commit 99e8c2c94986940de47d5f50a4b863cb6127df3d Author: Georg Koppen gk@torproject.org Date: Fri Aug 11 08:08:39 2017 +0000
Bug 16010: Fixing sandbox compile issues --- dom/media/gmp/rlz/GMPDeviceBinding.cpp | 2 +- js/xpconnect/src/XPCShellImpl.cpp | 2 +- security/sandbox/chromium-shim/base/win/sdkdecls.h | 2 +- .../sandbox/chromium/base/strings/utf_string_conversion_utils.cc | 4 ++-- security/sandbox/chromium/base/threading/platform_thread_win.cc | 2 ++ security/sandbox/chromium/base/time/time_win.cc | 2 +- security/sandbox/chromium/base/win/pe_image.h | 2 +- security/sandbox/chromium/base/win/scoped_handle.h | 2 +- security/sandbox/chromium/sandbox/win/src/acl.h | 2 +- security/sandbox/chromium/sandbox/win/src/app_container.cc | 6 +++--- security/sandbox/chromium/sandbox/win/src/broker_services.cc | 2 +- security/sandbox/chromium/sandbox/win/src/crosscall_params.h | 3 +++ security/sandbox/chromium/sandbox/win/src/handle_closer.cc | 2 +- security/sandbox/chromium/sandbox/win/src/interception.cc | 8 ++++---- security/sandbox/chromium/sandbox/win/src/interception.h | 1 + security/sandbox/chromium/sandbox/win/src/interception_internal.h | 1 + security/sandbox/chromium/sandbox/win/src/resolver.cc | 2 +- security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc | 8 ++++++++ security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h | 2 ++ security/sandbox/chromium/sandbox/win/src/sandbox_rand.cc | 2 +- security/sandbox/chromium/sandbox/win/src/service_resolver.cc | 2 +- .../chromium/sandbox/win/src/sidestep/mini_disassembler_types.h | 6 +++--- security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc | 8 ++++++-- security/sandbox/chromium/sandbox/win/src/target_process.cc | 4 ++-- toolkit/xre/nsAppRunner.cpp | 2 +- 25 files changed, 50 insertions(+), 29 deletions(-)
diff --git a/dom/media/gmp/rlz/GMPDeviceBinding.cpp b/dom/media/gmp/rlz/GMPDeviceBinding.cpp index c8aee2bcd898..f3e3747e04c2 100644 --- a/dom/media/gmp/rlz/GMPDeviceBinding.cpp +++ b/dom/media/gmp/rlz/GMPDeviceBinding.cpp @@ -62,7 +62,7 @@ GetStackAfterCurrentFrame(uint8_t** aOutTop, uint8_t** aOutBottom) { // "Top" of the free space on the stack is directly after the memory // holding our return address. - uint8_t* top = (uint8_t*)_AddressOfReturnAddress(); + uint8_t* top = (uint8_t*)__builtin_return_address(0);//_AddressOfReturnAddress();
// Look down the stack until we find the guard page... MEMORY_BASIC_INFORMATION memInfo = {0}; diff --git a/js/xpconnect/src/XPCShellImpl.cpp b/js/xpconnect/src/XPCShellImpl.cpp index d86b5c5d3e3d..bedcb9132fef 100644 --- a/js/xpconnect/src/XPCShellImpl.cpp +++ b/js/xpconnect/src/XPCShellImpl.cpp @@ -45,7 +45,7 @@ #include "mozilla/widget/AudioSession.h" #include <windows.h> #if defined(MOZ_SANDBOX) -#include "SandboxBroker.h" +#include "sandboxBroker.h" #endif #endif
diff --git a/security/sandbox/chromium-shim/base/win/sdkdecls.h b/security/sandbox/chromium-shim/base/win/sdkdecls.h index e999ab967b72..127bfaabf5e9 100644 --- a/security/sandbox/chromium-shim/base/win/sdkdecls.h +++ b/security/sandbox/chromium-shim/base/win/sdkdecls.h @@ -115,7 +115,7 @@ QueryThreadCycleTime( #define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_RESERVED (0x00000003 << 28) #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_MASK (0x00000003ui64 << 32) #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_DEFER (0x00000000ui64 << 32) -#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON (0x00000001ui64 << 32) +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON (0x00000001uLL << 32) #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_OFF (0x00000002ui64 << 32) #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_RESERVED (0x00000003ui64 << 32)
diff --git a/security/sandbox/chromium/base/strings/utf_string_conversion_utils.cc b/security/sandbox/chromium/base/strings/utf_string_conversion_utils.cc index 3101a6028883..710fbd83a358 100644 --- a/security/sandbox/chromium/base/strings/utf_string_conversion_utils.cc +++ b/security/sandbox/chromium/base/strings/utf_string_conversion_utils.cc @@ -122,7 +122,7 @@ void PrepareForUTF8Output(const CHAR* src,
// Instantiate versions we know callers will need. template void PrepareForUTF8Output(const wchar_t*, size_t, std::string*); -template void PrepareForUTF8Output(const char16*, size_t, std::string*); +//template void PrepareForUTF8Output(const char16*, size_t, std::string*);
template<typename STRING> void PrepareForUTF16Or32Output(const char* src, @@ -143,6 +143,6 @@ void PrepareForUTF16Or32Output(const char* src,
// Instantiate versions we know callers will need. template void PrepareForUTF16Or32Output(const char*, size_t, std::wstring*); -template void PrepareForUTF16Or32Output(const char*, size_t, string16*); +//template void PrepareForUTF16Or32Output(const char*, size_t, string16*);
} // namespace base diff --git a/security/sandbox/chromium/base/threading/platform_thread_win.cc b/security/sandbox/chromium/base/threading/platform_thread_win.cc index d5bd9bed08e7..9750d99ed5fe 100644 --- a/security/sandbox/chromium/base/threading/platform_thread_win.cc +++ b/security/sandbox/chromium/base/threading/platform_thread_win.cc @@ -38,11 +38,13 @@ void SetNameInternal(PlatformThreadId thread_id, const char* name) { info.dwThreadID = thread_id; info.dwFlags = 0;
+#if 0 __try { RaiseException(kVCThreadNameException, 0, sizeof(info)/sizeof(DWORD), reinterpret_cast<DWORD_PTR*>(&info)); } __except(EXCEPTION_CONTINUE_EXECUTION) { } +#endif }
struct ThreadParams { diff --git a/security/sandbox/chromium/base/time/time_win.cc b/security/sandbox/chromium/base/time/time_win.cc index dc968ad63980..96ec6e2592cb 100644 --- a/security/sandbox/chromium/base/time/time_win.cc +++ b/security/sandbox/chromium/base/time/time_win.cc @@ -356,7 +356,7 @@ TimeDelta RolloverProtectedNow() { // we keep last_seen_now stay correctly in sync. DWORD now = g_tick_function(); if (now < g_last_seen_now) - g_rollover_ms += 0x100000000I64; // ~49.7 days. + g_rollover_ms += 0x100000000LL; // ~49.7 days. g_last_seen_now = now; return TimeDelta::FromMilliseconds(now + g_rollover_ms); } diff --git a/security/sandbox/chromium/base/win/pe_image.h b/security/sandbox/chromium/base/win/pe_image.h index 4c36bcf850e6..66897186d075 100644 --- a/security/sandbox/chromium/base/win/pe_image.h +++ b/security/sandbox/chromium/base/win/pe_image.h @@ -17,7 +17,7 @@ // The Windows 8 SDK defines FACILITY_VISUALCPP in winerror.h. #undef FACILITY_VISUALCPP #endif -#include <DelayIMP.h> +#include <delayimp.h>
namespace base { namespace win { diff --git a/security/sandbox/chromium/base/win/scoped_handle.h b/security/sandbox/chromium/base/win/scoped_handle.h index 404ab669385a..a5d9a5fe1c23 100644 --- a/security/sandbox/chromium/base/win/scoped_handle.h +++ b/security/sandbox/chromium/base/win/scoped_handle.h @@ -18,7 +18,7 @@ #include <intrin.h> #define BASE_WIN_GET_CALLER _ReturnAddress() #elif defined(COMPILER_GCC) -#define BASE_WIN_GET_CALLER __builtin_extract_return_addr(\ +#define BASE_WIN_GET_CALLER __builtin_extract_return_addr(\ __builtin_return_address(0)) #endif
diff --git a/security/sandbox/chromium/sandbox/win/src/acl.h b/security/sandbox/chromium/sandbox/win/src/acl.h index b5021e7be865..098bc576c75c 100644 --- a/security/sandbox/chromium/sandbox/win/src/acl.h +++ b/security/sandbox/chromium/sandbox/win/src/acl.h @@ -5,7 +5,7 @@ #ifndef SANDBOX_SRC_ACL_H_ #define SANDBOX_SRC_ACL_H_
-#include <AccCtrl.h> +#include <accctrl.h> #include <windows.h>
#include "base/memory/scoped_ptr.h" diff --git a/security/sandbox/chromium/sandbox/win/src/app_container.cc b/security/sandbox/chromium/sandbox/win/src/app_container.cc index a51f09208239..a9919a1cac22 100644 --- a/security/sandbox/chromium/sandbox/win/src/app_container.cc +++ b/security/sandbox/chromium/sandbox/win/src/app_container.cc @@ -4,7 +4,7 @@
#include "sandbox/win/src/app_container.h"
-#include <Sddl.h> +#include <sddl.h> #include <stddef.h> #include <vector>
@@ -27,10 +27,10 @@ PSID ConvertSid(const base::string16& sid) { template <typename T> T BindFunction(const char* name) { HMODULE module = GetModuleHandle(sandbox::kKerneldllName); - void* function = GetProcAddress(module, name); + void* function = (void*)GetProcAddress(module, name); if (!function) { module = GetModuleHandle(sandbox::kKernelBasedllName); - function = GetProcAddress(module, name); + function = (void*)GetProcAddress(module, name); } return reinterpret_cast<T>(function); } diff --git a/security/sandbox/chromium/sandbox/win/src/broker_services.cc b/security/sandbox/chromium/sandbox/win/src/broker_services.cc index d6acb66fdd79..1ea5da796363 100644 --- a/security/sandbox/chromium/sandbox/win/src/broker_services.cc +++ b/security/sandbox/chromium/sandbox/win/src/broker_services.cc @@ -4,7 +4,7 @@
#include "sandbox/win/src/broker_services.h"
-#include <AclAPI.h> +#include <aclapi.h> #include <stddef.h>
#include "base/logging.h" diff --git a/security/sandbox/chromium/sandbox/win/src/crosscall_params.h b/security/sandbox/chromium/sandbox/win/src/crosscall_params.h index eb59c44239e2..dd1591304320 100644 --- a/security/sandbox/chromium/sandbox/win/src/crosscall_params.h +++ b/security/sandbox/chromium/sandbox/win/src/crosscall_params.h @@ -16,6 +16,9 @@ #include "sandbox/win/src/internal_types.h" #include "sandbox/win/src/sandbox_types.h"
+#define __try if(true) +#define __except(x) else + // Increases |value| until there is no need for padding given an int64_t // alignment. Returns the increased value. inline uint32_t Align(uint32_t value) { diff --git a/security/sandbox/chromium/sandbox/win/src/handle_closer.cc b/security/sandbox/chromium/sandbox/win/src/handle_closer.cc index f2012b7e071f..670a64721537 100644 --- a/security/sandbox/chromium/sandbox/win/src/handle_closer.cc +++ b/security/sandbox/chromium/sandbox/win/src/handle_closer.cc @@ -145,7 +145,7 @@ bool HandleCloser::SetupHandleList(void* buffer, size_t buffer_bytes) { output = &list_entry->handle_type[0];
// Copy the typename and set the offset and count. - i->first._Copy_s(output, i->first.size(), i->first.size()); + i->first.copy(output, i->first.size()); *(output += i->first.size()) = L'\0'; output++; list_entry->offset_to_names = reinterpret_cast<char*>(output) - diff --git a/security/sandbox/chromium/sandbox/win/src/interception.cc b/security/sandbox/chromium/sandbox/win/src/interception.cc index f0a2a61fb379..9eec063f3888 100644 --- a/security/sandbox/chromium/sandbox/win/src/interception.cc +++ b/security/sandbox/chromium/sandbox/win/src/interception.cc @@ -23,7 +23,7 @@ #include "sandbox/win/src/service_resolver.h" #include "sandbox/win/src/target_interceptions.h" #include "sandbox/win/src/target_process.h" -#include "sandbox/win/src/wow64.h" +#include "sandbox/win/src/Wow64.h"
namespace sandbox {
@@ -265,7 +265,7 @@ bool InterceptionManager::SetupDllInfo(const InterceptionData& data, dll_info->record_bytes = required; dll_info->offset_to_functions = required; dll_info->num_functions = 0; - data.dll._Copy_s(dll_info->dll_name, data.dll.size(), data.dll.size()); + data.dll.copy(dll_info->dll_name, data.dll.size()); dll_info->dll_name[data.dll.size()] = L'\0';
return true; @@ -307,12 +307,12 @@ bool InterceptionManager::SetupInterceptionInfo(const InterceptionData& data, function->interceptor_address = data.interceptor_address; char* names = function->function;
- data.function._Copy_s(names, name_bytes, name_bytes); + data.function.copy(names, name_bytes); names += name_bytes; *names++ = '\0';
// interceptor follows the function_name - data.interceptor._Copy_s(names, interceptor_bytes, interceptor_bytes); + data.interceptor.copy(names, interceptor_bytes); names += interceptor_bytes; *names++ = '\0';
