| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/memory/shared_memory.h" | 5 #include "base/memory/shared_memory.h" |
| 6 #include "base/strings/string_number_conversions.h" | 6 #include "base/strings/string_number_conversions.h" |
| 7 #include "base/strings/string_piece.h" | 7 #include "base/strings/string_piece.h" |
| 8 #include "base/win/scoped_process_information.h" | 8 #include "base/win/scoped_process_information.h" |
| 9 #include "base/win/windows_version.h" | 9 #include "base/win/windows_version.h" |
| 10 #include "sandbox/win/src/sandbox.h" | 10 #include "sandbox/win/src/sandbox.h" |
| (...skipping 204 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 215 } | 215 } |
| 216 | 216 |
| 217 // Launches the app in the sandbox and ask it to wait in an | 217 // Launches the app in the sandbox and ask it to wait in an |
| 218 // infinite loop. Waits for 2 seconds and then check if the | 218 // infinite loop. Waits for 2 seconds and then check if the |
| 219 // desktop associated with the app thread is not the same as the | 219 // desktop associated with the app thread is not the same as the |
| 220 // current desktop. | 220 // current desktop. |
| 221 TEST(PolicyTargetTest, DesktopPolicy) { | 221 TEST(PolicyTargetTest, DesktopPolicy) { |
| 222 BrokerServices* broker = GetBroker(); | 222 BrokerServices* broker = GetBroker(); |
| 223 | 223 |
| 224 // Precreate the desktop. | 224 // Precreate the desktop. |
| 225 scoped_refptr<TargetPolicy> temp_policy = broker->CreatePolicy(); | 225 TargetPolicy* temp_policy = broker->CreatePolicy(); |
| 226 temp_policy->CreateAlternateDesktop(false); | 226 temp_policy->CreateAlternateDesktop(false); |
| 227 temp_policy = nullptr; | 227 temp_policy->Release(); |
| 228 | 228 |
| 229 ASSERT_TRUE(broker != NULL); | 229 ASSERT_TRUE(broker != NULL); |
| 230 | 230 |
| 231 // Get the path to the sandboxed app. | 231 // Get the path to the sandboxed app. |
| 232 wchar_t prog_name[MAX_PATH]; | 232 wchar_t prog_name[MAX_PATH]; |
| 233 GetModuleFileNameW(NULL, prog_name, MAX_PATH); | 233 GetModuleFileNameW(NULL, prog_name, MAX_PATH); |
| 234 | 234 |
| 235 base::string16 arguments(L"\""); | 235 base::string16 arguments(L"\""); |
| 236 arguments += prog_name; | 236 arguments += prog_name; |
| 237 arguments += L"\" -child 0 wait"; // Don't care about the "state" argument. | 237 arguments += L"\" -child 0 wait"; // Don't care about the "state" argument. |
| 238 | 238 |
| 239 // Launch the app. | 239 // Launch the app. |
| 240 ResultCode result = SBOX_ALL_OK; | 240 ResultCode result = SBOX_ALL_OK; |
| 241 ResultCode warning_result = SBOX_ALL_OK; | 241 ResultCode warning_result = SBOX_ALL_OK; |
| 242 DWORD last_error = ERROR_SUCCESS; | 242 DWORD last_error = ERROR_SUCCESS; |
| 243 base::win::ScopedProcessInformation target; | 243 base::win::ScopedProcessInformation target; |
| 244 | 244 |
| 245 scoped_refptr<TargetPolicy> policy = broker->CreatePolicy(); | 245 TargetPolicy* policy = broker->CreatePolicy(); |
| 246 policy->SetAlternateDesktop(false); | 246 policy->SetAlternateDesktop(false); |
