Skip to content

Bug 42163: Make the DLL blocklist obey portable mode (std::filesystem version)

Merge Info

Related Issues

Backporting

Timeline

  • Immediate: patchset needed as soon as possible
  • Next Minor Stable Release: patchset that needs to be verified in nightly before backport
  • Eventually: patchset that needs to be verified in alpha before backport
  • No Backport (preferred): patchset for the next major stable

You choose, both works for me.

(Optional) Justification

  • Emergency security update: patchset fixes CVEs, 0-days, etc
  • Censorship event: patchset enables censorship circumvention
  • Critical bug-fix: patchset fixes a bug in core-functionality
  • Consistency: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
  • Sponsor required: patchset required for sponsor
  • Localization: typos and other localization changes that should be also in the release branch
  • Other: sort of disk leak, but I don't think many users use this feature. Also, requires the backport of tor-browser-build#41015 (closed)

Merging

  • Merge to tor-browser - !fixups to tor-browser-specific commits, new features, security backports
  • Merge to base-browser - !fixups to base-browser-specific commits, new features to be shared with mullvad-browser, and security backports
    • NOTE: if your changeset includes patches to both base-browser and tor-browser please clearly label in the change description which commits should be cherry-picked to base-browser after merging

Issue Tracking

Review

Request Reviewer

  • Request review from an applications developer depending on modified system:
    • NOTE: if the MR modifies multiple areas, please /cc all the relevant reviewers (since gitlab only allows 1 reviewer)
    • accessibility : henry
    • android : clairehurst, dan
    • build system : boklm
    • extensions : ma1
    • firefox internals (XUL/JS/XPCOM) : ma1
    • fonts : pierov
    • frontend (implementation) : henry
    • frontend (review) : donuts, richard
    • localization : henry, pierov
    • macos : clairehurst, dan
    • nightly builds : boklm
    • rebases/release-prep : dan, ma1, pierov, richard
    • security : ma1
    • signing : boklm, richard
    • updater : pierov
    • misc/other : pierov, richard

Change Description

Supersedes !829 (closed).

In this new version, we use Mozilla's facilities to get the full path to firefox.exe and then we use std::filesystem for path manipulation, that works with paths longer than MAX_PATH also on Windows 7.

For the rest, see the previous MR.

How Tested

Local dev build, I followed the same testing of the previous MR:

  • Go to about:third-party, click the button to enable system data (it might take a while to appear) and block a DLL. Restart the browser and check that the DLL stays disabled (the symbol in the button is a cross in a red circle, and the tooltip tells you it's currently disabled). Notice that Browser\TorBrowser\Data\Browser\blocklist has been created.
  • Close the browser, delete Browser\TorBrowser\Data\Browser\blocklist, go to about:third-party again and notice the DLL has been unblocked
  • Check that HKEY_CURRENT_USER\Software\Tor Project\Firefox\Launcher doesn't have the blocklist entry for this installation of Tor Browser (you can compare with other 13.0aX installs)
Edited by richard

Merge request reports