Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(7790)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/common/pepper_permission_util.cc

Issue 264923011: Add a whitelist check for nacl-nonsfi mode (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/nacl_host/nacl_browser_delegate_impl.cc ('K') | « chrome/browser/nacl_host/nacl_browser_delegate_impl.cc ('k') | components/nacl/browser/nacl_browser_delegate.h » ('j') | components/nacl/browser/nacl_process_host.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/common/pepper_permission_util.cc
diff --git a/chrome/common/pepper_permission_util.cc b/chrome/common/pepper_permission_util.cc
index a8e767539da0a18ca8112348597b9119d9cc604e..33236ea1d82211f51100376c7368a94e5b7f2000 100644
--- a/chrome/common/pepper_permission_util.cc
+++ b/chrome/common/pepper_permission_util.cc
@@ -17,6 +17,7 @@
using extensions::Extension;
using extensions::Manifest;
+using extensions::SharedModuleInfo;
namespace chrome {
@@ -50,16 +51,18 @@ bool IsExtensionOrSharedModuleWhitelisted(
const Extension* extension = extension_set ? extension_set->GetByID(host)
: NULL;
if (extension) {
- typedef std::vector<extensions::SharedModuleInfo::ImportInfo>
- ImportInfoVector;
- const ImportInfoVector& imports =
- extensions::SharedModuleInfo::GetImports(extension);
+ typedef std::vector<SharedModuleInfo::ImportInfo> ImportInfoVector;
+ const ImportInfoVector& imports = SharedModuleInfo::GetImports(extension);
for (ImportInfoVector::const_iterator it = imports.begin();
it != imports.end(); ++it) {
const Extension* imported_extension = extension_set->GetByID(
it->extension_id);
if (imported_extension &&
- extensions::SharedModuleInfo::IsSharedModule(imported_extension) &&
+ SharedModuleInfo::IsSharedModule(imported_extension) &&
+ // We check the whitelist explicitly even though the extension should
Mark Seaborn 2014/05/03 01:37:59 I'm not familiar with this part of the code, so I'
elijahtaylor1 2014/05/06 05:56:15 Added some unit tests for this function.
+ // never have been allowed installed in the first place if this fails.
Mark Seaborn 2014/05/03 01:37:59 "allowed to be installed"?
elijahtaylor1 2014/05/06 05:56:15 Done.
+ SharedModuleInfo::IsExportAllowedByWhitelist(imported_extension,
+ host) &&
HostIsInSet(it->extension_id, whitelist)) {
return true;
}
« chrome/browser/nacl_host/nacl_browser_delegate_impl.cc ('K') | « chrome/browser/nacl_host/nacl_browser_delegate_impl.cc ('k') | components/nacl/browser/nacl_browser_delegate.h » ('j') | components/nacl/browser/nacl_process_host.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698