Bug 1376496 - Part 1 - Resolve Windows symlinks in unpacked load security check. r=jimm
authorHaik Aftandilian <haftandilian@mozilla.com>
Fri, 07 Jul 2017 16:44:50 -0700
changeset 419809 e4e70a229f5e71859aecd7299dbcfd30f03fc9ac
parent 419808 f1693d664f8e8ee4c79801630c181c28095cad56
child 419810 4a4f23c6fb22ddb6a288a6f245da985192ee4129
push id7566
push usermtabara@mozilla.com
push dateWed, 02 Aug 2017 08:25:16 +0000
treeherdermozilla-beta@86913f512c3c [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjimm
bugs1376496
milestone56.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1376496 - Part 1 - Resolve Windows symlinks in unpacked load security check. r=jimm Add Windows-specific calls to normalize symlinks and junction points for unpacked child extension requests. MozReview-Commit-ID: F7bYk1WOGcU
netwerk/protocol/res/ExtensionProtocolHandler.cpp
--- a/netwerk/protocol/res/ExtensionProtocolHandler.cpp
+++ b/netwerk/protocol/res/ExtensionProtocolHandler.cpp
@@ -36,16 +36,17 @@
 #include "nsIOutputStream.h"
 #include "nsIStreamConverterService.h"
 #include "nsNetUtil.h"
 #include "prio.h"
 #include "SimpleChannel.h"
 
 #if defined(XP_WIN)
 #include "nsILocalFileWin.h"
+#include "WinUtils.h"
 #endif
 
 #if !defined(XP_WIN) && defined(MOZ_CONTENT_SANDBOX)
 #include "mozilla/SandboxSettings.h"
 #endif
 
 #define EXTENSION_SCHEME "moz-extension"
 using mozilla::ipc::FileDescriptor;
@@ -626,16 +627,22 @@ ExtensionProtocolHandler::NewStream(nsIU
   /*
    * Make sure the file we resolved to is within the extension directory.
    */
 
   // Normalize paths for sane comparisons. nsIFile::Contains depends on
   // it for reliable subpath checks.
   NS_TRY(extensionDir->Normalize());
   NS_TRY(requestedFile->Normalize());
+#if defined(XP_WIN)
+  if (!widget::WinUtils::ResolveJunctionPointsAndSymLinks(extensionDir) ||
+      !widget::WinUtils::ResolveJunctionPointsAndSymLinks(requestedFile)) {
+    return Err(NS_ERROR_FILE_ACCESS_DENIED);
+  }
+#endif
 
   bool isResourceFromExtensionDir = false;
   NS_TRY(extensionDir->Contains(requestedFile, &isResourceFromExtensionDir));
   if (!isResourceFromExtensionDir) {
 #if defined(XP_WIN)
     return Err(NS_ERROR_FILE_ACCESS_DENIED);
 #elif defined(MOZ_CONTENT_SANDBOX)
     // On a dev build, we allow an unpacked resource that isn't