diff --git a/security/sandbox/chromium/sandbox/win/src/interception.h b/security/sandbox/chromium/sandbox/win/src/interception.h index 4d1ee82ba399..850e4eef54c6 100644 --- a/security/sandbox/chromium/sandbox/win/src/interception.h +++ b/security/sandbox/chromium/sandbox/win/src/interception.h @@ -18,6 +18,7 @@ #include "base/macros.h" #include "base/strings/string16.h" #include "sandbox/win/src/sandbox_types.h" +#include "sandbox/win/src/interceptors.h"
namespace sandbox {
diff --git a/security/sandbox/chromium/sandbox/win/src/interception_internal.h b/security/sandbox/chromium/sandbox/win/src/interception_internal.h index 45a0557e5efe..7f9cd0d763f0 100644 --- a/security/sandbox/chromium/sandbox/win/src/interception_internal.h +++ b/security/sandbox/chromium/sandbox/win/src/interception_internal.h @@ -12,6 +12,7 @@ #include <stddef.h>
#include "sandbox/win/src/sandbox_types.h" +#include "sandbox/win/src/interceptors.h"
namespace sandbox {
diff --git a/security/sandbox/chromium/sandbox/win/src/resolver.cc b/security/sandbox/chromium/sandbox/win/src/resolver.cc index d1719da51a57..508a305a140a 100644 --- a/security/sandbox/chromium/sandbox/win/src/resolver.cc +++ b/security/sandbox/chromium/sandbox/win/src/resolver.cc @@ -53,7 +53,7 @@ NTSTATUS ResolverThunk::ResolveInterceptor(const void* interceptor_module, if (!pe.VerifyMagic()) return STATUS_INVALID_IMAGE_FORMAT;
- *address = pe.GetProcAddress(interceptor_name); + *address = (void*)pe.GetProcAddress(interceptor_name);
if (!(*address)) return STATUS_PROCEDURE_NOT_FOUND; diff --git a/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc b/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc index 62f2422ca432..408d544a55e4 100644 --- a/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc +++ b/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc @@ -13,6 +13,9 @@ #include "sandbox/win/src/sandbox_factory.h" #include "sandbox/win/src/target_services.h"
+#define __try if(true) +#define __except(x) else + namespace sandbox {
// This is the list of all imported symbols from ntdll.dll. @@ -645,6 +648,11 @@ void* operator new(size_t size, sandbox::AllocationType type, return result; }
+void* operator new [](size_t size, sandbox::AllocationType type, + void* near_to) { + return operator new(size, type, near_to); +} + void operator delete(void* memory, sandbox::AllocationType type) { if (type == sandbox::NT_ALLOC) { // Use default flags. diff --git a/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h b/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h index 3e0238206768..d0bc4174ce46 100644 --- a/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h +++ b/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h @@ -16,6 +16,8 @@ // Placement new and delete to be used from ntdll interception code. void* __cdecl operator new(size_t size, sandbox::AllocationType type, void* near_to = NULL); +void* __cdecl operator new[](size_t size, sandbox::AllocationType type, + void* near_to = NULL); void __cdecl operator delete(void* memory, sandbox::AllocationType type); // Add operator delete that matches the placement form of the operator new // above. This is required by compiler to generate code to call operator delete diff --git a/security/sandbox/chromium/sandbox/win/src/sandbox_rand.cc b/security/sandbox/chromium/sandbox/win/src/sandbox_rand.cc index b3f977374b33..92d3e721fcec 100644 --- a/security/sandbox/chromium/sandbox/win/src/sandbox_rand.cc +++ b/security/sandbox/chromium/sandbox/win/src/sandbox_rand.cc @@ -10,7 +10,7 @@ // "Community Additions" comment on MSDN here: // http://msdn.microsoft.com/en-us/library/windows/desktop/aa387694.aspx #define SystemFunction036 NTAPI SystemFunction036 -#include <NTSecAPI.h> +#include <ntsecapi.h> #undef SystemFunction036
namespace sandbox { diff --git a/security/sandbox/chromium/sandbox/win/src/service_resolver.cc b/security/sandbox/chromium/sandbox/win/src/service_resolver.cc index 92f21a7c2c95..0e63d704f4e0 100644 --- a/security/sandbox/chromium/sandbox/win/src/service_resolver.cc +++ b/security/sandbox/chromium/sandbox/win/src/service_resolver.cc @@ -29,7 +29,7 @@ NTSTATUS ServiceResolverThunk::ResolveTarget(const void* module, return STATUS_UNSUCCESSFUL;
