:  closed
Component:  Tor Browser                          |      Milestone:
 Severity:  Major                                |        Version:
 Keywords:  borkenward-compatibility loneliness  |     Resolution:  fixed
  bug-no-bounty tbb-crash TorBrowserTeam201602   |  Actual Points:
Parent ID:                                       |         Points:
  Sponsor:                                       |
-------------------------------------------------+-------------------------

Comment (by cypherpunks):

 Mingw need such checks if not planning to restore some fallback:
 {{{
 --- pseudo-reloc.c
 +++ pseudo-reloc.assert.c
 @@ -178,60 +178,70 @@

  static void
  mark_section_writable (LPVOID addr)
  {
    MEMORY_BASIC_INFORMATION b;
    PIMAGE_SECTION_HEADER h;
    int i;

    for (i = 0; i < maxSections; i++)
      {
        if (the_secs[i].sec_start <= ((LPBYTE) addr)
            && ((LPBYTE) addr) < (the_secs[i].sec_start +
 the_secs[i].hash->Misc.VirtualSize))
          return;
      }
    h = __mingw_GetSectionForAddress (addr);
    if (!h)
      {
        __report_error ("Address %p has no image-section", addr);
        return;
      }
    the_secs[i].hash = h;
    the_secs[i].old_protect = 0;
    the_secs[i].sec_start = _GetPEImageBase () + h->VirtualAddress;

    if (!VirtualQuery (the_secs[i].sec_start, &b, sizeof(b)))
      {
        __report_error ("  VirtualQuery failed for %d bytes at address %p",
                       (int) h->Misc.VirtualSize, the_secs[i].sec_start);
        return;
      }
 +  if ((PBYTE)b.BaseAddress + b.RegionSize <
 +      the_secs[i].sec_start + the_secs[i].hash->Misc.VirtualSize)
 +    {
 +      __report_error ("  VirtualQuery returned too small region: "
 +                      "BaseAddress = %p, RegionSize = %u. For section: "
 +                      "sec_start = %p, size = %u", b.BaseAddress,
 +                      (unsigned int) b.RegionSize, the_secs[i].sec_start,
 +                      (unsigned int) the_secs[i].hash->Misc.VirtualSize);
 +      return;
 +    }

    if (b.Protect != PAGE_EXECUTE_READWRITE && b.Protect != PAGE_READWRITE
        && b.Protect != PAGE_EXECUTE_WRITECOPY && b.Protect !=
 PAGE_WRITECOPY)
      {
        if (!VirtualProtect (b.BaseAddress, b.RegionSize,
                            PAGE_EXECUTE_READWRITE,
                            &the_secs[i].old_protect))
         __report_error ("  VirtualProtect failed with code 0x%x",
           (int) GetLastError ());
      }
    ++maxSections;
    return;
  }
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18171#comment:98>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs