commit 49d21424d9d25b47a263bacec751742ac7370683 Author: Alex Gaynor agaynor@mozilla.com Date: Fri Mar 31 16:15:56 2017 -0400

Bug 805173 - Enable HeapEnableTerminationOnCorruption for chrome processes on Windows. r=mhowell,tjr

This is an exploit mitigation which causes the Windows system allocator to abort in the event it is in a corrupted state, rather than attempt to proceed in a potentially exploitable state.

Because we use jemalloc, this only affects system libraries or plugins which still use the system allocator.

The has been enabled on our content processes for a while without incident.

r=mhowell,tjr

MozReview-Commit-ID: 5ctXugtbI1A

--HG-- extra : rebase_source : f6f134404be3b258a8e522c22fa061c32a47e313 --- toolkit/xre/nsAppRunner.cpp | 7 +++++++ 1 file changed, 7 insertions(+)

diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 455b142..721f599 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -4189,6 +4189,13 @@ XREMain::XRE_mainStartup(bool* aExitFlag) } #endif /* DEBUG */

+#if defined(XP_WIN) + // Enable the HeapEnableTerminationOnCorruption exploit mitigation. We ignore + // the return code because it always returns success, although it has no + // effect on Windows older than XP SP3. + HeapSetInformation(NULL, HeapEnableTerminationOnCorruption, NULL, 0); +#endif /* XP_WIN */ + #if defined(MOZ_WIDGET_GTK) || defined(MOZ_ENABLE_XREMOTE) // Stash DESKTOP_STARTUP_ID in malloc'ed memory because gtk_init will clear it. #define HAVE_DESKTOP_STARTUP_ID