| Index: sandbox/win/src/target_process.cc
|
| diff --git a/sandbox/win/src/target_process.cc b/sandbox/win/src/target_process.cc
|
| index 495d35c9df0cca2b639b3912f75c80726e32da00..ad0b7d3644a8972413c2fdb9ee7514b9262e33e7 100644
|
| --- a/sandbox/win/src/target_process.cc
|
| +++ b/sandbox/win/src/target_process.cc
|
| @@ -119,15 +119,17 @@ TargetProcess::~TargetProcess() {
|
|
|
| // Creates the target (child) process suspended and assigns it to the job
|
| // object.
|
| -DWORD TargetProcess::Create(const wchar_t* exe_path,
|
| - const wchar_t* command_line,
|
| - bool inherit_handles,
|
| - const base::win::StartupInformation& startup_info,
|
| - base::win::ScopedProcessInformation* target_info) {
|
| +ResultCode TargetProcess::Create(
|
| + const wchar_t* exe_path,
|
| + const wchar_t* command_line,
|
| + bool inherit_handles,
|
| + const base::win::StartupInformation& startup_info,
|
| + base::win::ScopedProcessInformation* target_info,
|
| + DWORD* win_error) {
|
| if (lowbox_token_.IsValid() &&
|
| base::win::GetVersion() < base::win::VERSION_WIN8) {
|
| // We don't allow lowbox_token below Windows 8.
|
| - return ERROR_INVALID_PARAMETER;
|
| + return SBOX_ERROR_BAD_PARAMS;
|
| }
|
|
|
| exe_name_.reset(_wcsdup(exe_path));
|
| @@ -157,18 +159,17 @@ DWORD TargetProcess::Create(const wchar_t* exe_path,
|
| NULL, // Use current directory of the caller.
|
| startup_info.startup_info(),
|
| &temp_process_info)) {
|
| - return ::GetLastError();
|
| + *win_error = ::GetLastError();
|
| + return SBOX_ERROR_CREATE_PROCESS;
|
| }
|
| base::win::ScopedProcessInformation process_info(temp_process_info);
|
|
|
| - DWORD win_result = ERROR_SUCCESS;
|
| -
|
| if (job_) {
|
| // Assign the suspended target to the windows job object.
|
| if (!::AssignProcessToJobObject(job_, process_info.process_handle())) {
|
| - win_result = ::GetLastError();
|
| + *win_error = ::GetLastError();
|
| ::TerminateProcess(process_info.process_handle(), 0);
|
| - return win_result;
|
| + return SBOX_ERROR_ASSIGN_PROCESS_TO_JOB_OBJECT;
|
| }
|
| }
|
|
|
| @@ -178,11 +179,11 @@ DWORD TargetProcess::Create(const wchar_t* exe_path,
|
| // otherwise it will crash too early for us to help.
|
| HANDLE temp_thread = process_info.thread_handle();
|
| if (!::SetThreadToken(&temp_thread, initial_token_.Get())) {
|
| - win_result = ::GetLastError();
|
| + *win_error = ::GetLastError();
|
| // It might be a security breach if we let the target run outside the job
|
| // so kill it before it causes damage.
|
| ::TerminateProcess(process_info.process_handle(), 0);
|
| - return win_result;
|
| + return SBOX_ERROR_SET_THREAD_TOKEN;
|
| }
|
| initial_token_.Close();
|
| }
|
| @@ -190,9 +191,9 @@ DWORD TargetProcess::Create(const wchar_t* exe_path,
|
| CONTEXT context;
|
| context.ContextFlags = CONTEXT_ALL;
|
| if (!::GetThreadContext(process_info.thread_handle(), &context)) {
|
| - win_result = ::GetLastError();
|
| + *win_error = ::GetLastError();
|
| ::TerminateProcess(process_info.process_handle(), 0);
|
| - return win_result;
|
| + return SBOX_ERROR_GET_THREAD_CONTEXT;
|
| }
|
|
|
| #if defined(_WIN64)
|
| @@ -206,9 +207,9 @@ DWORD TargetProcess::Create(const wchar_t* exe_path,
|
| #endif // _WIN64
|
|
|
| if (!target_info->DuplicateFrom(process_info)) {
|
| - win_result = ::GetLastError(); // This may or may not be correct.
|
| + *win_error = ::GetLastError(); // This may or may not be correct.
|
| ::TerminateProcess(process_info.process_handle(), 0);
|
| - return win_result;
|
| + return SBOX_ERROR_DUPLICATE_TARGET_INFO;
|
| }
|
|
|
| if (lowbox_token_.IsValid()) {
|
| @@ -224,15 +225,15 @@ DWORD TargetProcess::Create(const wchar_t* exe_path,
|
| static_cast<PROCESS_INFORMATION_CLASS>(NtProcessInformationAccessToken),
|
| &process_access_token, sizeof(process_access_token));
|
| if (!NT_SUCCESS(status)) {
|
| - win_result = ERROR_INVALID_TOKEN;
|
| + *win_error = ERROR_INVALID_TOKEN;
|
| ::TerminateProcess(process_info.process_handle(), 0); // exit code
|
| - return win_result;
|
| + return SBOX_ERROR_SET_LOW_BOX_TOKEN;
|
| }
|
| }
|
|
|
| base_address_ = GetBaseAddress(exe_path, entry_point);
|
| sandbox_process_info_.Set(process_info.Take());
|
| - return win_result;
|
| + return SBOX_ALL_OK;
|
| }
|
|
|
| ResultCode TargetProcess::TransferVariable(const char* name, void* address,
|
| @@ -271,10 +272,11 @@ ResultCode TargetProcess::TransferVariable(const char* name, void* address,
|
|
|
| // Construct the IPC server and the IPC dispatcher. When the target does
|
| // an IPC it will eventually call the dispatcher.
