| Index: sandbox/win/src/broker_services.cc
|
| diff --git a/sandbox/win/src/broker_services.cc b/sandbox/win/src/broker_services.cc
|
| index 57f197f26ee71d84a73f255f5faf30d587ec4722..bcba8b8ac2afff4f7d659995191a8ee158b4d722 100644
|
| --- a/sandbox/win/src/broker_services.cc
|
| +++ b/sandbox/win/src/broker_services.cc
|
| @@ -9,6 +9,7 @@
|
|
|
| #include "base/logging.h"
|
| #include "base/macros.h"
|
| +#include "base/memory/ref_counted.h"
|
| #include "base/memory/scoped_ptr.h"
|
| #include "base/stl_util.h"
|
| #include "base/threading/platform_thread.h"
|
| @@ -58,19 +59,17 @@ enum {
|
| // Helper structure that allows the Broker to associate a job notification
|
| // with a job object and with a policy.
|
| struct JobTracker {
|
| - JobTracker(base::win::ScopedHandle job, sandbox::TargetPolicy* policy)
|
| - : job(job.Pass()), policy(policy) {
|
| - }
|
| - ~JobTracker() {
|
| - FreeResources();
|
| - }
|
| + JobTracker(base::win::ScopedHandle job,
|
| + scoped_refptr<sandbox::TargetPolicy> policy)
|
| + : job(job.Pass()), policy(policy.Pass()) {}
|
| + ~JobTracker() { FreeResources(); }
|
|
|
| // Releases the Job and notifies the associated Policy object to release its
|
| // resources as well.
|
| void FreeResources();
|
|
|
| base::win::ScopedHandle job;
|
| - sandbox::TargetPolicy* policy;
|
| + scoped_refptr<sandbox::TargetPolicy> policy;
|
| };
|
|
|
| void JobTracker::FreeResources() {
|
| @@ -84,7 +83,6 @@ void JobTracker::FreeResources() {
|
|
|
| // In OnJobEmpty() we don't actually use the job handle directly.
|
| policy->OnJobEmpty(stale_job_handle);
|
| - policy->Release();
|
| policy = NULL;
|
| }
|
| }
|
| @@ -174,8 +172,8 @@ BrokerServicesBase::~BrokerServicesBase() {
|
| ::DeleteCriticalSection(&lock_);
|
| }
|
|
|
| -TargetPolicy* BrokerServicesBase::CreatePolicy() {
|
| - return new TargetPolicy;
|
| +scoped_refptr<TargetPolicy> BrokerServicesBase::CreatePolicy() {
|
| + return make_scoped_refptr(new TargetPolicy);
|
| }
|
|
|
| // The worker thread stays in a loop waiting for asynchronous notifications
|
| @@ -219,6 +217,7 @@ DWORD WINAPI BrokerServicesBase::TargetEventsThread(PVOID param) {
|
| // to appear out of thin air in this job, it safe to assume that
|
| // we can tell the policy to destroy the target object, and for
|
| // us to release our reference to the policy object.
|
| + // TODO(rickyz): Is tracker removed from tracker_list_ or destroyed?
|
| tracker->FreeResources();
|
| break;
|
| }
|
| @@ -286,7 +285,7 @@ DWORD WINAPI BrokerServicesBase::TargetEventsThread(PVOID param) {
|
| // process inside the sandbox.
|
| ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
|
| const wchar_t* command_line,
|
| - TargetPolicy* policy,
|
| + scoped_refptr<TargetPolicy> policy,
|
| PROCESS_INFORMATION* target_info) {
|
| if (!exe_path)
|
| return SBOX_ERROR_BAD_PARAMS;
|
| @@ -431,11 +430,8 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
|
| return SpawnCleanup(target, 0);
|
| }
|
|
|
| - // We are going to keep a pointer to the policy because we'll call it when
|
| - // the job object generates notifications using the completion port.
|
| - policy->AddRef();
|
| if (job.IsValid()) {
|
| - scoped_ptr<JobTracker> tracker(new JobTracker(job.Pass(), policy));
|
| + scoped_ptr<JobTracker> tracker(new JobTracker(job.Pass(), policy.Pass()));
|
|
|
| // There is no obvious recovery after failure here. Previous version with
|
| // SpawnCleanup() caused deletion of TargetProcess twice. crbug.com/480639
|
|
|
Chromium Code Reviews
Issue 1378523002:
Use scoped_refptr and RefCountedThreadSafe for TargetPolicy.
Base URL: https://chromium.googlesource.com/chromium/src.git@master