зеркало из https://github.com/mozilla/gecko-dev.git
e83bcb5130
When the browser process starts a sandbox process, we copy the executable's IAT for ntdll.dll into the new process to prevent DLL injection via IAT tampering as the launcher process does. However, if IAT has been modified by a module injected via `SetWindowHookEx`, the browser process cannot copy IAT because a modified IAT is invalid in a different process, failing to start any sandbox processes. The proposed fix is to cache IAT before COM initialization which may load modules via `SetWindowHookEx` for the first time in the process. Differential Revision: https://phabricator.services.mozilla.com/D73303 |
||
|---|---|---|
| .. | ||
| src | ||
| SandboxInitialization.cpp | ||
| SandboxInitialization.h | ||