[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #13893 [Tor Browser]: Torbrowser crashes on start when using MS EMET 5.x
#13893: Torbrowser crashes on start when using MS EMET 5.x
-------------------------------------------------+-------------------------
Reporter: Diapolo | Owner: gk
Type: defect | Status:
Priority: High | needs_revision
Component: Tor Browser | Milestone:
Severity: Major | Version:
Keywords: tbb-security, tbb-crash, tbb- | Resolution:
usability-stoppoint-app, | Actual Points:
TorBrowserTeam201602, GeorgKoppen201602, | Points:
fuck-mingw-gcc |
Parent ID: #12820 |
Sponsor: SponsorU |
-------------------------------------------------+-------------------------
Comment (by bugzilla):
Oh, it seems somebody in comment:19 was wrong :( And, in general, we
should ask GCC team to stop generating overoptimized code that makes
addresses predictable and thus vulnerable to SimExecFlow.
There were a lot of implications after Deep Hooks had been enabled by
default in EMET. And cypherpunks suspected hooks as the reason of crashes.
But now EMET is constantly auditing TBB with all Global Mitigation
Settings disabled (incl. Deep Hooks) and the situation hasn't changed.
(Seems to be a real vulnerability)
Somebody proposed to do something with too aggressive inlining. So, it can
be checked with {{{-Ob0}}} whether it's the reason of the issues.
Also, there are a lot of posts about surprises with {{{-O3}}}, so, maybe,
{{{-O2}}} will help.
(EMET version 5.5.5871.31892)
+ a lot of calls to:
CodeAddress : 0x61462446
CodeStackPtr : 0x36E830
CalledAddress : 0x770FF0F2
API name : kernel32.LoadLibraryW
StackPtr : 0x0036E5F0
FramePtr : 0x0
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13893#comment:48>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs