sandbox/win/src/broker_services.cc - Issue 1826223004: Correctly handle child processes of sandboxed target processes.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: sandbox/win/src/broker_services.cc

Issue 1826223004: Correctly handle child processes of sandboxed target processes. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: remove unused test Created 4 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: sandbox/win/src/broker_services.cc

diff --git a/sandbox/win/src/broker_services.cc b/sandbox/win/src/broker_services.cc

index c3b490931d5c4bf84940a4a05111b5358c048cc9..a68f36ec88c6bb57c9564258818b55206f1a923e 100644

--- a/sandbox/win/src/broker_services.cc

+++ b/sandbox/win/src/broker_services.cc

@@ -195,6 +195,7 @@ DWORD WINAPI BrokerServicesBase::TargetEventsThread(PVOID param) {

HANDLE no_targets = broker->no_targets_.Get();

int target_counter = 0;

+ int untracked_target_counter = 0;

::ResetEvent(no_targets);

while (true) {

@@ -226,6 +227,14 @@ DWORD WINAPI BrokerServicesBase::TargetEventsThread(PVOID param) {

}

case JOB_OBJECT_MSG_NEW_PROCESS: {

+ DWORD handle = static_cast<DWORD>(reinterpret_cast<uintptr_t>(ovl));

+ {

+ AutoLock lock(&broker->lock_);

+ size_t count = broker->child_process_ids_.count(handle);

+ // Child process created from sandboxed process.

+ if (count == 0)

+ untracked_target_counter++;

+ }

++target_counter;

if (1 == target_counter) {

::ResetEvent(no_targets);

@@ -235,11 +244,17 @@ DWORD WINAPI BrokerServicesBase::TargetEventsThread(PVOID param) {

case JOB_OBJECT_MSG_EXIT_PROCESS:

case JOB_OBJECT_MSG_ABNORMAL_EXIT_PROCESS: {

+ size_t erase_result = 0;

{

AutoLock lock(&broker->lock_);

- broker->child_process_ids_.erase(

+ erase_result = broker->child_process_ids_.erase(

static_cast<DWORD>(reinterpret_cast<uintptr_t>(ovl)));

}

+ if (erase_result != 1U) {

+ // The process was untracked e.g. a child process of the target.

+ --untracked_target_counter;

+ DCHECK(untracked_target_counter >= 0);

+ }

--target_counter;

if (0 == target_counter)

::SetEvent(no_targets);

@@ -249,6 +264,10 @@ DWORD WINAPI BrokerServicesBase::TargetEventsThread(PVOID param) {

}

case JOB_OBJECT_MSG_ACTIVE_PROCESS_LIMIT: {

+ // A child process attempted and failed to create a child process.

+ // Windows does not reveal the process id.

+ untracked_target_counter++;

+ target_counter++;

break;

}

« no previous file with comments | « no previous file | sandbox/win/src/process_mitigations_test.cc » ('j') | no next file with comments »