Chromium Code Reviews Chromium Code Reviews
Issue 1337223002:
Fixes to possible GetLastError bugs (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/process_thread_interception.h" | 5 #include "sandbox/win/src/process_thread_interception.h" |
| 6 | 6 |
| 7 #include "sandbox/win/src/crosscall_client.h" | 7 #include "sandbox/win/src/crosscall_client.h" |
| 8 #include "sandbox/win/src/ipc_tags.h" | 8 #include "sandbox/win/src/ipc_tags.h" |
| 9 #include "sandbox/win/src/policy_params.h" | 9 #include "sandbox/win/src/policy_params.h" |
| 10 #include "sandbox/win/src/policy_target.h" | 10 #include "sandbox/win/src/policy_target.h" |
| (...skipping 257 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 268 LPSTARTUPINFOW startup_info, | 268 LPSTARTUPINFOW startup_info, |
| 269 LPPROCESS_INFORMATION process_information) { | 269 LPPROCESS_INFORMATION process_information) { |
| 270 if (SandboxFactory::GetTargetServices()->GetState()->IsCsrssConnected() && | 270 if (SandboxFactory::GetTargetServices()->GetState()->IsCsrssConnected() && |
| 271 orig_CreateProcessW(application_name, command_line, process_attributes, | 271 orig_CreateProcessW(application_name, command_line, process_attributes, |
| 272 thread_attributes, inherit_handles, flags, | 272 thread_attributes, inherit_handles, flags, |
| 273 environment, current_directory, startup_info, | 273 environment, current_directory, startup_info, |
| 274 process_information)) { | 274 process_information)) { |
| 275 return TRUE; | 275 return TRUE; |
| 276 } | 276 } |
| 277 | 277 |
| 278 // We don't trust that the IPC can work this early. | |
| 279 if (!SandboxFactory::GetTargetServices()->GetState()->InitCalled()) | |
| 280 return FALSE; | |
| 281 | |
| 282 DWORD original_error = ::GetLastError(); | 278 DWORD original_error = ::GetLastError(); |
| 283 | 279 |
| 284 do { | 280 // We don't trust that the IPC can work this early. |
| 285 if (!ValidParameter(process_information, sizeof(PROCESS_INFORMATION), | 281 if (SandboxFactory::GetTargetServices()->GetState()->InitCalled()) { |
|
brucedawson
2015/09/12 00:33:55
Moving this below the initialization of original_e
cpu_(ooo_6.6-7.5)
2015/09/14 17:17:16
In this particular case it is harmless to move it
brucedawson
2015/09/14 18:59:55
Got it.
How about a comment to make the rational
| |
| 286 WRITE)) | 282 do { |
| 287 break; | 283 if (!ValidParameter(process_information, sizeof(PROCESS_INFORMATION), |
| 284 WRITE)) | |
| 285 break; | |
| 288 | 286 |
| 289 void* memory = GetGlobalIPCMemory(); | 287 void* memory = GetGlobalIPCMemory(); |
| 290 if (NULL == memory) | 288 if (NULL == memory) |
| 291 break; | 289 break; |
| 292 | 290 |
| 293 const wchar_t* cur_dir = NULL; | 291 const wchar_t* cur_dir = NULL; |
| 294 | 292 |
| 295 wchar_t current_directory[MAX_PATH]; | 293 wchar_t current_directory[MAX_PATH]; |
| 296 DWORD result = ::GetCurrentDirectory(MAX_PATH, current_directory); | 294 DWORD result = ::GetCurrentDirectory(MAX_PATH, current_directory); |
| 297 if (0 != result && result < MAX_PATH) | 295 if (0 != result && result < MAX_PATH) |
| 298 cur_dir = current_directory; | 296 cur_dir = current_directory; |
| 299 | 297 |
| 300 SharedMemIPCClient ipc(memory); | 298 SharedMemIPCClient ipc(memory); |
| 301 CrossCallReturn answer = {0}; | 299 CrossCallReturn answer = {0}; |
| 302 | 300 |
