Wire up process launch error codes.

sandbox/win/src/broker_services.cc

Index: sandbox/win/src/broker_services.cc
diff --git a/sandbox/win/src/broker_services.cc b/sandbox/win/src/broker_services.cc
index 32b11f8076d992ec36bec316f313d4840253c1c4..9546486d1061fa030894b79560e4d7f377e8fbc4 100644
--- a/sandbox/win/src/broker_services.cc
+++ b/sandbox/win/src/broker_services.cc
@@ -444,17 +444,21 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
       new TargetProcess(std::move(initial_token), std::move(lockdown_token),
                         std::move(lowbox_token), job.Get(), thread_pool_);
 
-  DWORD win_result = target->Create(exe_path, command_line, inherit_handles,
-                                    startup_info, &process_info);
+  DWORD win_result;
+  result = target->Create(exe_path, command_line, inherit_handles, startup_info,
+                          &process_info, &win_result);
 
-  if (ERROR_SUCCESS != win_result) {
+  if (result != SBOX_ALL_OK) {
     SpawnCleanup(target, win_result);
-    return SBOX_ERROR_CREATE_PROCESS;
+    return result;
   }
 
   // Now the policy is the owner of the target.
-  if (!policy_base->AddTarget(target)) {
-    return SpawnCleanup(target, 0);
+  result = policy_base->AddTarget(target);
+
+  if (result != SBOX_ALL_OK) {
+    SpawnCleanup(target, 0);
+    return result;
   }
 
   // We are going to keep a pointer to the policy because we'll call it when
@@ -484,11 +488,11 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
     // are terminated when the main application don't need them anymore.
     // Sandbox policy engine needs to know that these processes are valid
     // targets for e.g. BrokerDuplicateHandle so track them as peer processes.
-    AddTargetPeer(process_info.process_handle());
+    result = AddTargetPeer(process_info.process_handle());
   }
 
   *target_info = process_info.Take();
-  return SBOX_ALL_OK;
+  return result;
 }