chrome/common/pepper_permission_util.cc - Issue 264923011: Add a whitelist check for nacl-nonsfi mode

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/common/pepper_permission_util.cc

Issue 264923011: Add a whitelist check for nacl-nonsfi mode (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: add includes (windows compile fail) Created 6 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chrome/common/pepper_permission_util.cc

diff --git a/chrome/common/pepper_permission_util.cc b/chrome/common/pepper_permission_util.cc

index a8e767539da0a18ca8112348597b9119d9cc604e..167687ced298a2377614af8ea891a60bb0c95422 100644

--- a/chrome/common/pepper_permission_util.cc

+++ b/chrome/common/pepper_permission_util.cc

@@ -17,6 +17,7 @@

using extensions::Extension;

using extensions::Manifest;

+using extensions::SharedModuleInfo;

namespace chrome {

@@ -49,20 +50,25 @@ bool IsExtensionOrSharedModuleWhitelisted(

// is whitelisted.

const Extension* extension = extension_set ? extension_set->GetByID(host)

: NULL;

- if (extension) {

- typedef std::vector<extensions::SharedModuleInfo::ImportInfo>

- ImportInfoVector;

- const ImportInfoVector& imports =

- extensions::SharedModuleInfo::GetImports(extension);

- for (ImportInfoVector::const_iterator it = imports.begin();

- it != imports.end(); ++it) {

- const Extension* imported_extension = extension_set->GetByID(

- it->extension_id);

- if (imported_extension &&

- extensions::SharedModuleInfo::IsSharedModule(imported_extension) &&

- HostIsInSet(it->extension_id, whitelist)) {

- return true;

- }

+ if (!extension)

+ return false;

+ typedef std::vector<SharedModuleInfo::ImportInfo> ImportInfoVector;

+ const ImportInfoVector& imports = SharedModuleInfo::GetImports(extension);

+ for (ImportInfoVector::const_iterator it = imports.begin();

+ it != imports.end();

+ ++it) {

+ const Extension* imported_extension =

+ extension_set->GetByID(it->extension_id);

+ if (imported_extension &&

+ SharedModuleInfo::IsSharedModule(imported_extension) &&

+ // We check the whitelist explicitly even though the extension should

+ // never have been allowed to be installed in the first place if this

+ // fails. See SharedModuleService::CheckImports for details.

+ SharedModuleInfo::IsExportAllowedByWhitelist(imported_extension,

+ host) &&

+ HostIsInSet(it->extension_id, whitelist)) {

+ return true;

}

« no previous file with comments | « chrome/common/pepper_permission_util.h ('k') | chrome/common/pepper_permission_util_unittest.cc » ('j') | no next file with comments »