| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/target_process.h" | 5 #include "sandbox/win/src/target_process.h" |
| 6 | 6 |
| 7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
| 8 #include "base/macros.h" | 8 #include "base/macros.h" |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/win/pe_image.h" | 10 #include "base/win/pe_image.h" |
| (...skipping 266 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 277 // We use this single memory pool for IPC and for policy. | 277 // We use this single memory pool for IPC and for policy. |
| 278 DWORD shared_mem_size = static_cast<DWORD>(shared_IPC_size + | 278 DWORD shared_mem_size = static_cast<DWORD>(shared_IPC_size + |
| 279 shared_policy_size); | 279 shared_policy_size); |
| 280 shared_section_.Set(::CreateFileMappingW(INVALID_HANDLE_VALUE, NULL, | 280 shared_section_.Set(::CreateFileMappingW(INVALID_HANDLE_VALUE, NULL, |
| 281 PAGE_READWRITE | SEC_COMMIT, | 281 PAGE_READWRITE | SEC_COMMIT, |
| 282 0, shared_mem_size, NULL)); | 282 0, shared_mem_size, NULL)); |
| 283 if (!shared_section_.IsValid()) { | 283 if (!shared_section_.IsValid()) { |
| 284 return ::GetLastError(); | 284 return ::GetLastError(); |
| 285 } | 285 } |
| 286 | 286 |
| 287 DWORD access = FILE_MAP_READ | FILE_MAP_WRITE; | 287 DWORD access = FILE_MAP_READ | FILE_MAP_WRITE | SECTION_QUERY; |
| 288 HANDLE target_shared_section; | 288 HANDLE target_shared_section; |
| 289 if (!::DuplicateHandle(::GetCurrentProcess(), shared_section_.Get(), | 289 if (!::DuplicateHandle(::GetCurrentProcess(), shared_section_.Get(), |
| 290 sandbox_process_info_.process_handle(), | 290 sandbox_process_info_.process_handle(), |
| 291 &target_shared_section, access, FALSE, 0)) { | 291 &target_shared_section, access, FALSE, 0)) { |
| 292 return ::GetLastError(); | 292 return ::GetLastError(); |
| 293 } | 293 } |
| 294 | 294 |
| 295 void* shared_memory = ::MapViewOfFile(shared_section_.Get(), | 295 void* shared_memory = ::MapViewOfFile(shared_section_.Get(), |
| 296 FILE_MAP_WRITE|FILE_MAP_READ, | 296 FILE_MAP_WRITE|FILE_MAP_READ, |
| 297 0, 0, 0); | 297 0, 0, 0); |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 355 new TargetProcess(base::win::ScopedHandle(), base::win::ScopedHandle(), | 355 new TargetProcess(base::win::ScopedHandle(), base::win::ScopedHandle(), |
| 356 base::win::ScopedHandle(), NULL, NULL); | 356 base::win::ScopedHandle(), NULL, NULL); |
| 357 PROCESS_INFORMATION process_info = {}; | 357 PROCESS_INFORMATION process_info = {}; |
| 358 process_info.hProcess = process; | 358 process_info.hProcess = process; |
| 359 target->sandbox_process_info_.Set(process_info); | 359 target->sandbox_process_info_.Set(process_info); |
| 360 target->base_address_ = base_address; | 360 target->base_address_ = base_address; |
| 361 return target; | 361 return target; |
| 362 } | 362 } |
| 363 | 363 |
| 364 } // namespace sandbox | 364 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1501003002:
Added protection against mapping image sections between processes. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master