| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/renderer/renderer_main_platform_delegate.h" | 5 #include "content/renderer/renderer_main_platform_delegate.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "content/common/injection_test_dll.h" | 10 #include "content/common/injection_test_dll.h" |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 66 : parameters_(parameters), | 66 : parameters_(parameters), |
| 67 sandbox_test_module_(NULL) { | 67 sandbox_test_module_(NULL) { |
| 68 } | 68 } |
| 69 | 69 |
| 70 RendererMainPlatformDelegate::~RendererMainPlatformDelegate() { | 70 RendererMainPlatformDelegate::~RendererMainPlatformDelegate() { |
| 71 } | 71 } |
| 72 | 72 |
| 73 void RendererMainPlatformDelegate::PlatformInitialize() { | 73 void RendererMainPlatformDelegate::PlatformInitialize() { |
| 74 // Be mindful of what resources you acquire here. They can be used by | 74 // Be mindful of what resources you acquire here. They can be used by |
| 75 // malicious code if the renderer gets compromised. | 75 // malicious code if the renderer gets compromised. |
| 76 const CommandLine& command_line = parameters_.command_line_; | 76 const CommandLine& command_line = parameters_.command_line; |
| 77 bool no_sandbox = command_line.HasSwitch(switches::kNoSandbox); | 77 bool no_sandbox = command_line.HasSwitch(switches::kNoSandbox); |
| 78 EnableThemeSupportForRenderer(no_sandbox); | 78 EnableThemeSupportForRenderer(no_sandbox); |
| 79 | 79 |
| 80 if (!no_sandbox) { | 80 if (!no_sandbox) { |
| 81 // ICU DateFormat class (used in base/time_format.cc) needs to get the | 81 // ICU DateFormat class (used in base/time_format.cc) needs to get the |
| 82 // Olson timezone ID by accessing the registry keys under | 82 // Olson timezone ID by accessing the registry keys under |
| 83 // HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones. | 83 // HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones. |
| 84 // After TimeZone::createDefault is called once here, the timezone ID is | 84 // After TimeZone::createDefault is called once here, the timezone ID is |
| 85 // cached and there's no more need to access the registry. If the sandbox | 85 // cached and there's no more need to access the registry. If the sandbox |
| 86 // is disabled, we don't have to make this dummy call. | 86 // is disabled, we don't have to make this dummy call. |
| 87 scoped_ptr<icu::TimeZone> zone(icu::TimeZone::createDefault()); | 87 scoped_ptr<icu::TimeZone> zone(icu::TimeZone::createDefault()); |
| 88 } | 88 } |
| 89 } | 89 } |
| 90 | 90 |
| 91 void RendererMainPlatformDelegate::PlatformUninitialize() { | 91 void RendererMainPlatformDelegate::PlatformUninitialize() { |
| 92 } | 92 } |
| 93 | 93 |
| 94 bool RendererMainPlatformDelegate::InitSandboxTests(bool no_sandbox) { | 94 bool RendererMainPlatformDelegate::InitSandboxTests(bool no_sandbox) { |
| 95 const CommandLine& command_line = parameters_.command_line_; | 95 const CommandLine& command_line = parameters_.command_line; |
| 96 | 96 |
| 97 DVLOG(1) << "Started renderer with " << command_line.GetCommandLineString(); | 97 DVLOG(1) << "Started renderer with " << command_line.GetCommandLineString(); |
| 98 | 98 |
| 99 sandbox::TargetServices* target_services = | 99 sandbox::TargetServices* target_services = |
| 100 parameters_.sandbox_info_.TargetServices(); | 100 parameters_.sandbox_info->target_services; |
| 101 | 101 |
| 102 if (target_services && !no_sandbox) { | 102 if (target_services && !no_sandbox) { |
| 103 std::wstring test_dll_name = | 103 std::wstring test_dll_name = |
| 104 command_line.GetSwitchValueNative(switches::kTestSandbox); | 104 command_line.GetSwitchValueNative(switches::kTestSandbox); |
| 105 if (!test_dll_name.empty()) { | 105 if (!test_dll_name.empty()) { |
| 106 sandbox_test_module_ = LoadLibrary(test_dll_name.c_str()); | 106 sandbox_test_module_ = LoadLibrary(test_dll_name.c_str()); |
| 107 DCHECK(sandbox_test_module_); | 107 DCHECK(sandbox_test_module_); |
| 108 if (!sandbox_test_module_) { | 108 if (!sandbox_test_module_) { |
| 109 return false; | 109 return false; |
| 110 } | 110 } |
| 111 } | 111 } |
| 112 } | 112 } |
| 113 return true; | 113 return true; |
| 114 } | 114 } |
| 115 | 115 |
| 116 bool RendererMainPlatformDelegate::EnableSandbox() { | 116 bool RendererMainPlatformDelegate::EnableSandbox() { |
| 117 sandbox::TargetServices* target_services = | 117 sandbox::TargetServices* target_services = |
| 118 parameters_.sandbox_info_.TargetServices(); | 118 parameters_.sandbox_info->target_services; |
| 119 | 119 |
| 120 if (target_services) { | 120 if (target_services) { |
| 121 // Cause advapi32 to load before the sandbox is turned on. | 121 // Cause advapi32 to load before the sandbox is turned on. |
| 122 unsigned int dummy_rand; | 122 unsigned int dummy_rand; |
| 123 rand_s(&dummy_rand); | 123 rand_s(&dummy_rand); |
| 124 // Warm up language subsystems before the sandbox is turned on. | 124 // Warm up language subsystems before the sandbox is turned on. |
| 125 ::GetUserDefaultLangID(); | 125 ::GetUserDefaultLangID(); |
| 126 ::GetUserDefaultLCID(); | 126 ::GetUserDefaultLCID(); |
| 127 | 127 |
| 128 target_services->LowerToken(); | 128 target_services->LowerToken(); |
| 129 return true; | 129 return true; |
| 130 } | 130 } |
| 131 return false; | 131 return false; |
| 132 } | 132 } |
| 133 | 133 |
| 134 void RendererMainPlatformDelegate::RunSandboxTests() { | 134 void RendererMainPlatformDelegate::RunSandboxTests() { |
| 135 if (sandbox_test_module_) { | 135 if (sandbox_test_module_) { |
| 136 RunRendererTests run_security_tests = | 136 RunRendererTests run_security_tests = |
| 137 reinterpret_cast<RunRendererTests>(GetProcAddress(sandbox_test_module_, | 137 reinterpret_cast<RunRendererTests>(GetProcAddress(sandbox_test_module_, |
| 138 kRenderTestCall)); | 138 kRenderTestCall)); |
| 139 DCHECK(run_security_tests); | 139 DCHECK(run_security_tests); |
| 140 if (run_security_tests) { | 140 if (run_security_tests) { |
| 141 int test_count = 0; | 141 int test_count = 0; |
| 142 DVLOG(1) << "Running renderer security tests"; | 142 DVLOG(1) << "Running renderer security tests"; |
| 143 BOOL result = run_security_tests(&test_count); | 143 BOOL result = run_security_tests(&test_count); |
| 144 CHECK(result) << "Test number " << test_count << " has failed."; | 144 CHECK(result) << "Test number " << test_count << " has failed."; |
| 145 } | 145 } |
| 146 } | 146 } |
| 147 } | 147 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8414020:
Expose the sandbox related code through the content API. I did a bit of cleanup while I was doing... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/