Update sandbox profiles and remove regular expressions.

content/common/sandbox_mac.mm

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/common/sandbox_mac.h"
 
 #import <Cocoa/Cocoa.h>
 #include <stddef.h>
 #include <stdint.h>
 
@@ skipping 53 matching lines @@
   { SANDBOX_TYPE_RENDERER, IDR_RENDERER_SANDBOX_PROFILE },
   { SANDBOX_TYPE_UTILITY,  IDR_UTILITY_SANDBOX_PROFILE },
   { SANDBOX_TYPE_GPU,      IDR_GPU_SANDBOX_PROFILE },
   { SANDBOX_TYPE_PPAPI,    IDR_PPAPI_SANDBOX_PROFILE },
 };
 
 static_assert(arraysize(kDefaultSandboxTypeToResourceIDMapping) == \
               size_t(SANDBOX_TYPE_AFTER_LAST_TYPE), \
               "sandbox type to resource id mapping incorrect");
 
-// Try to escape |c| as a "SingleEscapeCharacter" (\n, etc).  If successful,
-// returns true and appends the escape sequence to |dst|.
-bool EscapeSingleChar(char c, std::string* dst) {
-  const char *append = NULL;
-  switch (c) {
-    case '\b':
-      append = "\\b";
-      break;
-    case '\f':
-      append = "\\f";
-      break;
-    case '\n':
-      append = "\\n";
-      break;
-    case '\r':
-      append = "\\r";
-      break;
-    case '\t':
-      append = "\\t";
-      break;
-    case '\\':
-      append = "\\\\";
-      break;
-    case '"':
-      append = "\\\"";
-      break;
-  }
-
-  if (!append) {
-    return false;
-  }
-
-  dst->append(append);
-  return true;
-}
-
-// Errors quoting strings for the Sandbox profile are always fatal, report them
-// in a central place.
-NOINLINE void FatalStringQuoteException(const std::string& str) {
-  // Copy bad string to the stack so it's recorded in the crash dump.
-  char bad_string[256] = {0};
-  base::strlcpy(bad_string, str.c_str(), arraysize(bad_string));
-  DLOG(FATAL) << "String quoting failed " << bad_string;
-}
-
 }  // namespace
 
-// static
-bool Sandbox::QuotePlainString(const std::string& src_utf8, std::string* dst) {
-  dst->clear();
-
-  const char* src = src_utf8.c_str();
-  int32_t length = src_utf8.length();
-  int32_t position = 0;
-  while (position < length) {
-    UChar32 c;
-    U8_NEXT(src, position, length, c);  // Macro increments |position|.
-    DCHECK_GE(c, 0);
-    if (c < 0)
-      return false;
-
-    if (c < 128) {  // EscapeSingleChar only handles ASCII.
-      char as_char = static_cast<char>(c);
-      if (EscapeSingleChar(as_char, dst)) {
-        continue;
-      }
-    }
-
-    if (c < 32 || c > 126) {
-      // Any characters that aren't printable ASCII get the \u treatment.
-      unsigned int as_uint = static_cast<unsigned int>(c);
-      base::StringAppendF(dst, "\\u%04X", as_uint);
-      continue;
-    }
-
-    // If we got here we know that the character in question is strictly
-    // in the ASCII range so there's no need to do any kind of encoding
-    // conversion.
-    dst->push_back(static_cast<char>(c));
-  }
-  return true;
-}
-
-// static
-bool Sandbox::QuoteStringForRegex(const std::string& str_utf8,
-                                  std::string* dst) {
-  // Characters with special meanings in sandbox profile syntax.
-  const char regex_special_chars[] = {
-    '\\',
-
-    // Metacharacters
-    '^',
-    '.',
-    '[',
-    ']',
-    '$',
-    '(',
-    ')',
-    '|',
-
-    // Quantifiers
-    '*',
-    '+',
-    '?',
-    '{',
-    '}',
-  };
-
-  // Anchor regex at start of path.
-  dst->assign("^");
-
-  const char* src = str_utf8.c_str();
-  int32_t length = str_utf8.length();
-  int32_t position = 0;
-  while (position < length) {
-    UChar32 c;
-    U8_NEXT(src, position, length, c);  // Macro increments |position|.
-    DCHECK_GE(c, 0);
-    if (c < 0)
-      return false;
-
-    // The Mac sandbox regex parser only handles printable ASCII characters.
-    // 33 >= c <= 126
-    if (c < 32 || c > 125) {
-      return false;
-    }
-
-    for (size_t i = 0; i < arraysize(regex_special_chars); ++i) {
-      if (c == regex_special_chars[i]) {
-        dst->push_back('\\');
-        break;
-      }
-    }
-
-    dst->push_back(static_cast<char>(c));
-  }
-
-  // Make sure last element of path is interpreted as a directory. Leaving this
-  // off would allow access to files if they start with the same name as the
-  // directory.
-  dst->append("(/|$)");
-
-  return true;
-}
-
 // Warm up System APIs that empirically need to be accessed before the Sandbox
 // is turned on.
 // This method is layed out in blocks, each one containing a separate function
 // that needs to be warmed up. The OS version on which we found the need to
 // enable the function is also noted.
 // This function is tested on the following OS versions:
 //     10.5.6, 10.6.0
 
