Chromium Code Reviews Chromium Code Reviews
Issue 113190:
Add support for alternate window station. (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/renderer/renderer_main_platform_delegate.h" | 5 #include "chrome/renderer/renderer_main_platform_delegate.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/gfx/native_theme.h" | 8 #include "base/gfx/native_theme.h" |
| 9 #include "chrome/common/chrome_constants.h" | 9 #include "chrome/common/chrome_constants.h" |
| 10 #include "chrome/common/chrome_switches.h" | 10 #include "chrome/common/chrome_switches.h" |
| 11 #include "chrome/test/injection_test_dll.h" | 11 #include "chrome/test/injection_test_dll.h" |
| 12 #include "sandbox/src/sandbox.h" | 12 #include "sandbox/src/sandbox.h" |
| 13 | 13 |
| 14 namespace { | 14 namespace { |
| 15 | 15 |
| 16 // In order to have Theme support, we need to connect to the theme service. | 16 // In order to have Theme support, we need to connect to the theme service. |
| 17 // This needs to be done before we lock down the renderer. Officially this | 17 // This needs to be done before we lock down the renderer. Officially this |
| 18 // can be done with OpenThemeData() but it fails unless you pass a valid | 18 // can be done with OpenThemeData() but it fails unless you pass a valid |
| 19 // window at least the first time. Interestingly, the very act of creating a | 19 // window at least the first time. Interestingly, the very act of creating a |
| 20 // window also sets the connection to the theme service. | 20 // window also sets the connection to the theme service. |
| 21 void EnableThemeSupportForRenderer() { | 21 void EnableThemeSupportForRenderer(bool no_sandbox) { |
| 22 HWINSTA current = NULL; | |
| 23 HWINSTA winsta0 = NULL; | |
| 24 | |
| 25 if (!no_sandbox) { | |
| 26 current = ::GetProcessWindowStation(); | |
| 27 winsta0 = ::OpenWindowStationW(L"WinSta0", FALSE, GENERIC_READ); | |
| 28 if (!winsta0 || !::SetProcessWindowStation(winsta0)) { | |
| 29 // Could not set the alternate window station. There is a possibility | |
| 30 // that the theme wont be correctly initialized on XP. | |
| 31 NOTREACHED(); | |
|
rvargas (doing something else)
2009/05/20 01:21:01
nit: could add a log message here?
| |
| 32 } | |
| 33 } | |
| 34 | |
| 35 // Create a windows on the WinSta0 to initialize theme support. | |
|
cpu_(ooo_6.6-7.5)
2009/05/20 01:51:22
don't need the comment, see lines 16-20.
| |
| 22 HWND window = ::CreateWindowExW(0, L"Static", L"", WS_POPUP | WS_DISABLED, | 36 HWND window = ::CreateWindowExW(0, L"Static", L"", WS_POPUP | WS_DISABLED, |
| 23 CW_USEDEFAULT, 0, 0, 0, HWND_MESSAGE, NULL, | 37 CW_USEDEFAULT, 0, 0, 0, HWND_MESSAGE, NULL, |
| 24 ::GetModuleHandleA(NULL), NULL); | 38 ::GetModuleHandleA(NULL), NULL); |
| 39 ::DestroyWindow(window); | |
|
rvargas (doing something else)
2009/05/20 01:21:01
nit: could you move the !window check here?
| |
| 40 | |
| 41 if (!no_sandbox) { | |
| 42 // Revert the window station. | |
| 43 if (!current || !::SetProcessWindowStation(current)) { | |
| 44 // We failed to switch back to the secure window station. This might | |
| 45 // confuse the renderer enough that we should kill it now. | |
| 46 CHECK(false) << "Failed to restore alternate window station"; | |
| 47 } | |
| 48 | |
| 49 if (!CloseWindowStation(winsta0)) { | |
|
cpu_(ooo_6.6-7.5)
2009/05/20 01:51:22
it seems the style here is :: for windows calls
| |
| 50 // We might be leaking a winsta0 handle. This is a security risk, but | |
| 51 // since we allow fail over to no desktop protection in low memory | |
| 52 // condition, this is not a big risk. | |
| 53 NOTREACHED(); | |
| 54 } | |
| 55 } | |
| 56 | |
| 25 if (!window) { | 57 if (!window) { |
| 26 DLOG(WARNING) << "failed to enable theme support"; | 58 DLOG(WARNING) << "failed to enable theme support"; |
| 27 return; | 59 return; |
| 28 } | 60 } |
| 29 ::DestroyWindow(window); | |
| 30 } | 61 } |
| 31 | 62 |
| 32 } // namespace | 63 } // namespace |
| 33 | 64 |
| 34 RendererMainPlatformDelegate::RendererMainPlatformDelegate( | 65 RendererMainPlatformDelegate::RendererMainPlatformDelegate( |
| 35 const MainFunctionParams& parameters) | 66 const MainFunctionParams& parameters) |
| 36 : parameters_(parameters), | 67 : parameters_(parameters), |
| 37 sandbox_test_module_(NULL) { | 68 sandbox_test_module_(NULL) { |
| 38 } | 69 } |
| 39 | 70 |
| 40 RendererMainPlatformDelegate::~RendererMainPlatformDelegate() { | 71 RendererMainPlatformDelegate::~RendererMainPlatformDelegate() { |
| 41 } | 72 } |
| 42 | 73 |
| 43 void RendererMainPlatformDelegate::PlatformInitialize() { | 74 void RendererMainPlatformDelegate::PlatformInitialize() { |
| 44 // Be mindful of what resources you acquire here. They can be used by | 75 // Be mindful of what resources you acquire here. They can be used by |
| 45 // malicious code if the renderer gets compromised. | 76 // malicious code if the renderer gets compromised. |
| 46 EnableThemeSupportForRenderer(); | 77 const CommandLine& command_line = parameters_.command_line_; |
| 78 bool no_sandbox = command_line.HasSwitch(switches::kNoSandbox); | |
| 79 EnableThemeSupportForRenderer(no_sandbox); | |
| 47 } | 80 } |
| 48 | 81 |
| 49 void RendererMainPlatformDelegate::PlatformUninitialize() { | 82 void RendererMainPlatformDelegate::PlatformUninitialize() { |
| 50 } | 83 } |
| 51 | 84 |
| 52 bool RendererMainPlatformDelegate::InitSandboxTests(bool no_sandbox) { | 85 bool RendererMainPlatformDelegate::InitSandboxTests(bool no_sandbox) { |
| 53 const CommandLine& command_line = parameters_.command_line_; | 86 const CommandLine& command_line = parameters_.command_line_; |
| 54 | 87 |
| 55 DLOG(INFO) << "Started renderer with " << command_line.command_line_string(); | 88 DLOG(INFO) << "Started renderer with " << command_line.command_line_string(); |
| 56 | 89 |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 89 kRenderTestCall)); | 122 kRenderTestCall)); |
| 90 DCHECK(run_security_tests); | 123 DCHECK(run_security_tests); |
| 91 if (run_security_tests) { | 124 if (run_security_tests) { |
| 92 int test_count = 0; | 125 int test_count = 0; |
| 93 DLOG(INFO) << "Running renderer security tests"; | 126 DLOG(INFO) << "Running renderer security tests"; |
| 94 BOOL result = run_security_tests(&test_count); | 127 BOOL result = run_security_tests(&test_count); |
| 95 CHECK(result) << "Test number " << test_count << " has failed."; | 128 CHECK(result) << "Test number " << test_count << " has failed."; |
| 96 } | 129 } |
| 97 } | 130 } |
| 98 } | 131 } |
| OLD | NEW |