| 303 InOutCountedBuffer proc_info(process_information, | 301 InOutCountedBuffer proc_info(process_information, |
| 304 sizeof(PROCESS_INFORMATION)); | 302 sizeof(PROCESS_INFORMATION)); |
| 305 | 303 |
| 306 ResultCode code = CrossCall(ipc, IPC_CREATEPROCESSW_TAG, application_name, | 304 ResultCode code = CrossCall(ipc, IPC_CREATEPROCESSW_TAG, application_name, |
| 307 command_line, cur_dir, proc_info, &answer); | 305 command_line, cur_dir, proc_info, &answer); |
| 308 if (SBOX_ALL_OK != code) | 306 if (SBOX_ALL_OK != code) |
| 309 break; | 307 break; |
| 310 | 308 |
| 311 ::SetLastError(answer.win32_result); | 309 ::SetLastError(answer.win32_result); |
| 312 if (ERROR_SUCCESS != answer.win32_result) | 310 if (ERROR_SUCCESS != answer.win32_result) |
| 313 return FALSE; | 311 return FALSE; |
| 314 | 312 |
| 315 return TRUE; | 313 return TRUE; |
| 316 } while (false); | 314 } while (false); |
| 315 } | |
| 317 | 316 |
| 318 ::SetLastError(original_error); | 317 ::SetLastError(original_error); |
| 319 return FALSE; | 318 return FALSE; |
| 320 } | 319 } |
| 321 | 320 |
| 322 BOOL WINAPI TargetCreateProcessA(CreateProcessAFunction orig_CreateProcessA, | 321 BOOL WINAPI TargetCreateProcessA(CreateProcessAFunction orig_CreateProcessA, |
| 323 LPCSTR application_name, LPSTR command_line, | 322 LPCSTR application_name, LPSTR command_line, |
| 324 LPSECURITY_ATTRIBUTES process_attributes, | 323 LPSECURITY_ATTRIBUTES process_attributes, |
| 325 LPSECURITY_ATTRIBUTES thread_attributes, | 324 LPSECURITY_ATTRIBUTES thread_attributes, |
| 326 BOOL inherit_handles, DWORD flags, | 325 BOOL inherit_handles, DWORD flags, |
| 327 LPVOID environment, LPCSTR current_directory, | 326 LPVOID environment, LPCSTR current_directory, |
| 328 LPSTARTUPINFOA startup_info, | 327 LPSTARTUPINFOA startup_info, |
| 329 LPPROCESS_INFORMATION process_information) { | 328 LPPROCESS_INFORMATION process_information) { |
| 330 if (orig_CreateProcessA(application_name, command_line, process_attributes, | 329 if (orig_CreateProcessA(application_name, command_line, process_attributes, |
| 331 thread_attributes, inherit_handles, flags, | 330 thread_attributes, inherit_handles, flags, |
| 332 environment, current_directory, startup_info, | 331 environment, current_directory, startup_info, |
| 333 process_information)) { | 332 process_information)) { |
| 334 return TRUE; | 333 return TRUE; |
| 335 } | 334 } |
| 336 | 335 |
| 337 // We don't trust that the IPC can work this early. | |
| 338 if (!SandboxFactory::GetTargetServices()->GetState()->InitCalled()) | |
| 339 return FALSE; | |
| 340 | |
| 341 DWORD original_error = ::GetLastError(); | 336 DWORD original_error = ::GetLastError(); |
| 342 | 337 |
| 343 do { | 338 // We don't trust that the IPC can work this early. |
| 344 if (!ValidParameter(process_information, sizeof(PROCESS_INFORMATION), | 339 if (SandboxFactory::GetTargetServices()->GetState()->InitCalled()) { |
| 345 WRITE)) | 340 do { |
| 346 break; | 341 if (!ValidParameter(process_information, sizeof(PROCESS_INFORMATION), |
| 342 WRITE)) | |
| 343 break; | |
| 347 | 344 |
| 348 void* memory = GetGlobalIPCMemory(); | 345 void* memory = GetGlobalIPCMemory(); |
| 349 if (NULL == memory) | 346 if (NULL == memory) |
| 350 break; | 347 break; |
| 351 | 348 |
| 352 // Convert the input params to unicode. | 349 // Convert the input params to unicode. |