| 247 policy->SetTokenLevel(USER_INTERACTIVE, USER_LOCKDOWN); | 247 policy->SetTokenLevel(USER_INTERACTIVE, USER_LOCKDOWN); |
| 248 PROCESS_INFORMATION temp_process_info = {}; | 248 PROCESS_INFORMATION temp_process_info = {}; |
| 249 result = | 249 result = |
| 250 broker->SpawnTarget(prog_name, arguments.c_str(), policy, &warning_result, | 250 broker->SpawnTarget(prog_name, arguments.c_str(), policy, &warning_result, |
| 251 &last_error, &temp_process_info); | 251 &last_error, &temp_process_info); |
| 252 base::string16 desktop_name = policy->GetAlternateDesktop(); | 252 base::string16 desktop_name = policy->GetAlternateDesktop(); |
| 253 policy = nullptr; | 253 policy->Release(); |
| 254 | 254 |
| 255 EXPECT_EQ(SBOX_ALL_OK, result); | 255 EXPECT_EQ(SBOX_ALL_OK, result); |
| 256 if (result == SBOX_ALL_OK) | 256 if (result == SBOX_ALL_OK) |
| 257 target.Set(temp_process_info); | 257 target.Set(temp_process_info); |
| 258 | 258 |
| 259 EXPECT_EQ(1u, ::ResumeThread(target.thread_handle())); | 259 EXPECT_EQ(1u, ::ResumeThread(target.thread_handle())); |
| 260 | 260 |
| 261 EXPECT_EQ(static_cast<DWORD>(WAIT_TIMEOUT), | 261 EXPECT_EQ(static_cast<DWORD>(WAIT_TIMEOUT), |
| 262 ::WaitForSingleObject(target.process_handle(), 2000)); | 262 ::WaitForSingleObject(target.process_handle(), 2000)); |
| 263 | 263 |
| 264 EXPECT_NE(::GetThreadDesktop(target.thread_id()), | 264 EXPECT_NE(::GetThreadDesktop(target.thread_id()), |
| 265 ::GetThreadDesktop(::GetCurrentThreadId())); | 265 ::GetThreadDesktop(::GetCurrentThreadId())); |
| 266 | 266 |
| 267 HDESK desk = ::OpenDesktop(desktop_name.c_str(), 0, FALSE, DESKTOP_ENUMERATE); | 267 HDESK desk = ::OpenDesktop(desktop_name.c_str(), 0, FALSE, DESKTOP_ENUMERATE); |
| 268 EXPECT_TRUE(NULL != desk); | 268 EXPECT_TRUE(NULL != desk); |
| 269 EXPECT_TRUE(::CloseDesktop(desk)); | 269 EXPECT_TRUE(::CloseDesktop(desk)); |
| 270 EXPECT_TRUE(::TerminateProcess(target.process_handle(), 0)); | 270 EXPECT_TRUE(::TerminateProcess(target.process_handle(), 0)); |
| 271 | 271 |
| 272 ::WaitForSingleObject(target.process_handle(), INFINITE); | 272 ::WaitForSingleObject(target.process_handle(), INFINITE); |
| 273 | 273 |
| 274 // Close the desktop handle. | 274 // Close the desktop handle. |
| 275 temp_policy = broker->CreatePolicy(); | 275 temp_policy = broker->CreatePolicy(); |
| 276 temp_policy->DestroyAlternateDesktop(); | 276 temp_policy->DestroyAlternateDesktop(); |
| 277 temp_policy = nullptr; | 277 temp_policy->Release(); |
| 278 | 278 |
| 279 // Make sure the desktop does not exist anymore. | 279 // Make sure the desktop does not exist anymore. |
| 280 desk = ::OpenDesktop(desktop_name.c_str(), 0, FALSE, DESKTOP_ENUMERATE); | 280 desk = ::OpenDesktop(desktop_name.c_str(), 0, FALSE, DESKTOP_ENUMERATE); |
| 281 EXPECT_TRUE(NULL == desk); | 281 EXPECT_TRUE(NULL == desk); |
| 282 } | 282 } |
| 283 | 283 |
| 284 // Launches the app in the sandbox and ask it to wait in an | 284 // Launches the app in the sandbox and ask it to wait in an |
| 285 // infinite loop. Waits for 2 seconds and then check if the | 285 // infinite loop. Waits for 2 seconds and then check if the |
