Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(6793)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/nacl/nacl_ipc_adapter.cc

Issue 18063005: Do PPB_FileIO Query and Read in the plugin process. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebase to David's latest. Created 7 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | content/renderer/pepper/pepper_file_io_host.h » ('j') | ppapi/proxy/file_io_resource.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/nacl/nacl_ipc_adapter.cc
diff --git a/chrome/nacl/nacl_ipc_adapter.cc b/chrome/nacl/nacl_ipc_adapter.cc
index a25709908109bbfe947416768412ee60fc7af0a1..e94c761bfaf0ceb0a42ccb115a54188a2c911acb 100644
--- a/chrome/nacl/nacl_ipc_adapter.cc
+++ b/chrome/nacl/nacl_ipc_adapter.cc
@@ -435,6 +435,12 @@ bool NaClIPCAdapter::OnMessageReceived(const IPC::Message& msg) {
break;
}
case ppapi::proxy::SerializedHandle::FILE:
+ // IMPORTANT: The NaClDescIoDescFromHandleAllocCtor function creates
+ // a NaClDesc that checks the flags before reading and writing. This
+ // is necessary since PPB_FileIO now sends a file descriptor which may
+ // have write capabilities, and we don't want the plugin to be able to
+ // write with it and so bypass quota checks, which still happen in the
+ // host.
nacl_desc.reset(new NaClDescWrapper(NaClDescIoDescFromHandleAllocCtor(
#if defined(OS_WIN)
iter->descriptor(),
« no previous file with comments | « no previous file | content/renderer/pepper/pepper_file_io_host.h » ('j') | ppapi/proxy/file_io_resource.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698