| 353 UNICODE_STRING *cmd_unicode = NULL; | 350 UNICODE_STRING *cmd_unicode = NULL; |
| 354 UNICODE_STRING *app_unicode = NULL; | 351 UNICODE_STRING *app_unicode = NULL; |
| 355 if (command_line) { | 352 if (command_line) { |
| 356 cmd_unicode = AnsiToUnicode(command_line); | 353 cmd_unicode = AnsiToUnicode(command_line); |
| 357 if (!cmd_unicode) | 354 if (!cmd_unicode) |
| 355 break; | |
| 356 } | |
| 357 | |
| 358 if (application_name) { | |
| 359 app_unicode = AnsiToUnicode(application_name); | |
| 360 if (!app_unicode) { | |
| 361 operator delete(cmd_unicode, NT_ALLOC); | |
| 362 break; | |
| 363 } | |
| 364 } | |
| 365 | |
| 366 const wchar_t* cmd_line = cmd_unicode ? cmd_unicode->Buffer : NULL; | |
| 367 const wchar_t* app_name = app_unicode ? app_unicode->Buffer : NULL; | |
| 368 const wchar_t* cur_dir = NULL; | |
| 369 | |
| 370 wchar_t current_directory[MAX_PATH]; | |
| 371 DWORD result = ::GetCurrentDirectory(MAX_PATH, current_directory); | |
| 372 if (0 != result && result < MAX_PATH) | |
| 373 cur_dir = current_directory; | |
| 374 | |
| 375 SharedMemIPCClient ipc(memory); | |
| 376 CrossCallReturn answer = {0}; | |
| 377 | |
| 378 InOutCountedBuffer proc_info(process_information, | |
| 379 sizeof(PROCESS_INFORMATION)); | |
| 380 | |
| 381 ResultCode code = CrossCall(ipc, IPC_CREATEPROCESSW_TAG, app_name, | |
| 382 cmd_line, cur_dir, proc_info, &answer); | |
| 383 | |
| 384 operator delete(cmd_unicode, NT_ALLOC); | |
| 385 operator delete(app_unicode, NT_ALLOC); | |
| 386 | |
| 387 if (SBOX_ALL_OK != code) | |
| 358 break; | 388 break; |
| 359 } | |
| 360 | 389 |
| 361 if (application_name) { | 390 ::SetLastError(answer.win32_result); |
| 362 app_unicode = AnsiToUnicode(application_name); | 391 if (ERROR_SUCCESS != answer.win32_result) |
| 363 if (!app_unicode) { | 392 return FALSE; |
| 364 operator delete(cmd_unicode, NT_ALLOC); | |
| 365 break; | |
| 366 } | |
| 367 } | |
| 368 | 393 |
| 369 const wchar_t* cmd_line = cmd_unicode ? cmd_unicode->Buffer : NULL; | 394 return TRUE; |
| 370 const wchar_t* app_name = app_unicode ? app_unicode->Buffer : NULL; | 395 } while (false); |
| 371 const wchar_t* cur_dir = NULL; | 396 } |
| 372 | |
| 373 wchar_t current_directory[MAX_PATH]; | |
| 374 DWORD result = ::GetCurrentDirectory(MAX_PATH, current_directory); | |
| 375 if (0 != result && result < MAX_PATH) | |
| 376 cur_dir = current_directory; | |
| 377 | |
| 378 SharedMemIPCClient ipc(memory); | |
| 379 CrossCallReturn answer = {0}; | |
| 380 | |
| 381 InOutCountedBuffer proc_info(process_information, | |
| 382 sizeof(PROCESS_INFORMATION)); | |
| 383 | |
| 384 ResultCode code = CrossCall(ipc, IPC_CREATEPROCESSW_TAG, app_name, | |
| 385 cmd_line, cur_dir, proc_info, &answer); | |
| 386 | |
| 387 operator delete(cmd_unicode, NT_ALLOC); | |
| 388 operator delete(app_unicode, NT_ALLOC); | |
| 389 | |
| 390 if (SBOX_ALL_OK != code) | |
| 391 break; | |
| 392 | |
| 393 ::SetLastError(answer.win32_result); | |
| 394 if (ERROR_SUCCESS != answer.win32_result) | |
| 395 return FALSE; | |
| 396 | |
| 397 return TRUE; | |
| 398 } while (false); | |
| 399 | 397 |
| 400 ::SetLastError(original_error); | 398 ::SetLastError(original_error); |
| 401 return FALSE; | 399 return FALSE; |
| 402 } | 400 } |
| 403 | 401 |
| 404 } // namespace sandbox | 402 } // namespace sandbox |
| OLD | NEW |
