Chromium Code Reviews Chromium Code Reviews
Issue 23760004:
ChildProcessSecurityPolicy: Port FileAPIMessageFilter to use new checks (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: content/browser/renderer_host/pepper/pepper_security_helper.cc |
| diff --git a/content/browser/renderer_host/pepper/pepper_security_helper.cc b/content/browser/renderer_host/pepper/pepper_security_helper.cc |
| index 5402823f01e56f68d815fc2a3bd1238e2518f07f..92939bbc9744500cc977957b859963a0e8c5c8c4 100644 |
| --- a/content/browser/renderer_host/pepper/pepper_security_helper.cc |
| +++ b/content/browser/renderer_host/pepper/pepper_security_helper.cc |
| @@ -8,10 +8,22 @@ |
| #include "content/browser/child_process_security_policy_impl.h" |
| #include "ppapi/c/ppb_file_io.h" |
| +#define CALL_MEMBER_FN(ptrToObject, ptrToMember) ((ptrToObject)->*(ptrToMember)) |
|
kinuko
2013/09/06 02:28:55
Hmm... do we need this indirection? It is in gene
tommycli
2013/09/07 00:28:22
Done.
|
| + |
| namespace content { |
| -bool CanOpenWithPepperFlags(int pp_open_flags, int child_id, |
| - const base::FilePath& file) { |
| +namespace { |
| + |
| +template <typename CanRead, typename CanWrite, |
| + typename CanCreate, typename CanCreateWrite, |
| + typename FileID> |
| +bool CanOpenFileWithPepperFlags(CanRead can_read, |
| + CanWrite can_write, |
| + CanCreate can_create, |
| + CanCreateWrite can_create_write, |
| + int pp_open_flags, |
| + int child_id, |
| + const FileID& file) { |
| ChildProcessSecurityPolicyImpl* policy = |
| ChildProcessSecurityPolicyImpl::GetInstance(); |
| @@ -22,33 +34,53 @@ bool CanOpenWithPepperFlags(int pp_open_flags, int child_id, |
| bool pp_exclusive = !!(pp_open_flags & PP_FILEOPENFLAG_EXCLUSIVE); |
| bool pp_append = !!(pp_open_flags & PP_FILEOPENFLAG_APPEND); |
| - if (pp_read && !policy->CanReadFile(child_id, file)) |
| + if (pp_read && !CALL_MEMBER_FN(policy, can_read)(child_id, file)) |
| return false; |
| - if (pp_write && !policy->CanWriteFile(child_id, file)) |
| + if (pp_write && !CALL_MEMBER_FN(policy, can_write)(child_id, file)) |
| return false; |
| - if (pp_append) { |
| - // Given ChildSecurityPolicyImpl's current definition of permissions, |
| - // APPEND is never supported. |
| + // TODO(tommycli): Maybe tighten up required permission. crbug.com/284792 |
| + if (pp_append && !CALL_MEMBER_FN(policy, can_create_write)(child_id, file)) |
| return false; |
| - } |
| if (pp_truncate && !pp_write) |
| return false; |
| if (pp_create) { |
| if (pp_exclusive) { |
| - return policy->CanCreateFile(child_id, file); |
| + return CALL_MEMBER_FN(policy, can_create)(child_id, file); |
| } else { |
| // Asks for too much, but this is the only grant that allows overwrite. |
| - return policy->CanCreateWriteFile(child_id, file); |
| + return CALL_MEMBER_FN(policy, can_create_write)(child_id, file); |
| } |
| } else if (pp_truncate) { |
| - return policy->CanCreateWriteFile(child_id, file); |
| + return CALL_MEMBER_FN(policy, can_create_write)(child_id, file); |
| } |
| return true; |
| } |
| +} |
| + |
| +bool CanOpenWithPepperFlags(int pp_open_flags, int child_id, |
| + const base::FilePath& file) { |
| + return CanOpenFileWithPepperFlags( |
| + &ChildProcessSecurityPolicyImpl::CanReadFile, |
| + &ChildProcessSecurityPolicyImpl::CanWriteFile, |
| + &ChildProcessSecurityPolicyImpl::CanCreateFile, |
| + &ChildProcessSecurityPolicyImpl::CanCreateWriteFile, |
| + pp_open_flags, child_id, file); |
| +} |
| + |
| +bool CanOpenFileSystemURLWithPepperFlags(int pp_open_flags, int child_id, |
| + const fileapi::FileSystemURL& url) { |
| + return CanOpenFileWithPepperFlags( |
| + &ChildProcessSecurityPolicyImpl::CanReadFileSystemFile, |
| + &ChildProcessSecurityPolicyImpl::CanWriteFileSystemFile, |
| + &ChildProcessSecurityPolicyImpl::CanCreateFileSystemFile, |
| + &ChildProcessSecurityPolicyImpl::CanCreateWriteFileSystemFile, |
| + pp_open_flags, child_id, url); |
| +} |
| + |
| } // namespace content |
