Add "win-rt-app" command-line flag to disable MITIGATION_STRICT_HANDLE_CHECKS

and avoid sandboxed renderer process crash in WinRT apps (issue #2274)
2017-09-29 11:17:31 +02:00 · 2017-09-29 11:17:31 +02:00 · cd60f7c7be
parent 531f5a30ef
commit cd60f7c7be
2 changed files with 23 additions and 0 deletions
--- a/patch/patch.cfg
+++ b/patch/patch.cfg
@ -344,4 +344,9 @@ patches = [
    # https://bitbucket.org/chromiumembedded/cef/issues/1947
    'name': 'extensions_1947',
  },
+  {
+    # Don't enable sandbox::MITIGATION_STRICT_HANDLE_CHECKS in WinRT apps.
+    # https://bitbucket.org/chromiumembedded/cef/issues/2274
+    'name': 'win_rt_2274',
+  },
 ]
--- a/patch/patches/win_rt_2274.patch
+++ b/patch/patches/win_rt_2274.patch
@ -0,0 +1,18 @@
+diff --git content/common/sandbox_win.cc content/common/sandbox_win.cc
+index a98c8bd7646b..7c100ff20d34 100644
+--- content/common/sandbox_win.cc
+++ content/common/sandbox_win.cc
+@@ -782,8 +782,11 @@ sandbox::ResultCode StartSandboxedProcess(
+ #endif
+ 
+   // Post-startup mitigations.
+-  mitigations = sandbox::MITIGATION_STRICT_HANDLE_CHECKS |
+-                sandbox::MITIGATION_DLL_SEARCH_ORDER;
+  mitigations = sandbox::MITIGATION_DLL_SEARCH_ORDER;
+  if (!browser_command_line.HasSwitch("win-rt-app")) {
+    // Don't enable this mitigation in WinRT apps. See issue #2274.
+    mitigations |= sandbox::MITIGATION_STRICT_HANDLE_CHECKS;
+  }
+   if (base::FeatureList::IsEnabled(features::kWinSboxForceMsSigned))
+     mitigations |= sandbox::MITIGATION_FORCE_MS_SIGNED_BINS;
+