|
| -DWORD TargetProcess::Init(Dispatcher* ipc_dispatcher,
|
| - void* policy,
|
| - uint32_t shared_IPC_size,
|
| - uint32_t shared_policy_size) {
|
| +ResultCode TargetProcess::Init(Dispatcher* ipc_dispatcher,
|
| + void* policy,
|
| + uint32_t shared_IPC_size,
|
| + uint32_t shared_policy_size,
|
| + DWORD* win_error) {
|
| // We need to map the shared memory on the target. This is necessary for
|
| // any IPC that needs to take place, even if the target has not yet hit
|
| // the main( ) function or even has initialized the CRT. So here we set
|
| @@ -288,7 +290,8 @@ DWORD TargetProcess::Init(Dispatcher* ipc_dispatcher,
|
| PAGE_READWRITE | SEC_COMMIT,
|
| 0, shared_mem_size, NULL));
|
| if (!shared_section_.IsValid()) {
|
| - return ::GetLastError();
|
| + *win_error = ::GetLastError();
|
| + return SBOX_ERROR_CREATE_FILE_MAPPING;
|
| }
|
|
|
| DWORD access = FILE_MAP_READ | FILE_MAP_WRITE | SECTION_QUERY;
|
| @@ -296,14 +299,16 @@ DWORD TargetProcess::Init(Dispatcher* ipc_dispatcher,
|
| if (!::DuplicateHandle(::GetCurrentProcess(), shared_section_.Get(),
|
| sandbox_process_info_.process_handle(),
|
| &target_shared_section, access, FALSE, 0)) {
|
| - return ::GetLastError();
|
| + *win_error = ::GetLastError();
|
| + return SBOX_ERROR_DUPLICATE_SHARED_SECTION;
|
| }
|
|
|
| void* shared_memory = ::MapViewOfFile(shared_section_.Get(),
|
| FILE_MAP_WRITE|FILE_MAP_READ,
|
| 0, 0, 0);
|
| if (NULL == shared_memory) {
|
| - return ::GetLastError();
|
| + *win_error = ::GetLastError();
|
| + return SBOX_ERROR_MAP_VIEW_OF_SHARED_SECTION;
|
| }
|
|
|
| CopyPolicyToTarget(policy, shared_policy_size,
|
| @@ -316,24 +321,24 @@ DWORD TargetProcess::Init(Dispatcher* ipc_dispatcher,
|
| sizeof(g_shared_section));
|
| g_shared_section = NULL;
|
| if (SBOX_ALL_OK != ret) {
|
| - return (SBOX_ERROR_GENERIC == ret)?
|
| - ::GetLastError() : ERROR_INVALID_FUNCTION;
|
| + *win_error = ::GetLastError();
|
| + return ret;
|
| }
|
| g_shared_IPC_size = shared_IPC_size;
|
| ret = TransferVariable("g_shared_IPC_size", &g_shared_IPC_size,
|
| sizeof(g_shared_IPC_size));
|
| g_shared_IPC_size = 0;
|
| if (SBOX_ALL_OK != ret) {
|
| - return (SBOX_ERROR_GENERIC == ret) ?
|
| - ::GetLastError() : ERROR_INVALID_FUNCTION;
|
| + *win_error = ::GetLastError();
|
| + return ret;
|
| }
|
| g_shared_policy_size = shared_policy_size;
|
| ret = TransferVariable("g_shared_policy_size", &g_shared_policy_size,
|
| sizeof(g_shared_policy_size));
|
| g_shared_policy_size = 0;
|
| if (SBOX_ALL_OK != ret) {
|
| - return (SBOX_ERROR_GENERIC == ret) ?
|
| - ::GetLastError() : ERROR_INVALID_FUNCTION;
|
| + *win_error = ::GetLastError();
|
| + return ret;
|
| }
|
|
|
| ipc_server_.reset(
|
| @@ -342,12 +347,12 @@ DWORD TargetProcess::Init(Dispatcher* ipc_dispatcher,
|
| thread_pool_, ipc_dispatcher));
|
|
|
| if (!ipc_server_->Init(shared_memory, shared_IPC_size, kIPCChannelSize))
|
| - return ERROR_NOT_ENOUGH_MEMORY;
|
| + return SBOX_ERROR_NO_SPACE;
|
|
|
| // After this point we cannot use this handle anymore.
|
| ::CloseHandle(sandbox_process_info_.TakeThreadHandle());
|
|
|
| - return ERROR_SUCCESS;
|
| + return SBOX_ALL_OK;
|
| }
|
|
|
| void TargetProcess::Terminate() {
|
|
|
Chromium Code Reviews
Issue 1923653002:
Wire up process launch error codes. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master