| 286 // winstation associated with the app thread is not the same as the | 286 // winstation associated with the app thread is not the same as the |
| 287 // current desktop. | 287 // current desktop. |
| 288 TEST(PolicyTargetTest, WinstaPolicy) { | 288 TEST(PolicyTargetTest, WinstaPolicy) { |
| 289 BrokerServices* broker = GetBroker(); | 289 BrokerServices* broker = GetBroker(); |
| 290 | 290 |
| 291 // Precreate the desktop. | 291 // Precreate the desktop. |
| 292 scoped_refptr<TargetPolicy> temp_policy = broker->CreatePolicy(); | 292 TargetPolicy* temp_policy = broker->CreatePolicy(); |
| 293 temp_policy->CreateAlternateDesktop(true); | 293 temp_policy->CreateAlternateDesktop(true); |
| 294 temp_policy = nullptr; | 294 temp_policy->Release(); |
| 295 | 295 |
| 296 ASSERT_TRUE(broker != NULL); | 296 ASSERT_TRUE(broker != NULL); |
| 297 | 297 |
| 298 // Get the path to the sandboxed app. | 298 // Get the path to the sandboxed app. |
| 299 wchar_t prog_name[MAX_PATH]; | 299 wchar_t prog_name[MAX_PATH]; |
| 300 GetModuleFileNameW(NULL, prog_name, MAX_PATH); | 300 GetModuleFileNameW(NULL, prog_name, MAX_PATH); |
| 301 | 301 |
| 302 base::string16 arguments(L"\""); | 302 base::string16 arguments(L"\""); |
| 303 arguments += prog_name; | 303 arguments += prog_name; |
| 304 arguments += L"\" -child 0 wait"; // Don't care about the "state" argument. | 304 arguments += L"\" -child 0 wait"; // Don't care about the "state" argument. |
| 305 | 305 |
| 306 // Launch the app. | 306 // Launch the app. |
| 307 ResultCode result = SBOX_ALL_OK; | 307 ResultCode result = SBOX_ALL_OK; |
| 308 ResultCode warning_result = SBOX_ALL_OK; | 308 ResultCode warning_result = SBOX_ALL_OK; |
| 309 base::win::ScopedProcessInformation target; | 309 base::win::ScopedProcessInformation target; |
| 310 | 310 |
| 311 scoped_refptr<TargetPolicy> policy = broker->CreatePolicy(); | 311 TargetPolicy* policy = broker->CreatePolicy(); |
| 312 policy->SetAlternateDesktop(true); | 312 policy->SetAlternateDesktop(true); |
| 313 policy->SetTokenLevel(USER_INTERACTIVE, USER_LOCKDOWN); | 313 policy->SetTokenLevel(USER_INTERACTIVE, USER_LOCKDOWN); |
| 314 PROCESS_INFORMATION temp_process_info = {}; | 314 PROCESS_INFORMATION temp_process_info = {}; |
| 315 DWORD last_error = ERROR_SUCCESS; | 315 DWORD last_error = ERROR_SUCCESS; |
| 316 result = | 316 result = |
| 317 broker->SpawnTarget(prog_name, arguments.c_str(), policy, &warning_result, | 317 broker->SpawnTarget(prog_name, arguments.c_str(), policy, &warning_result, |
| 318 &last_error, &temp_process_info); | 318 &last_error, &temp_process_info); |
| 319 base::string16 desktop_name = policy->GetAlternateDesktop(); | 319 base::string16 desktop_name = policy->GetAlternateDesktop(); |
| 320 policy = nullptr; | 320 policy->Release(); |
| 321 | 321 |
| 322 EXPECT_EQ(SBOX_ALL_OK, result); | 322 EXPECT_EQ(SBOX_ALL_OK, result); |
| 323 if (result == SBOX_ALL_OK) | 323 if (result == SBOX_ALL_OK) |
| 324 target.Set(temp_process_info); | 324 target.Set(temp_process_info); |
| 325 | 325 |
| 326 EXPECT_EQ(1u, ::ResumeThread(target.thread_handle())); | 326 EXPECT_EQ(1u, ::ResumeThread(target.thread_handle())); |