 // static
 void Sandbox::SandboxWarmup(int sandbox_type) {
@@ skipping 157 matching lines @@
   std::string sandbox_data = LoadSandboxTemplate(sandbox_type);
   if (sandbox_data.empty()) {
     return false;
   }
 
   sandbox::SandboxCompiler compiler(sandbox_data);
 
   if (!allowed_dir.empty()) {
     // Add the sandbox parameters necessary to access the given directory.
     base::FilePath allowed_dir_canonical = GetCanonicalSandboxPath(allowed_dir);
-    std::string regex;
-    if (!QuoteStringForRegex(allowed_dir_canonical.value(), &regex)) {
-      FatalStringQuoteException(allowed_dir_canonical.value());
-      return false;
-    }
-    if (!compiler.InsertStringParam("PERMITTED_DIR", regex))
+    if (!compiler.InsertStringParam("PERMITTED_DIR",
+                                    allowed_dir_canonical.value()))
       return false;
   }
 
   // Enable verbose logging if enabled on the command line. (See common.sb
   // for details).
   const base::CommandLine* command_line =
       base::CommandLine::ForCurrentProcess();
   bool enable_logging =
       command_line->HasSwitch(switches::kEnableSandboxLogging);;
   if (!compiler.InsertBooleanParam("ENABLE_LOGGING", enable_logging))
     return false;
 
   // Without this, the sandbox will print a message to the system log every
   // time it denies a request.  This floods the console with useless spew.
   if (!compiler.InsertBooleanParam("DISABLE_SANDBOX_DENIAL_LOGGING",
                                    !enable_logging))
     return false;
 
   // Splice the path of the user's home directory into the sandbox profile
   // (see renderer.sb for details).
   std::string home_dir = [NSHomeDirectory() fileSystemRepresentation];
 
   base::FilePath home_dir_canonical =
       GetCanonicalSandboxPath(base::FilePath(home_dir));
 
-  std::string quoted_home_dir;
-  if (!QuotePlainString(home_dir_canonical.value(), &quoted_home_dir)) {
-    FatalStringQuoteException(home_dir_canonical.value());
-    return false;
-  }
-
-  if (!compiler.InsertStringParam("USER_HOMEDIR_AS_LITERAL", quoted_home_dir))
+  if (!compiler.InsertStringParam("USER_HOMEDIR_AS_LITERAL",
+                                  home_dir_canonical.value()))
     return false;
 
   bool elcap_or_later = base::mac::IsAtLeastOS10_11();
   if (!compiler.InsertBooleanParam("ELCAP_OR_LATER", elcap_or_later))
     return false;
 
   // Initialize sandbox.
   std::string error_str;
   bool success = compiler.CompileAndApplyProfile(&error_str);
   DLOG_IF(FATAL, !success) << "Failed to initialize sandbox: " << error_str;
@@ skipping 19 matching lines @@
   if (HANDLE_EINTR(fcntl(fd.get(), F_GETPATH, canonical_path)) != 0) {
     DPLOG(FATAL) << "GetCanonicalSandboxPath() failed for: "
                  << path.value();
     return path;
   }
 
   return base::FilePath(canonical_path);
 }
 
 }  // namespace content