| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/target_process.h" | 5 #include "sandbox/win/src/target_process.h" |
| 6 | 6 |
| 7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
| 8 #include "base/memory/scoped_ptr.h" | 8 #include "base/memory/scoped_ptr.h" |
| 9 #include "base/win/pe_image.h" | 9 #include "base/win/pe_image.h" |
| 10 #include "base/win/windows_version.h" | 10 #include "base/win/windows_version.h" |
| (...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 123 | 123 |
| 124 // ipc_server_ references our process handle, so make sure the former is shut | 124 // ipc_server_ references our process handle, so make sure the former is shut |
| 125 // down before the latter is closed (by ScopedProcessInformation). | 125 // down before the latter is closed (by ScopedProcessInformation). |
| 126 ipc_server_.reset(); | 126 ipc_server_.reset(); |
| 127 } | 127 } |
| 128 | 128 |
| 129 // Creates the target (child) process suspended and assigns it to the job | 129 // Creates the target (child) process suspended and assigns it to the job |
| 130 // object. | 130 // object. |
| 131 DWORD TargetProcess::Create(const wchar_t* exe_path, | 131 DWORD TargetProcess::Create(const wchar_t* exe_path, |
| 132 const wchar_t* command_line, | 132 const wchar_t* command_line, |
| 133 const wchar_t* desktop, | 133 base::win::StartupInformation* startup_info, |
| 134 base::win::ScopedProcessInformation* target_info) { | 134 base::win::ScopedProcessInformation* target_info) { |
| 135 exe_name_.reset(_wcsdup(exe_path)); | 135 exe_name_.reset(_wcsdup(exe_path)); |
| 136 | 136 |
| 137 // the command line needs to be writable by CreateProcess(). | 137 // the command line needs to be writable by CreateProcess(). |
| 138 scoped_ptr_malloc<wchar_t> cmd_line(_wcsdup(command_line)); | 138 scoped_ptr_malloc<wchar_t> cmd_line(_wcsdup(command_line)); |
| 139 scoped_ptr_malloc<wchar_t> desktop_name(desktop ? _wcsdup(desktop) : NULL); | |
| 140 | 139 |
| 141 // Start the target process suspended. | 140 // Start the target process suspended. |
| 142 DWORD flags = | 141 DWORD flags = |
| 143 CREATE_SUSPENDED | CREATE_UNICODE_ENVIRONMENT | DETACHED_PROCESS; | 142 CREATE_SUSPENDED | CREATE_UNICODE_ENVIRONMENT | DETACHED_PROCESS; |
| 144 | 143 |
| 144 if (startup_info->has_extended_startup_info()) |
| 145 flags |= EXTENDED_STARTUPINFO_PRESENT; |
| 146 |
| 145 if (base::win::GetVersion() < base::win::VERSION_WIN8) { | 147 if (base::win::GetVersion() < base::win::VERSION_WIN8) { |
| 146 // Windows 8 implements nested jobs, but for older systems we need to | 148 // Windows 8 implements nested jobs, but for older systems we need to |
| 147 // break out of any job we're in to enforce our restrictions. | 149 // break out of any job we're in to enforce our restrictions. |
| 148 flags |= CREATE_BREAKAWAY_FROM_JOB; | 150 flags |= CREATE_BREAKAWAY_FROM_JOB; |
| 149 } | 151 } |
| 150 | 152 |
| 151 STARTUPINFO startup_info = {sizeof(STARTUPINFO)}; | |
| 152 if (desktop) { | |
| 153 startup_info.lpDesktop = desktop_name.get(); | |
| 154 } | |
| 155 | |
| 156 base::win::ScopedProcessInformation process_info; | 153 base::win::ScopedProcessInformation process_info; |
| 157 | 154 |
| 158 if (!::CreateProcessAsUserW(lockdown_token_, | 155 if (!::CreateProcessAsUserW(lockdown_token_, |
| 159 exe_path, | 156 exe_path, |
| 160 cmd_line.get(), | 157 cmd_line.get(), |
| 161 NULL, // No security attribute. | 158 NULL, // No security attribute. |
| 162 NULL, // No thread attribute. | 159 NULL, // No thread attribute. |
| 163 FALSE, // Do not inherit handles. | 160 FALSE, // Do not inherit handles. |
| 164 flags, | 161 flags, |
| 165 NULL, // Use the environment of the caller. | 162 NULL, // Use the environment of the caller. |
| 166 NULL, // Use current directory of the caller. | 163 NULL, // Use current directory of the caller. |
| 167 &startup_info, | 164 startup_info->startup_info(), |
| 168 process_info.Receive())) { | 165 process_info.Receive())) { |
| 169 return ::GetLastError(); | 166 return ::GetLastError(); |
| 170 } | 167 } |
| 171 lockdown_token_.Close(); | 168 lockdown_token_.Close(); |
| 172 | 169 |
| 173 PoisonLowerAddressRange(process_info.process_handle()); | 170 PoisonLowerAddressRange(process_info.process_handle()); |
| 174 | 171 |
| 175 DWORD win_result = ERROR_SUCCESS; | 172 DWORD win_result = ERROR_SUCCESS; |
| 176 | 173 |
| 177 // Assign the suspended target to the windows job object | 174 // Assign the suspended target to the windows job object |
| (...skipping 171 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 349 | 346 |
| 350 | 347 |
| 351 TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address) { | 348 TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address) { |
| 352 TargetProcess* target = new TargetProcess(NULL, NULL, NULL, NULL); | 349 TargetProcess* target = new TargetProcess(NULL, NULL, NULL, NULL); |
| 353 target->sandbox_process_info_.Receive()->hProcess = process; | 350 target->sandbox_process_info_.Receive()->hProcess = process; |
| 354 target->base_address_ = base_address; | 351 target->base_address_ = base_address; |
| 355 return target; | 352 return target; |
| 356 } | 353 } |
| 357 | 354 |
| 358 } // namespace sandbox | 355 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10878071:
Move STARTUPINFO manipulation into SpawnTarget (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/