We have a blocklist mechanism available to us for child processes that provides an advantage over the current dll entry point blocklist service. The advantage stems from the way in which this mechanism is set up prior to any thread execution in the child process. We currently only block one dll here, WRusr.dll from WebRoot, but we plan to expand this to include a number of 3rd party dlls. This bug tracks work in this area.

k7pswsen.dll - https://crash-stats.mozilla.com/report/index/92edf562-9240-4924-a7ff-3246a0171006#tab-modules

Try push with some more DLLs that crop up frequently in the ImageBridgeChild::InitForContent crashes: https://hg.mozilla.org/try/rev/387923a5755a57ad378308af77e12a117ccaa70c

I think that trying to slice this up by feature is just going to lead to complications down the line, so to keep it simple I've moved this to the launch code for all sandboxed children, not just when the Alternate Desktop is enabled. This also, similar to chromium, only adds them to the blocklist if they are loaded in the parent.

Don't know if this is the right place for this or if it's already been covered but Comodo has apparently been causing crashes on 32 bit Firefox. https://support.mozilla.org/en-US/kb/firefox-crashes-startup-comodo-win10-update

Comment on attachment 8916642 [details] [diff] [review] Expand list of DLLs that are suspected of causing crash in ImageBridgeChild::InitForContent Review of attachment 8916642 [details] [diff] [review]: ----------------------------------------------------------------- ::: security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp @@ +234,5 @@ > + // Add DLLs that have been found to cause instability with the sandbox to the > + // policy, so that they will be unloaded when they attempt to load. > + sandbox::ResultCode result; > + for (std::wstring dllToUnload : kDllsToUnload) { > + if (::GetModuleHandleW(dllToUnload.c_str())) { nit - comment me, or add a comment explaining why we check this up in the list comment.

Pushed by bobowencode@gmail.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/dfc9fb9a35b3 Expand the list of DLLs that are suspected of causing a crash in ImageBridgeChild::InitForContent. r=jimm

(In reply to Caspy7 from comment #4) > Don't know if this is the right place for this or if it's already been > covered but Comodo has apparently been causing crashes on 32 bit Firefox. > > https://support.mozilla.org/en-US/kb/firefox-crashes-startup-comodo-win10- > update It looks like they already have a patch for that and, unlike our normal blocklist, this one doesn't currently have the ability to block by version.