Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(362)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/process_thread_policy.cc

Issue 1849323003: Convert //sandbox to use std::unique_ptr (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: fixup nonsfi_sandbox_unittest.cc Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/win/src/process_policy_test.cc ('k') | sandbox/win/src/restricted_token.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/win/src/process_thread_policy.h" 5 #include "sandbox/win/src/process_thread_policy.h"
6 6
7 #include <stdint.h> 7 #include <stdint.h>
8 8
9 #include <memory>
9 #include <string> 10 #include <string>
10 11
11 #include "base/memory/free_deleter.h" 12 #include "base/memory/free_deleter.h"
12 #include "base/memory/scoped_ptr.h"
13 #include "sandbox/win/src/ipc_tags.h" 13 #include "sandbox/win/src/ipc_tags.h"
14 #include "sandbox/win/src/nt_internals.h" 14 #include "sandbox/win/src/nt_internals.h"
15 #include "sandbox/win/src/policy_engine_opcodes.h" 15 #include "sandbox/win/src/policy_engine_opcodes.h"
16 #include "sandbox/win/src/policy_params.h" 16 #include "sandbox/win/src/policy_params.h"
17 #include "sandbox/win/src/sandbox_types.h" 17 #include "sandbox/win/src/sandbox_types.h"
18 #include "sandbox/win/src/win_utils.h" 18 #include "sandbox/win/src/win_utils.h"
19 19
20 namespace { 20 namespace {
21 21
22 // These are the only safe rights that can be given to a sandboxed 22 // These are the only safe rights that can be given to a sandboxed
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after
72 return TRUE; 72 return TRUE;
73 } 73 }
74 74
75 } 75 }
76 76
77 namespace sandbox { 77 namespace sandbox {
78 78
79 bool ProcessPolicy::GenerateRules(const wchar_t* name, 79 bool ProcessPolicy::GenerateRules(const wchar_t* name,
80 TargetPolicy::Semantics semantics, 80 TargetPolicy::Semantics semantics,
81 LowLevelPolicy* policy) { 81 LowLevelPolicy* policy) {
82 scoped_ptr<PolicyRule> process; 82 std::unique_ptr<PolicyRule> process;
83 switch (semantics) { 83 switch (semantics) {
84 case TargetPolicy::PROCESS_MIN_EXEC: { 84 case TargetPolicy::PROCESS_MIN_EXEC: {
85 process.reset(new PolicyRule(GIVE_READONLY)); 85 process.reset(new PolicyRule(GIVE_READONLY));
86 break; 86 break;
87 }; 87 };
88 case TargetPolicy::PROCESS_ALL_EXEC: { 88 case TargetPolicy::PROCESS_ALL_EXEC: {
89 process.reset(new PolicyRule(GIVE_ALLACCESS)); 89 process.reset(new PolicyRule(GIVE_ALLACCESS));
90 break; 90 break;
91 }; 91 };
92 default: { 92 default: {
(...skipping 126 matching lines...) Expand 10 before | Expand all | Expand 10 after
219 const base::string16 &app_name, 219 const base::string16 &app_name,
220 const base::string16 &command_line, 220 const base::string16 &command_line,
221 PROCESS_INFORMATION* process_info) { 221 PROCESS_INFORMATION* process_info) {
222 // The only action supported is ASK_BROKER which means create the process. 222 // The only action supported is ASK_BROKER which means create the process.
223 if (GIVE_ALLACCESS != eval_result && GIVE_READONLY != eval_result) { 223 if (GIVE_ALLACCESS != eval_result && GIVE_READONLY != eval_result) {
224 return ERROR_ACCESS_DENIED; 224 return ERROR_ACCESS_DENIED;
225 } 225 }
226 226
227 STARTUPINFO startup_info = {0}; 227 STARTUPINFO startup_info = {0};
228 startup_info.cb = sizeof(startup_info); 228 startup_info.cb = sizeof(startup_info);
229 scoped_ptr<wchar_t, base::FreeDeleter> 229 std::unique_ptr<wchar_t, base::FreeDeleter> cmd_line(
230 cmd_line(_wcsdup(command_line.c_str())); 230 _wcsdup(command_line.c_str()));
231 231
232 BOOL should_give_full_access = (GIVE_ALLACCESS == eval_result); 232 BOOL should_give_full_access = (GIVE_ALLACCESS == eval_result);
233 if (!CreateProcessExWHelper(client_info.process, should_give_full_access, 233 if (!CreateProcessExWHelper(client_info.process, should_give_full_access,
234 app_name.c_str(), cmd_line.get(), NULL, NULL, 234 app_name.c_str(), cmd_line.get(), NULL, NULL,
235 FALSE, 0, NULL, NULL, &startup_info, 235 FALSE, 0, NULL, NULL, &startup_info,
236 process_info)) { 236 process_info)) {
237 return ERROR_ACCESS_DENIED; 237 return ERROR_ACCESS_DENIED;
238 } 238 }
239 return ERROR_SUCCESS; 239 return ERROR_SUCCESS;
240 } 240 }
(...skipping 14 matching lines...) Expand all
255 } 255 }
256 if (!::DuplicateHandle(::GetCurrentProcess(), local_handle, 256 if (!::DuplicateHandle(::GetCurrentProcess(), local_handle,
257 client_info.process, handle, 0, FALSE, 257 client_info.process, handle, 0, FALSE,
258 DUPLICATE_CLOSE_SOURCE | DUPLICATE_SAME_ACCESS)) { 258 DUPLICATE_CLOSE_SOURCE | DUPLICATE_SAME_ACCESS)) {
259 return ERROR_ACCESS_DENIED; 259 return ERROR_ACCESS_DENIED;
260 } 260 }
261 return ERROR_SUCCESS; 261 return ERROR_SUCCESS;
262 } 262 }
263 263
264 } // namespace sandbox 264 } // namespace sandbox
OLDNEW
« no previous file with comments | « sandbox/win/src/process_policy_test.cc ('k') | sandbox/win/src/restricted_token.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698