Bug 1445614: Only warn when SetAlternateDesktop fails. r=jimm a=jcristau
authorBob Owen <bobowencode@gmail.com>
Wed, 14 Mar 2018 18:39:36 +0000
changeset 460136 f08e27292f7efc0313588ec1234cd78ad7d7d8f7
parent 460135 36962a3d388d69c7af3544c705270e485e4df8b7
child 460137 d9668297a5189515fbcd886ba7930c1fba931fab
push id8846
push usernerli@mozilla.com
push dateThu, 15 Mar 2018 17:08:05 +0000
treeherdermozilla-beta@d9668297a518 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjimm, jcristau
bugs1445614
milestone60.0
Bug 1445614: Only warn when SetAlternateDesktop fails. r=jimm a=jcristau
security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
--- a/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
+++ b/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
@@ -446,18 +446,20 @@ SandboxBroker::SetSecurityLevelForConten
     sandbox::MITIGATION_HEAP_TERMINATE |
     sandbox::MITIGATION_SEHOP |
     sandbox::MITIGATION_DEP_NO_ATL_THUNK |
     sandbox::MITIGATION_DEP |
     sandbox::MITIGATION_EXTENSION_POINT_DISABLE;
 
   if (aSandboxLevel > 4) {
     result = mPolicy->SetAlternateDesktop(false);
-    MOZ_RELEASE_ASSERT(sandbox::SBOX_ALL_OK == result,
-                       "Failed to create alternate desktop for sandbox.");
+    if (NS_WARN_IF(result != sandbox::SBOX_ALL_OK)) {
+      LOG_W("SetAlternateDesktop failed, result: %i, last error: %x",
+            result, ::GetLastError());
+    }
   }
 
   if (aSandboxLevel > 3) {
     // If we're running from a network drive then we can't block loading from
     // remote locations. Strangely using MITIGATION_IMAGE_LOAD_NO_LOW_LABEL in
     // this situation also means the process fails to start (bug 1423296).
     if (!sRunningFromNetworkDrive) {
       mitigations |= sandbox::MITIGATION_IMAGE_LOAD_NO_REMOTE |
@@ -844,18 +846,20 @@ SandboxBroker::SetSecurityLevelForPDFium
   SANDBOX_ENSURE_SUCCESS(result,
                          "SetJobLevel should never fail with these arguments, what happened?");
   result = mPolicy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS,
                                   sandbox::USER_LOCKDOWN);
   SANDBOX_ENSURE_SUCCESS(result,
                          "SetTokenLevel should never fail with these arguments, what happened?");
 
   result = mPolicy->SetAlternateDesktop(true);
-  SANDBOX_ENSURE_SUCCESS(result,
-                         "Failed to create alternate desktop for sandbox.");
+  if (NS_WARN_IF(result != sandbox::SBOX_ALL_OK)) {
+    LOG_W("SetAlternateDesktop failed, result: %i, last error: %x",
+          result, ::GetLastError());
+  }
 
   result = mPolicy->SetIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW);
   MOZ_ASSERT(sandbox::SBOX_ALL_OK == result,
              "SetIntegrityLevel should never fail with these arguments, what happened?");
 
   result =
     mPolicy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_UNTRUSTED);
   SANDBOX_ENSURE_SUCCESS(result,
@@ -923,18 +927,20 @@ SandboxBroker::SetSecurityLevelForGMPlug
                          "SetJobLevel should never fail with these arguments, what happened?");
   auto level = (aLevel == Restricted) ?
     sandbox::USER_RESTRICTED : sandbox::USER_LOCKDOWN;
   result = mPolicy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS, level);
   SANDBOX_ENSURE_SUCCESS(result,
                          "SetTokenLevel should never fail with these arguments, what happened?");
 
   result = mPolicy->SetAlternateDesktop(true);
-  SANDBOX_ENSURE_SUCCESS(result,
-                         "Failed to create alternate desktop for sandbox.");
+  if (NS_WARN_IF(result != sandbox::SBOX_ALL_OK)) {
+    LOG_W("SetAlternateDesktop failed, result: %i, last error: %x",
+          result, ::GetLastError());
+  }
 
   result = mPolicy->SetIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW);
   MOZ_ASSERT(sandbox::SBOX_ALL_OK == result,
              "SetIntegrityLevel should never fail with these arguments, what happened?");
 
   result =
     mPolicy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_UNTRUSTED);
   SANDBOX_ENSURE_SUCCESS(result,