mirrors/gecko-dev
1
0
Fork 1
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-11-09 12:51:09 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Bug 1936749 - Disable ACG if we detect MpDetours.dll injection. r=bobowen

Browse source 
Differential Revision: https://phabricator.services.mozilla.com/D236890
This commit is contained in:
Yannis Juglaret 2025-02-06 14:50:57 +00:00
parent da433603e6
commit 13466184ca
1 changed files with 13 additions and 0 deletions
repo.diff.show_diff_stats Download patch file Download diff file Expand all files Collapse all files

13
security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
View file

@ -343,6 +343,19 @@ Result<Ok, mozilla::ipc::LaunchError> SandboxBroker::LaunchApp(
"Setting the reduced set of flags should always succeed");
}
// Bug 1936749: MpDetours.dll injection is incompatible with ACG.
constexpr sandbox::MitigationFlags kDynamicCodeFlags =
sandbox::MITIGATION_DYNAMIC_CODE_DISABLE |
sandbox::MITIGATION_DYNAMIC_CODE_DISABLE_WITH_OPT_OUT;
sandbox::MitigationFlags delayedMitigations =
mPolicy->GetDelayedProcessMitigations();
if ((delayedMitigations & kDynamicCodeFlags) &&
::GetModuleHandleW(L"MpDetours.dll")) {
delayedMitigations &= ~kDynamicCodeFlags;
SANDBOX_SUCCEED_OR_CRASH(
mPolicy->SetDelayedProcessMitigations(delayedMitigations));
}
EnsureAppLockerAccess(mPolicy);
// If logging enabled, set up the policy.