Security Feature Added to Firefox

Monday, January 11, 2016 @ 04:01 PM gHale

Mozilla developers added a security feature aimed at protecting against basic buffer overflow and memory corruption issues.

Write XOR Execute (W^X) is the name of a security feature in the OpenBSD operating system, which Firefox developers ported inside Firefox’s JIT (Just-in-Time) code compiler.

Firefox 43: 21 Security Issues Fixed
IE Ending Support for Older Versions
Chrome 47 Releases, Fixes Security Flaws
Edge Now Blocks Code Injection

The feature affects how code executed inside the browser interacts with the operating system’s memory, said Mozilla’s Jan de Mooij in a blog post.

The principle behind the W^R memory protection policy, as described by its OpenBSD implementation, is a process (Web page in Firefox’s case) cannot be writable and executable at the same time.

Starting with the latest Firefox 46 Nightly build, Web pages will either be able to write code to the memory or execute code in the memory, but not simultaneously.

By delaying execution time, W^X memory protection prevents some types of buffer overflow attacks and also makes sure when dynamic arbitrary code ends up injected into the process execution stack, Firefox will crash, instead of blindly running potentially malicious code.

Before adding W^X support, Firefox gave Web pages full RWX (Read-Write-Execute) permissions. “RWX pages make it easier to exploit certain bugs. As a result, all modern operating systems store code in executable but non-writable memory, and data is usually not executable, see W^X and DEP,” de Mooij said explaining why he added W^X support to Firefox.

What this means for regular users is Firefox will toggle through special internal functions before switching from a writeable to an executable memory state, which results in some delays.

According to tests carried out by Mozilla’s developers, the performance hit is between 1 percent and 4 percent, depending on the benchmark suite. Because of this minimal impact, the team decided to enable R^W memory protection, which should remain turned on by default, barring bugs and other unforeseen performance issues.