Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(456)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/common/sandbox_init_win.cc

Issue 1501003002: Added protection against mapping image sections between processes. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fixes from review Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « base/memory/shared_memory_win.cc ('k') | sandbox/win/src/target_process.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/common/sandbox_init_win.cc
diff --git a/content/common/sandbox_init_win.cc b/content/common/sandbox_init_win.cc
index e1c07c940ab76a6900c50cf143d365d3084c09b0..78c1fef251dc4e04ca545324185c185ead3de3f1 100644
--- a/content/common/sandbox_init_win.cc
+++ b/content/common/sandbox_init_win.cc
@@ -47,9 +47,9 @@ bool BrokerDuplicateSharedMemoryHandle(
base::ProcessId target_process_id,
base::SharedMemoryHandle* target_handle) {
HANDLE duped_handle;
- if (!BrokerDuplicateHandle(source_handle.GetHandle(), target_process_id,
- &duped_handle,
- FILE_GENERIC_READ | FILE_GENERIC_WRITE, 0)) {
+ if (!BrokerDuplicateHandle(
+ source_handle.GetHandle(), target_process_id, &duped_handle,
+ FILE_MAP_READ | FILE_MAP_WRITE | SECTION_QUERY, 0)) {
return false;
}
« no previous file with comments | « base/memory/shared_memory_win.cc ('k') | sandbox/win/src/target_process.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698