Use ScopedProcessInformation and other RAII types in sandbox.

sandbox/src/restricted_token_utils.cc

-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <aclapi.h>
 #include <sddl.h>
 #include <vector>
 
 #include "sandbox/src/restricted_token_utils.h"
 
 #include "base/logging.h"
 #include "base/win/scoped_handle.h"
+#include "base/win/scoped_process_information.h"
 #include "base/win/windows_version.h"
 #include "sandbox/src/job.h"
 #include "sandbox/src/restricted_token.h"
 #include "sandbox/src/security_level.h"
 #include "sandbox/src/sid.h"
 
 namespace sandbox {
 
 DWORD CreateRestrictedToken(HANDLE *token_handle,
                             TokenLevel security_level,
@@ skipping 152 matching lines @@
                                    impersonation_level,
                                    INTEGRITY_LEVEL_LAST,
                                    IMPERSONATION);
   if (ERROR_SUCCESS != err_code) {
     return err_code;
   }
   base::win::ScopedHandle impersonation_token(impersonation_token_handle);
 
   // Start the process
   STARTUPINFO startup_info = {0};
-  PROCESS_INFORMATION process_info = {0};
+  base::win::ScopedProcessInformation process_info;
 
   if (!::CreateProcessAsUser(primary_token.Get(),
                              NULL,   // No application name.
                              command_line,
                              NULL,   // No security attribute.
                              NULL,   // No thread attribute.
                              FALSE,  // Do not inherit handles.
                              CREATE_SUSPENDED | CREATE_BREAKAWAY_FROM_JOB,
                              NULL,   // Use the environment of the caller.
                              NULL,   // Use current directory of the caller.
                              &startup_info,
-                             &process_info)) {
+                             process_info.Receive())) {
     return ::GetLastError();
   }
 
-  base::win::ScopedHandle thread_handle(process_info.hThread);
-  base::win::ScopedHandle process_handle(process_info.hProcess);
-
   // Change the token of the main thread of the new process for the
   // impersonation token with more rights.
-  if (!::SetThreadToken(&process_info.hThread, impersonation_token.Get())) {
-    ::TerminateProcess(process_handle.Get(),
-                       0);  // exit code
-    return ::GetLastError();
+  {
+    HANDLE temp_thread = process_info.thread_handle();
+    if (!::SetThreadToken(&temp_thread, impersonation_token.Get())) {
+      ::TerminateProcess(process_info.process_handle(),
+                         0);  // exit code
+      return ::GetLastError();
+    }
   }
 
-  err_code = job.AssignProcessToJob(process_handle.Get());
+  err_code = job.AssignProcessToJob(process_info.process_handle());
   if (ERROR_SUCCESS != err_code) {
-    ::TerminateProcess(process_handle.Get(),
+    ::TerminateProcess(process_info.process_handle(),
                        0);  // exit code
     return ::GetLastError();
   }
 
   // Start the application
-  ::ResumeThread(thread_handle.Get());
+  ::ResumeThread(process_info.thread_handle());
 
   (*job_handle_ret) = job.Detach();
 
   return ERROR_SUCCESS;
 }
 
 DWORD SetObjectIntegrityLabel(HANDLE handle, SE_OBJECT_TYPE type,
                               const wchar_t* ace_access,
                               const wchar_t* integrity_level_sid) {
   // Build the SDDL string for the label.
@@ skipping 103 matching lines @@
   if (!::OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_DEFAULT,
                           &token_handle))
     return ::GetLastError();
 
   base::win::ScopedHandle token(token_handle);
 
   return SetTokenIntegrityLevel(token.Get(), integrity_level);
 }
 
 }  // namespace sandbox