Index: content/common/sandbox_win.cc |
diff --git a/content/common/sandbox_win.cc b/content/common/sandbox_win.cc |
index e131fcf0be8a2ef87950b7e4990667b29534af37..e2992d106a4faa80e64a2c0329fbaf50b1342ccc 100644 |
--- a/content/common/sandbox_win.cc |
+++ b/content/common/sandbox_win.cc |
@@ -12,6 +12,7 @@ |
#include "base/files/file_util.h" |
#include "base/hash.h" |
#include "base/logging.h" |
+#include "base/memory/ref_counted.h" |
#include "base/memory/shared_memory.h" |
#include "base/metrics/field_trial.h" |
#include "base/metrics/sparse_histogram.h" |
@@ -691,7 +692,8 @@ base::Process StartSandboxedProcess( |
return process.Pass(); |
} |
- sandbox::TargetPolicy* policy = g_broker_services->CreatePolicy(); |
+ scoped_refptr<sandbox::TargetPolicy> policy = |
+ g_broker_services->CreatePolicy(); |
sandbox::MitigationFlags mitigations = sandbox::MITIGATION_HEAP_TERMINATE | |
sandbox::MITIGATION_BOTTOM_UP_ASLR | |
@@ -705,7 +707,7 @@ base::Process StartSandboxedProcess( |
#if !defined(NACL_WIN64) |
if (type_str == switches::kRendererProcess && |
IsWin32kRendererLockdownEnabled()) { |
- if (!AddWin32kLockdownPolicy(policy)) |
+ if (!AddWin32kLockdownPolicy(policy.get())) |
return base::Process(); |
} |
#endif |
@@ -716,10 +718,10 @@ base::Process StartSandboxedProcess( |
if (policy->SetDelayedProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK) |
return base::Process(); |
- SetJobLevel(*cmd_line, sandbox::JOB_LOCKDOWN, 0, policy); |
+ SetJobLevel(*cmd_line, sandbox::JOB_LOCKDOWN, 0, policy.get()); |
if (!delegate->DisableDefaultPolicy()) { |
- if (!AddPolicyForSandboxedProcess(policy)) |
+ if (!AddPolicyForSandboxedProcess(policy.get())) |
return base::Process(); |
} |
@@ -731,7 +733,7 @@ base::Process StartSandboxedProcess( |
NULL, |
true, |
sandbox::TargetPolicy::FILES_ALLOW_READONLY, |
- policy); |
+ policy.get()); |
// If DirectWrite is enabled for font rendering then open the font cache |
// section which is created by the browser and pass the handle to the |
@@ -759,7 +761,7 @@ base::Process StartSandboxedProcess( |
cmd_line->AppendSwitchASCII("ignored", " --type=renderer "); |
} |
- if (!AddGenericPolicy(policy)) { |
+ if (!AddGenericPolicy(policy.get())) { |
NOTREACHED(); |
return base::Process(); |
} |
@@ -782,7 +784,7 @@ base::Process StartSandboxedProcess( |
policy->SetStderrHandle(GetStdHandle(STD_ERROR_HANDLE)); |
#endif |
- if (!delegate->PreSpawnTarget(policy)) |
+ if (!delegate->PreSpawnTarget(policy.get())) |
return base::Process(); |
TRACE_EVENT_BEGIN0("startup", "StartProcessWithAccess::LAUNCHPROCESS"); |