base::win::PEImage module_image(module); - *address = module_image.GetProcAddress(function_name); + *address = (void*)module_image.GetProcAddress(function_name);
if (NULL == *address) { NOTREACHED_NT(); diff --git a/security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h b/security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h index 1c1062631340..ed45f22bf0ff 100644 --- a/security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h +++ b/security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h @@ -148,9 +148,9 @@ struct Opcode { // Description of the type of the dest, src and aux operands, // put together from an enOperandType flag and an enAddressingMethod // flag. - int flag_dest_; - int flag_source_; - int flag_aux_; + unsigned int flag_dest_; + unsigned int flag_source_; + unsigned flag_aux_;
// We indicate the mnemonic for debugging purposes const char* mnemonic_; diff --git a/security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc b/security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc index d5da2fbe95a5..072be907146b 100644 --- a/security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc +++ b/security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc @@ -108,14 +108,14 @@ NTSTATUS SmartSidestepResolverThunk::Setup(const void* target_module, // to our internal smart interceptor. size_t standard_bytes = storage_bytes - offsetof(SmartThunk, sidestep); ret = SidestepResolverThunk::Setup(target_module, interceptor_module, - target_name, NULL, &SmartStub, + target_name, NULL, (void*)&SmartStub, &thunk->sidestep, standard_bytes, NULL); if (!NT_SUCCESS(ret)) return ret;
// Fix the internal thunk to pass the whole buffer to the interceptor. SetInternalThunk(&thunk->sidestep.internal_thunk, GetInternalThunkSize(), - thunk_storage, &SmartStub); + thunk_storage, (void*)&SmartStub);
if (storage_used) *storage_used = GetThunkSize(); @@ -148,6 +148,7 @@ size_t SmartSidestepResolverThunk::GetThunkSize() const { // [xxx] [saved ebx] [xxx] // [xxx] [saved ecx] [xxx] // [xxx] [saved edx] [xxx] +#if 0 __declspec(naked) void SmartSidestepResolverThunk::SmartStub() { __asm { @@ -189,6 +190,9 @@ void SmartSidestepResolverThunk::SmartStub() { ret // Jump to original function. } } +#else +void SmartSidestepResolverThunk::SmartStub() {} // FIXME !! +#endif
bool SmartSidestepResolverThunk::IsInternalCall(const void* base, void* return_address) { diff --git a/security/sandbox/chromium/sandbox/win/src/target_process.cc b/security/sandbox/chromium/sandbox/win/src/target_process.cc index e27655e7ecfb..92be96cc4173 100644 --- a/security/sandbox/chromium/sandbox/win/src/target_process.cc +++ b/security/sandbox/chromium/sandbox/win/src/target_process.cc @@ -221,7 +221,7 @@ DWORD TargetProcess::Create(const wchar_t* exe_path, static_cast<PROCESS_INFORMATION_CLASS>(NtProcessInformationAccessToken), &process_access_token, sizeof(process_access_token)); if (!NT_SUCCESS(status)) { - win_result = ERROR_INVALID_TOKEN; + win_result = ::GetLastError(); //ERROR_INVALID_TOKEN; ::TerminateProcess(process_info.process_handle(), 0); // exit code return win_result; } @@ -244,7 +244,7 @@ ResultCode TargetProcess::TransferVariable(const char* name, void* address, if (NULL == module) return SBOX_ERROR_GENERIC;
- child_var = ::GetProcAddress(module, name); + child_var = (void*)::GetProcAddress(module, name); ::FreeLibrary(module);
if (NULL == child_var) diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 190fec19e520..bb469aa33100 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -213,7 +213,7 @@ #if defined(XP_LINUX) && !defined(ANDROID) #include "mozilla/SandboxInfo.h" #elif defined(XP_WIN) -#include "SandboxBroker.h" +#include "sandboxBroker.h" #endif #endif
tor-commits@lists.torproject.org