Bug 1369669: Resolve junction points and symlinks in the child executable path before launching. r=jimm
authorBob Owen <bobowencode@gmail.com>
Sat, 29 Jul 2017 09:29:56 +0100
changeset 420597 9804b2b94597631f04a91bbf307246a6a219f7b7
parent 420596 9ff81e376529981389074a985083d161e2f155d3
child 420598 27ac1eee8d2952cfb25b32f71a62dd0dd7f9e05e
push id7566
push usermtabara@mozilla.com
push dateWed, 02 Aug 2017 08:25:16 +0000
treeherdermozilla-beta@86913f512c3c [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjimm
bugs1369669
milestone56.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1369669: Resolve junction points and symlinks in the child executable path before launching. r=jimm This is required so that DLL paths loaded after lockdown match policy rules.
ipc/glue/GeckoChildProcessHost.cpp
--- a/ipc/glue/GeckoChildProcessHost.cpp
+++ b/ipc/glue/GeckoChildProcessHost.cpp
@@ -142,17 +142,24 @@ GeckoChildProcessHost::GetPathToBinary(F
 {
   if (sRunSelfAsContentProc &&
       (processType == GeckoProcessType_Content || processType == GeckoProcessType_GPU)) {
 #if defined(OS_WIN)
     wchar_t exePathBuf[MAXPATHLEN];
     if (!::GetModuleFileNameW(nullptr, exePathBuf, MAXPATHLEN)) {
       MOZ_CRASH("GetModuleFileNameW failed (FIXME)");
     }
-    exePath = FilePath::FromWStringHack(exePathBuf);
+    std::wstring exePathStr = exePathBuf;
+#if defined(MOZ_SANDBOX)
+    // We need to start the child process using the real path, so that the
+    // sandbox policy rules will match for DLLs loaded from the bin dir after
+    // we have lowered the sandbox.
+    widget::WinUtils::ResolveJunctionPointsAndSymLinks(exePathStr);
+#endif
+    exePath = FilePath::FromWStringHack(exePathStr);
 #elif defined(OS_POSIX)
     exePath = FilePath(CommandLine::ForCurrentProcess()->argv()[0]);
 #else
 #  error Sorry; target OS not supported yet.
 #endif
     return BinaryPathType::Self;
   }