1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
# HG changeset patch
# User Bob Owen <bobowencode@gmail.com>
# Date 1564062993 -3600
# Thu Jul 25 14:56:33 2019 +0100
# Node ID aa8f8da7b00f1f751bf4a7c8a2cc58b290a328e0
# Parent 69ac304560c98a733d44a0245fe9782dc6a465e2
Bug 1565848: Revert latest change to MITIGATION_DLL_SEARCH_ORDER. r=handyman!
This is until any regressions can be fixed, see bug 1568850.
diff --git a/security/sandbox/chromium/sandbox/win/src/process_mitigations.cc b/security/sandbox/chromium/sandbox/win/src/process_mitigations.cc
--- a/security/sandbox/chromium/sandbox/win/src/process_mitigations.cc
+++ b/security/sandbox/chromium/sandbox/win/src/process_mitigations.cc
@@ -72,26 +72,17 @@ bool ApplyProcessMitigationsToCurrentPro
if (flags & MITIGATION_DLL_SEARCH_ORDER) {
SetDefaultDllDirectoriesFunction set_default_dll_directories =
reinterpret_cast<SetDefaultDllDirectoriesFunction>(
::GetProcAddress(module, "SetDefaultDllDirectories"));
// Check for SetDefaultDllDirectories since it requires KB2533623.
if (set_default_dll_directories) {
-#if defined(COMPONENT_BUILD)
- const DWORD directory_flags = LOAD_LIBRARY_SEARCH_DEFAULT_DIRS;
-#else
- // In a non-component build, all DLLs will be loaded manually, or via
- // manifest definition, so these flags can be stronger. This prevents DLL
- // planting in the application directory.
- const DWORD directory_flags =
- LOAD_LIBRARY_SEARCH_SYSTEM32 | LOAD_LIBRARY_SEARCH_USER_DIRS;
-#endif
- if (!set_default_dll_directories(directory_flags) &&
+ if (!set_default_dll_directories(LOAD_LIBRARY_SEARCH_DEFAULT_DIRS) &&
ERROR_ACCESS_DENIED != ::GetLastError()) {
return false;
}
}
}
// Set the heap to terminate on corruption
if (flags & MITIGATION_HEAP_TERMINATE) {
diff --git a/security/sandbox/chromium/sandbox/win/src/security_level.h b/security/sandbox/chromium/sandbox/win/src/security_level.h
--- a/security/sandbox/chromium/sandbox/win/src/security_level.h
+++ b/security/sandbox/chromium/sandbox/win/src/security_level.h
@@ -192,25 +192,20 @@ const MitigationFlags MITIGATION_BOTTOM_
// PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_ON
const MitigationFlags MITIGATION_HIGH_ENTROPY_ASLR = 0x00000080;
// Immediately raises an exception on a bad handle reference. Must be
// enabled after startup. Corresponds to
// PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_ON.
const MitigationFlags MITIGATION_STRICT_HANDLE_CHECKS = 0x00000100;
-// Strengthens the DLL search order. See
-// http://msdn.microsoft.com/en-us/library/windows/desktop/hh310515. In a
-// component build - sets this to LOAD_LIBRARY_SEARCH_DEFAULT_DIRS allowing
-// additional directories to be added via Windows AddDllDirectory() function,
-// but preserving current load order. In a non-component build, all DLLs should
-// be loaded manually, so strenthen to LOAD_LIBRARY_SEARCH_SYSTEM32 |
-// LOAD_LIBRARY_SEARCH_USER_DIRS, removing LOAD_LIBRARY_SEARCH_APPLICATION_DIR,
-// preventing DLLs being implicitly loaded from the application path. Must be
-// enabled after startup.
+// Sets the DLL search order to LOAD_LIBRARY_SEARCH_DEFAULT_DIRS. Additional
+// directories can be added via the Windows AddDllDirectory() function.
+// http://msdn.microsoft.com/en-us/library/windows/desktop/hh310515
+// Must be enabled after startup.
const MitigationFlags MITIGATION_DLL_SEARCH_ORDER = 0x00000200;
// Changes the mandatory integrity level policy on the current process' token
// to enable no-read and no-execute up. This prevents a lower IL process from
// opening the process token for impersonate/duplicate/assignment.
const MitigationFlags MITIGATION_HARDEN_TOKEN_IL_POLICY = 0x00000400;
// Prevents the process from making Win32k calls. Corresponds to
|
