Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(239)

Unified Diff: content/common/sandbox_policy.cc

Issue 9959018: Use ScopedProcessInformation and other RAII types in sandbox. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 8 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | sandbox/src/Wow64.cc » ('j') | sandbox/src/broker_services.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/common/sandbox_policy.cc
diff --git a/content/common/sandbox_policy.cc b/content/common/sandbox_policy.cc
index dc98fc0a31aefa01e1d6bd9c7e2d3ef41f7e1e87..874325613232ed64d8d5635891afd9eaf66e4275 100644
--- a/content/common/sandbox_policy.cc
+++ b/content/common/sandbox_policy.cc
@@ -15,6 +15,7 @@
#include "base/process_util.h"
#include "base/stringprintf.h"
#include "base/string_util.h"
+#include "base/win/scoped_process_information.h"
#include "base/win/windows_version.h"
#include "content/common/debug_flags.h"
#include "content/public/common/content_client.h"
@@ -418,7 +419,6 @@ void InitBrokerServices(sandbox::BrokerServices* broker_services) {
base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line,
const FilePath& exposed_dir) {
- base::ProcessHandle process = 0;
const CommandLine& browser_command_line = *CommandLine::ForCurrentProcess();
content::ProcessType type;
std::string type_str = cmd_line->GetSwitchValueASCII(switches::kProcessType);
@@ -497,7 +497,7 @@ base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line,
cmd_line->AppendArg(base::StringPrintf("/prefetch:%d", type));
sandbox::ResultCode result;
- PROCESS_INFORMATION target = {0};
+ base::win::ScopedProcessInformation target;
sandbox::TargetPolicy* policy = g_broker_services->CreatePolicy();
#if !defined(NACL_WIN64) // We don't need this code on win nacl64.
@@ -510,6 +510,7 @@ base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line,
if (!in_sandbox) {
policy->Release();
+ base::ProcessHandle process = 0;
base::LaunchProcess(*cmd_line, base::LaunchOptions(), &process);
return process;
}
@@ -565,7 +566,7 @@ base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line,
result = g_broker_services->SpawnTarget(
cmd_line->GetProgram().value().c_str(),
cmd_line->GetCommandLineString().c_str(),
- policy, &target);
+ policy, target.Receive());
policy->Release();
TRACE_EVENT_END_ETW("StartProcessWithAccess::LAUNCHPROCESS", 0, 0);
@@ -585,7 +586,7 @@ base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line,
(base::win::OSInfo::GetInstance()->wow64_status() ==
base::win::OSInfo::WOW64_DISABLED)) {
const SIZE_T kOneGigabyte = 1 << 30;
- void* nacl_mem = VirtualAllocEx(target.hProcess,
+ void* nacl_mem = VirtualAllocEx(target.process_handle(),
NULL,
kOneGigabyte,
MEM_RESERVE,
@@ -595,16 +596,14 @@ base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line,
}
}
- ResumeThread(target.hThread);
- CloseHandle(target.hThread);
- process = target.hProcess;
+ ResumeThread(target.thread_handle());
// Help the process a little. It can't start the debugger by itself if
// the process is in a sandbox.
if (child_needs_help)
- base::debug::SpawnDebuggerOnProcess(target.dwProcessId);
+ base::debug::SpawnDebuggerOnProcess(target.process_id());
- return process;
+ return target.TakeProcessHandle();
}
} // namespace sandbox
« no previous file with comments | « no previous file | sandbox/src/Wow64.cc » ('j') | sandbox/src/broker_services.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698