[tor-bugs] #13893 [Tor Browser]: Torbrowser 4.X.Y crashes on start when using MS EMET 5.x
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Dec 26 18:29:56 UTC 2015
#13893: Torbrowser 4.X.Y crashes on start when using MS EMET 5.x
-------------------------------------------------+-------------------------
Reporter: Diapolo | Owner: gk
Type: defect | Status:
Priority: High | assigned
Component: Tor Browser | Milestone:
Severity: Normal | Version:
Keywords: tbb-usability-stoppoint-app, | Resolution:
TorBrowserTeam201512, GeorgKoppen201512 | Actual Points:
Parent ID: | Points:
Sponsor: SponsorU |
-------------------------------------------------+-------------------------
Comment (by cypherpunks_backup):
Binary generated by compilers for [https://mxr.mozilla.org/mozilla-
esr38/source/xpcom/build/PoisonIOInterposerWin.cpp#484 piece of code]:
{{{
sNtDllInterceptor.AddHook("NtQueryFullAttributesFile",
reinterpret_cast<intptr_t>(InterposedNtQueryFullAttributesFile),
reinterpret_cast<void**>(&gOriginalNtQueryFullAttributesFile));
}}}
MSVC:
{{{
push 012078700
push 0104C3FF3
push 01198AC50 ;'NtQueryFullAttributesFile'
mov ecx,esi
call .0104C39E6
}}}
{{{
mov d,[esp][4],06C433A3F ;'NtQueryFullAttributesFile'
mov [esp],eax
call GetProcAddress
sub esp,8
test eax,eax
jz .069CD9344
mov ebx,eax
cmp b,[eax],-1
jnz .069CD9216
cmp b,[eax][1],025
jnz .069CD9216
mov eax,[eax][2]
mov ebx,[eax]
lea esi,[ebx][-5]
call GetCurrentProcess
lea edx,[esp][03C]
mov [esp][010],edx
mov d,[esp][00C],000000040
mov d,[esp][8],7
mov [esp][4],esi
mov [esp],eax
call VirtualProtectEx
sub esp,014
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13893#comment:17>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list