| Index: sandbox/src/broker_services.cc
|
| diff --git a/sandbox/src/broker_services.cc b/sandbox/src/broker_services.cc
|
| index f6a05775e92b48c1284828ede0a01fecc794eda7..ca84d4e0043a19d2981ffb35966d7fa030a37dbc 100644
|
| --- a/sandbox/src/broker_services.cc
|
| +++ b/sandbox/src/broker_services.cc
|
| @@ -5,7 +5,10 @@
|
| #include "sandbox/src/broker_services.h"
|
|
|
| #include "base/logging.h"
|
| +#include "base/memory/scoped_ptr.h"
|
| #include "base/threading/platform_thread.h"
|
| +#include "base/win/scoped_handle.h"
|
| +#include "base/win/scoped_process_information.h"
|
| #include "sandbox/src/sandbox_policy_base.h"
|
| #include "sandbox/src/sandbox.h"
|
| #include "sandbox/src/target_process.h"
|
| @@ -217,10 +220,11 @@ DWORD WINAPI BrokerServicesBase::TargetEventsThread(PVOID param) {
|
|
|
| // SpawnTarget does all the interesting sandbox setup and creates the target
|
| // process inside the sandbox.
|
| -ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
|
| - const wchar_t* command_line,
|
| - TargetPolicy* policy,
|
| - PROCESS_INFORMATION* target_info) {
|
| +ResultCode BrokerServicesBase::SpawnTarget(
|
| + const wchar_t* exe_path,
|
| + const wchar_t* command_line,
|
| + TargetPolicy* policy,
|
| + base::win::ScopedProcessInformation* target_info) {
|
| if (!exe_path)
|
| return SBOX_ERROR_BAD_PARAMS;
|
|
|
| @@ -241,14 +245,15 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
|
|
|
| // Construct the tokens and the job object that we are going to associate
|
| // with the soon to be created target process.
|
| - HANDLE lockdown_token = NULL;
|
| - HANDLE initial_token = NULL;
|
| - DWORD win_result = policy_base->MakeTokens(&initial_token, &lockdown_token);
|
| + base::win::ScopedHandle lockdown_token;
|
| + base::win::ScopedHandle initial_token;
|
| + DWORD win_result = policy_base->MakeTokens(initial_token.Receive(),
|
| + lockdown_token.Receive());
|
| if (ERROR_SUCCESS != win_result)
|
| return SBOX_ERROR_GENERIC;
|
|
|
| - HANDLE job = NULL;
|
| - win_result = policy_base->MakeJobObject(&job);
|
| + base::win::ScopedHandle job;
|
| + win_result = policy_base->MakeJobObject(job.Receive());
|
| if (ERROR_SUCCESS != win_result)
|
| return SBOX_ERROR_GENERIC;
|
|
|
| @@ -262,9 +267,11 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
|
|
|
| // Create the TargetProces object and spawn the target suspended. Note that
|
| // Brokerservices does not own the target object. It is owned by the Policy.
|
| - PROCESS_INFORMATION process_info = {0};
|
| - TargetProcess* target = new TargetProcess(initial_token, lockdown_token,
|
| - job, thread_pool_);
|
| + base::win::ScopedProcessInformation process_info;
|
| + TargetProcess* target = new TargetProcess(initial_token.Take(),
|
| + lockdown_token.Take(),
|
| + job,
|
| + thread_pool_);
|
|
|
| std::wstring desktop = policy_base->GetAlternateDesktop();
|
|
|
| @@ -274,10 +281,6 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
|
| if (ERROR_SUCCESS != win_result)
|
| return SpawnCleanup(target, win_result);
|
|
|
| - if ((INVALID_HANDLE_VALUE == process_info.hProcess) ||
|
| - (INVALID_HANDLE_VALUE == process_info.hThread))
|
| - return SpawnCleanup(target, win_result);
|
| -
|
| // Now the policy is the owner of the target.
|
| if (!policy_base->AddTarget(target)) {
|
| return SpawnCleanup(target, 0);
|
| @@ -286,23 +289,15 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
|
| // We are going to keep a pointer to the policy because we'll call it when
|
| // the job object generates notifications using the completion port.
|
| policy_base->AddRef();
|
| - JobTracker* tracker = new JobTracker(job, policy_base);
|
| - if (!AssociateCompletionPort(job, job_port_, tracker))
|
| + scoped_ptr<JobTracker> tracker(new JobTracker(job.Take(), policy_base));
|
| + if (!AssociateCompletionPort(tracker->job, job_port_, tracker.get()))
|
| return SpawnCleanup(target, 0);
|
| // Save the tracker because in cleanup we might need to force closing
|
| // the Jobs.
|
| - tracker_list_.push_back(tracker);
|
| -
|
| - // We return the caller a duplicate of the process handle so they
|
| - // can close it at will.
|
| - HANDLE dup_process_handle = NULL;
|
| - if (!::DuplicateHandle(::GetCurrentProcess(), process_info.hProcess,
|
| - ::GetCurrentProcess(), &dup_process_handle,
|
| - 0, FALSE, DUPLICATE_SAME_ACCESS))
|
| - return SpawnCleanup(target, 0);
|
| + tracker_list_.push_back(tracker.release());
|
| +
|
| + target_info->Swap(&process_info);
|
|
|
| - *target_info = process_info;
|
| - target_info->hProcess = dup_process_handle;
|
| return SBOX_ALL_OK;
|
| }
|
|
|
|
|