| 327 | 327 |
| 328 EXPECT_EQ(static_cast<DWORD>(WAIT_TIMEOUT), | 328 EXPECT_EQ(static_cast<DWORD>(WAIT_TIMEOUT), |
| 329 ::WaitForSingleObject(target.process_handle(), 2000)); | 329 ::WaitForSingleObject(target.process_handle(), 2000)); |
| 330 | 330 |
| (...skipping 11 matching lines...) Expand all Loading... |
| 342 HDESK desk = ::OpenDesktop(desktop_name.c_str(), 0, FALSE, DESKTOP_ENUMERATE); | 342 HDESK desk = ::OpenDesktop(desktop_name.c_str(), 0, FALSE, DESKTOP_ENUMERATE); |
| 343 // This should fail if the desktop is really on another window station. | 343 // This should fail if the desktop is really on another window station. |
| 344 EXPECT_FALSE(NULL != desk); | 344 EXPECT_FALSE(NULL != desk); |
| 345 EXPECT_TRUE(::TerminateProcess(target.process_handle(), 0)); | 345 EXPECT_TRUE(::TerminateProcess(target.process_handle(), 0)); |
| 346 | 346 |
| 347 ::WaitForSingleObject(target.process_handle(), INFINITE); | 347 ::WaitForSingleObject(target.process_handle(), INFINITE); |
| 348 | 348 |
| 349 // Close the desktop handle. | 349 // Close the desktop handle. |
| 350 temp_policy = broker->CreatePolicy(); | 350 temp_policy = broker->CreatePolicy(); |
| 351 temp_policy->DestroyAlternateDesktop(); | 351 temp_policy->DestroyAlternateDesktop(); |
| 352 temp_policy = nullptr; | 352 temp_policy->Release(); |
| 353 } | 353 } |
| 354 | 354 |
| 355 // Launches the app in the sandbox and share a handle with it. The app should | 355 // Launches the app in the sandbox and share a handle with it. The app should |
| 356 // be able to use the handle. | 356 // be able to use the handle. |
| 357 TEST(PolicyTargetTest, ShareHandleTest) { | 357 TEST(PolicyTargetTest, ShareHandleTest) { |
| 358 | 358 |
| 359 BrokerServices* broker = GetBroker(); | 359 BrokerServices* broker = GetBroker(); |
| 360 ASSERT_TRUE(broker != NULL); | 360 ASSERT_TRUE(broker != NULL); |
| 361 | 361 |
| 362 base::StringPiece contents = "Hello World"; | 362 base::StringPiece contents = "Hello World"; |
| 363 std::string name = "TestSharedMemory"; | 363 std::string name = "TestSharedMemory"; |
| 364 base::SharedMemoryCreateOptions options; | 364 base::SharedMemoryCreateOptions options; |
| 365 options.size = contents.size(); | 365 options.size = contents.size(); |
| 366 options.share_read_only = true; | 366 options.share_read_only = true; |
| 367 options.name_deprecated = &name; | 367 options.name_deprecated = &name; |
| 368 base::SharedMemory writable_shmem; | 368 base::SharedMemory writable_shmem; |
| 369 ASSERT_TRUE(writable_shmem.Create(options)); | 369 ASSERT_TRUE(writable_shmem.Create(options)); |
| 370 ASSERT_TRUE(writable_shmem.Map(options.size)); | 370 ASSERT_TRUE(writable_shmem.Map(options.size)); |
| 371 memcpy(writable_shmem.memory(), contents.data(), contents.size()); | 371 memcpy(writable_shmem.memory(), contents.data(), contents.size()); |
| 372 | 372 |
| 373 base::SharedMemory read_only_view; | 373 base::SharedMemory read_only_view; |
| 374 ASSERT_TRUE(read_only_view.Open(name, true)); | 374 ASSERT_TRUE(read_only_view.Open(name, true)); |
| 375 | 375 |
