Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(215)

Side by Side Diff: chrome/utility/safe_browsing/mac/crdmg.cc

Issue 2369553002: Suppress sandbox deprecation warnings by using the Seatbelt wrapper. (Closed)
Patch Set: Suppress sandbox deprecation warnings by using the Seatbelt wrapper. Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/utility/safe_browsing/mac/BUILD.gn ('k') | ipc/ipc_send_fds_test.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <errno.h> 5 #include <errno.h>
6 #include <fcntl.h> 6 #include <fcntl.h>
7 #include <limits.h> 7 #include <limits.h>
8 #include <sandbox.h> 8 #include <sandbox.h>
9 #include <stddef.h> 9 #include <stddef.h>
10 #include <stdint.h> 10 #include <stdint.h>
11 #include <stdio.h> 11 #include <stdio.h>
12 #include <stdlib.h> 12 #include <stdlib.h>
13 #include <string.h> 13 #include <string.h>
14 #include <sys/stat.h> 14 #include <sys/stat.h>
15 15
16 #include <string> 16 #include <string>
17 17
18 #include "base/files/file.h" 18 #include "base/files/file.h"
19 #include "base/logging.h" 19 #include "base/logging.h"
20 #include "base/macros.h" 20 #include "base/macros.h"
21 #include "base/posix/eintr_wrapper.h" 21 #include "base/posix/eintr_wrapper.h"
22 #include "base/strings/stringprintf.h" 22 #include "base/strings/stringprintf.h"
23 #include "base/strings/utf_string_conversions.h" 23 #include "base/strings/utf_string_conversions.h"
24 #include "chrome/utility/safe_browsing/mac/hfs.h" 24 #include "chrome/utility/safe_browsing/mac/hfs.h"
25 #include "chrome/utility/safe_browsing/mac/read_stream.h" 25 #include "chrome/utility/safe_browsing/mac/read_stream.h"
26 #include "chrome/utility/safe_browsing/mac/udif.h" 26 #include "chrome/utility/safe_browsing/mac/udif.h"
27 #include "sandbox/mac/seatbelt.h"
27 28
28 // This executable only works on 10.10+, so unconditionally use these functions 29 // This executable only works on 10.10+, so unconditionally use these functions
29 // to make sandboxing easier. 30 // to make sandboxing easier.
30 extern "C" { 31 extern "C" {
31 int mkdirat(int, const char *, mode_t); 32 int mkdirat(int, const char *, mode_t);
32 int openat(int, const char *, int, ...); 33 int openat(int, const char *, int, ...);
33 int unlinkat(int, const char *, int); 34 int unlinkat(int, const char *, int);
34 } 35 }
35 36
36 namespace { 37 namespace {
(...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after
149 if (strchr(unpack_path, '"') != 0 || strchr(unpack_path, '\\') != 0) { 150 if (strchr(unpack_path, '"') != 0 || strchr(unpack_path, '\\') != 0) {
150 LOG(ERROR) << "Unpack directory path can't contain quotes or backslashes"; 151 LOG(ERROR) << "Unpack directory path can't contain quotes or backslashes";
151 return false; 152 return false;
152 } 153 }
153 154
154 sbox_profile += base::StringPrintf( 155 sbox_profile += base::StringPrintf(
155 " (allow file-write* (subpath \"%s\"))", unpack_path); 156 " (allow file-write* (subpath \"%s\"))", unpack_path);
156 } 157 }
157 158
158 char* sbox_error; 159 char* sbox_error;
159 #pragma clang diagnostic push 160 if (sandbox::Seatbelt::Init(sbox_profile.c_str(), 0, &sbox_error) != 0) {
160 #pragma clang diagnostic ignored "-Wdeprecated-declarations"
161 if (sandbox_init(sbox_profile.c_str(), 0, &sbox_error) != 0) {
162 LOG(ERROR) << "Failed to initialize sandbox: " << sbox_error; 161 LOG(ERROR) << "Failed to initialize sandbox: " << sbox_error;
163 sandbox_free_error(sbox_error); 162 sandbox::Seatbelt::FreeError(sbox_error);
164 return false; 163 return false;
165 } 164 }
166 #pragma clang diagnostic pop
167 165
168 return true; 166 return true;
169 } 167 }
170 168
171 bool SafeDMG::ParseDMG() { 169 bool SafeDMG::ParseDMG() {
172 // This does not use safe_browsing::dmg::DMGIterator since that skips over 170 // This does not use safe_browsing::dmg::DMGIterator since that skips over
173 // directory nodes. These nodes are needed for mkdir() when unpacking. 171 // directory nodes. These nodes are needed for mkdir() when unpacking.
174 safe_browsing::dmg::FileReadStream read_stream(dmg_file_.GetPlatformFile()); 172 safe_browsing::dmg::FileReadStream read_stream(dmg_file_.GetPlatformFile());
175 safe_browsing::dmg::UDIFParser udif_parser(&read_stream); 173 safe_browsing::dmg::UDIFParser udif_parser(&read_stream);
176 174
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after
256 254
257 return true; 255 return true;
258 } 256 }
259 257
260 } // namespace 258 } // namespace
261 259
262 int main(int argc, const char* argv[]) { 260 int main(int argc, const char* argv[]) {
263 SafeDMG safe_dmg; 261 SafeDMG safe_dmg;
264 return safe_dmg.Main(argc, argv); 262 return safe_dmg.Main(argc, argv);
265 } 263 }
OLDNEW
« no previous file with comments | « chrome/utility/safe_browsing/mac/BUILD.gn ('k') | ipc/ipc_send_fds_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698