| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/restricted_token.h" | 5 #include "sandbox/win/src/restricted_token.h" |
| 6 #include "sandbox/win/src/restricted_token_utils.h" | 6 #include "sandbox/win/src/restricted_token_utils.h" |
| 7 #include "sandbox/win/tools/finder/finder.h" | 7 #include "sandbox/win/tools/finder/finder.h" |
| 8 | 8 |
| 9 Finder::Finder() { | 9 Finder::Finder() { |
| 10 file_output_ = NULL; | 10 file_output_ = NULL; |
| 11 object_type_ = 0; | 11 object_type_ = 0; |
| 12 access_type_ = 0; | 12 access_type_ = 0; |
| 13 token_handle_ = NULL; | |
| 14 memset(filesystem_stats_, 0, sizeof(filesystem_stats_)); | 13 memset(filesystem_stats_, 0, sizeof(filesystem_stats_)); |
| 15 memset(registry_stats_, 0, sizeof(registry_stats_)); | 14 memset(registry_stats_, 0, sizeof(registry_stats_)); |
| 16 memset(kernel_object_stats_, 0, sizeof(kernel_object_stats_)); | 15 memset(kernel_object_stats_, 0, sizeof(kernel_object_stats_)); |
| 17 } | 16 } |
| 18 | 17 |
| 19 Finder::~Finder() { | 18 Finder::~Finder() { |
| 20 if (token_handle_) | |
| 21 ::CloseHandle(token_handle_); | |
| 22 } | 19 } |
| 23 | 20 |
| 24 DWORD Finder::Init(sandbox::TokenLevel token_type, | 21 DWORD Finder::Init(sandbox::TokenLevel token_type, |
| 25 DWORD object_type, | 22 DWORD object_type, |
| 26 DWORD access_type, | 23 DWORD access_type, |
| 27 FILE *file_output) { | 24 FILE *file_output) { |
| 28 DWORD err_code = ERROR_SUCCESS; | 25 DWORD err_code = ERROR_SUCCESS; |
| 29 | 26 |
| 30 err_code = InitNT(); | 27 err_code = InitNT(); |
| 31 if (ERROR_SUCCESS != err_code) | 28 if (ERROR_SUCCESS != err_code) |
| 32 return err_code; | 29 return err_code; |
| 33 | 30 |
| 34 object_type_ = object_type; | 31 object_type_ = object_type; |
| 35 access_type_ = access_type; | 32 access_type_ = access_type; |
| 36 file_output_ = file_output; | 33 file_output_ = file_output; |
| 37 | 34 |
| 38 err_code = sandbox::CreateRestrictedToken(&token_handle_, token_type, | 35 err_code = sandbox::CreateRestrictedToken(token_type, |
| 39 sandbox::INTEGRITY_LEVEL_LAST, | 36 sandbox::INTEGRITY_LEVEL_LAST, |
| 40 sandbox::PRIMARY); | 37 sandbox::PRIMARY, &token_handle_); |
| 41 return err_code; | 38 return err_code; |
| 42 } | 39 } |
| 43 | 40 |
| 44 DWORD Finder::Scan() { | 41 DWORD Finder::Scan() { |
| 45 if (!token_handle_) { | 42 if (!token_handle_.IsValid()) { |
| 46 return ERROR_NO_TOKEN; | 43 return ERROR_NO_TOKEN; |
| 47 } | 44 } |
| 48 | 45 |
| 49 if (object_type_ & kScanRegistry) { | 46 if (object_type_ & kScanRegistry) { |
| 50 ParseRegistry(HKEY_LOCAL_MACHINE, L"HKLM\\"); | 47 ParseRegistry(HKEY_LOCAL_MACHINE, L"HKLM\\"); |
| 51 ParseRegistry(HKEY_USERS, L"HKU\\"); | 48 ParseRegistry(HKEY_USERS, L"HKU\\"); |
| 52 ParseRegistry(HKEY_CURRENT_CONFIG, L"HKCC\\"); | 49 ParseRegistry(HKEY_CURRENT_CONFIG, L"HKCC\\"); |
| 53 } | 50 } |
| 54 | 51 |
| 55 if (object_type_ & kScanFileSystem) { | 52 if (object_type_ & kScanFileSystem) { |
| 56 ParseFileSystem(L"\\\\?\\C:"); | 53 ParseFileSystem(L"\\\\?\\C:"); |
| 57 } | 54 } |
| 58 | 55 |
| 59 if (object_type_ & kScanKernelObjects) { | 56 if (object_type_ & kScanKernelObjects) { |
| 60 ParseKernelObjects(L"\\"); | 57 ParseKernelObjects(L"\\"); |
| 61 } | 58 } |
| 62 | 59 |
| 63 return ERROR_SUCCESS; | 60 return ERROR_SUCCESS; |
| 64 } | 61 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1232963002:
Sandbox: Make CreateRestrictedToken return a ScopedHandle. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master