| 376 // Get the path to the sandboxed app. | 376 // Get the path to the sandboxed app. |
| 377 wchar_t prog_name[MAX_PATH]; | 377 wchar_t prog_name[MAX_PATH]; |
| 378 GetModuleFileNameW(NULL, prog_name, MAX_PATH); | 378 GetModuleFileNameW(NULL, prog_name, MAX_PATH); |
| 379 | 379 |
| 380 scoped_refptr<TargetPolicy> policy = broker->CreatePolicy(); | 380 TargetPolicy* policy = broker->CreatePolicy(); |
| 381 policy->AddHandleToShare(read_only_view.handle().GetHandle()); | 381 policy->AddHandleToShare(read_only_view.handle().GetHandle()); |
| 382 | 382 |
| 383 base::string16 arguments(L"\""); | 383 base::string16 arguments(L"\""); |
| 384 arguments += prog_name; | 384 arguments += prog_name; |
| 385 arguments += L"\" -child 0 shared_memory_handle "; | 385 arguments += L"\" -child 0 shared_memory_handle "; |
| 386 arguments += base::UintToString16( | 386 arguments += base::UintToString16( |
| 387 base::win::HandleToUint32(read_only_view.handle().GetHandle())); | 387 base::win::HandleToUint32(read_only_view.handle().GetHandle())); |
| 388 | 388 |
| 389 // Launch the app. | 389 // Launch the app. |
| 390 ResultCode result = SBOX_ALL_OK; | 390 ResultCode result = SBOX_ALL_OK; |
| 391 ResultCode warning_result = SBOX_ALL_OK; | 391 ResultCode warning_result = SBOX_ALL_OK; |
| 392 base::win::ScopedProcessInformation target; | 392 base::win::ScopedProcessInformation target; |
| 393 | 393 |
| 394 policy->SetTokenLevel(USER_INTERACTIVE, USER_LOCKDOWN); | 394 policy->SetTokenLevel(USER_INTERACTIVE, USER_LOCKDOWN); |
| 395 PROCESS_INFORMATION temp_process_info = {}; | 395 PROCESS_INFORMATION temp_process_info = {}; |
| 396 DWORD last_error = ERROR_SUCCESS; | 396 DWORD last_error = ERROR_SUCCESS; |
| 397 result = | 397 result = |
| 398 broker->SpawnTarget(prog_name, arguments.c_str(), policy, &warning_result, | 398 broker->SpawnTarget(prog_name, arguments.c_str(), policy, &warning_result, |
| 399 &last_error, &temp_process_info); | 399 &last_error, &temp_process_info); |
| 400 policy = nullptr; | 400 policy->Release(); |
| 401 | 401 |
| 402 EXPECT_EQ(SBOX_ALL_OK, result); | 402 EXPECT_EQ(SBOX_ALL_OK, result); |
| 403 if (result == SBOX_ALL_OK) | 403 if (result == SBOX_ALL_OK) |
| 404 target.Set(temp_process_info); | 404 target.Set(temp_process_info); |
| 405 | 405 |
| 406 EXPECT_EQ(1u, ::ResumeThread(target.thread_handle())); | 406 EXPECT_EQ(1u, ::ResumeThread(target.thread_handle())); |
| 407 | 407 |
| 408 EXPECT_EQ(static_cast<DWORD>(WAIT_TIMEOUT), | 408 EXPECT_EQ(static_cast<DWORD>(WAIT_TIMEOUT), |
| 409 ::WaitForSingleObject(target.process_handle(), 2000)); | 409 ::WaitForSingleObject(target.process_handle(), 2000)); |
| 410 | 410 |
| 411 EXPECT_TRUE(::TerminateProcess(target.process_handle(), 0)); | 411 EXPECT_TRUE(::TerminateProcess(target.process_handle(), 0)); |
| 412 | 412 |
| 413 ::WaitForSingleObject(target.process_handle(), INFINITE); | 413 ::WaitForSingleObject(target.process_handle(), INFINITE); |
| 414 } | 414 } |
| 415 | 415 |
| 416 } // namespace sandbox | 416 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2456573002:
Revert "Fix sandbox::PolicyBase leak" (Closed)
