Wire up process launch error codes.

sandbox/win/src/broker_services.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "sandbox/win/src/broker_services.h"
 
 #include <AclAPI.h>
 #include <stddef.h>
 
 #include <memory>
@@ skipping 426 matching lines @@
   if (NULL == thread_pool_)
     thread_pool_ = new Win2kThreadPool();
 
   // Create the TargetProcess object and spawn the target suspended. Note that
   // Brokerservices does not own the target object. It is owned by the Policy.
   base::win::ScopedProcessInformation process_info;
   TargetProcess* target =
       new TargetProcess(std::move(initial_token), std::move(lockdown_token),
                         std::move(lowbox_token), job.Get(), thread_pool_);
 
-  DWORD win_result = target->Create(exe_path, command_line, inherit_handles,
-                                    startup_info, &process_info);
+  DWORD win_result;
+  result = target->Create(exe_path, command_line, inherit_handles, startup_info,
+                          &process_info, &win_result);
 
-  if (ERROR_SUCCESS != win_result) {
+  if (result != SBOX_ALL_OK) {
     SpawnCleanup(target, win_result);
-    return SBOX_ERROR_CREATE_PROCESS;
+    return result;
   }
 
   // Now the policy is the owner of the target.
-  if (!policy_base->AddTarget(target)) {
-    return SpawnCleanup(target, 0);
+  result = policy_base->AddTarget(target);
+
+  if (result != SBOX_ALL_OK) {
+    SpawnCleanup(target, 0);
+    return result;
   }
 
   // We are going to keep a pointer to the policy because we'll call it when
   // the job object generates notifications using the completion port.
   policy_base->AddRef();
   if (job.IsValid()) {
     std::unique_ptr<JobTracker> tracker(
         new JobTracker(std::move(job), policy_base));
 
     // There is no obvious recovery after failure here. Previous version with
     // SpawnCleanup() caused deletion of TargetProcess twice. crbug.com/480639
     CHECK(AssociateCompletionPort(tracker->job.Get(), job_port_.Get(),
                                   tracker.get()));
 
     // Save the tracker because in cleanup we might need to force closing
     // the Jobs.
     tracker_list_.push_back(tracker.release());
     child_process_ids_.insert(process_info.process_id());
   } else {
     // We have to signal the event once here because the completion port will
     // never get a message that this target is being terminated thus we should
     // not block WaitForAllTargets until we have at least one target with job.
     if (child_process_ids_.empty())
       ::SetEvent(no_targets_.Get());
     // We can not track the life time of such processes and it is responsibility
     // of the host application to make sure that spawned targets without jobs
     // are terminated when the main application don't need them anymore.
     // Sandbox policy engine needs to know that these processes are valid
     // targets for e.g. BrokerDuplicateHandle so track them as peer processes.
-    AddTargetPeer(process_info.process_handle());
+    result = AddTargetPeer(process_info.process_handle());
   }
 
   *target_info = process_info.Take();
-  return SBOX_ALL_OK;
+  return result;
 }
 
 
 ResultCode BrokerServicesBase::WaitForAllTargets() {
   ::WaitForSingleObject(no_targets_.Get(), INFINITE);
   return SBOX_ALL_OK;
 }
 
 bool BrokerServicesBase::IsActiveTarget(DWORD process_id) {
   AutoLock lock(&lock_);
@@ skipping 33 matching lines @@
     peer_map_.erase(peer->id);
     return SBOX_ERROR_GENERIC;
   }
 
   // Release the pointer since it will be cleaned up by the callback.
   ignore_result(peer.release());
   return SBOX_ALL_OK;
 }
 
 }  // namespace sandbox