Bug 1762576 - Firefox is not allowing Symantec DLP to inject DLL into…

… the browser for Data Loss Prevention software r=mhowell Move the LoadLibrary injection blocking back to Nightly-only. Differential Revision: https://phabricator.services.mozilla.com/D143843
Brli · Apr 15, 2022 · e18ba67 · e18ba67
1 parent d282b98
commit e18ba67
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/toolkit/xre/dllservices/mozglue/WindowsDllBlocklist.cpp b/toolkit/xre/dllservices/mozglue/WindowsDllBlocklist.cpp
@@ -531,9 +531,11 @@ static NTSTATUS NTAPI patched_LdrLoadDll(PWCHAR filePath, PULONG flags,
   return ret;
 }
 
+#if defined(NIGHTLY_BUILD)
 // Map of specific thread proc addresses we should block. In particular,
 // LoadLibrary* APIs which indicate DLL injection
 static void* gStartAddressesToBlock[4];
+#endif  // defined(NIGHTLY_BUILD)
 
 static bool ShouldBlockThread(void* aStartAddress) {
   // Allows crashfirefox.exe to continue to work. Also if your threadproc is
@@ -542,11 +544,13 @@ static bool ShouldBlockThread(void* aStartAddress) {
     return false;
   }
 
+#if defined(NIGHTLY_BUILD)
   for (auto p : gStartAddressesToBlock) {
     if (p == aStartAddress) {
       return true;
     }
   }
+#endif
 
   bool shouldBlock = false;
   MEMORY_BASIC_INFORMATION startAddressInfo = {0};
@@ -614,6 +618,7 @@ MFBT_API void DllBlocklist_Initialize(uint32_t aInitFlags) {
     }
   }
 
+#if defined(NIGHTLY_BUILD)
   // Populate a list of thread start addresses to block.
   HMODULE hKernel = GetModuleHandleW(L"kernel32.dll");
   if (hKernel) {
@@ -631,6 +636,7 @@ MFBT_API void DllBlocklist_Initialize(uint32_t aInitFlags) {
     pProc = (void*)GetProcAddress(hKernel, "LoadLibraryExW");
     gStartAddressesToBlock[3] = pProc;
   }
+#endif
 
   if (aInitFlags & eDllBlocklistInitFlagWasBootstrapped) {
     GetNativeNtBlockSetWriter();