sandbox/mac/policy.cc - Issue 310833003: Make BootstrapSandboxPolicy a struct, containing the existing rule map and a new default rule.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: sandbox/mac/policy.cc

Issue 310833003: Make BootstrapSandboxPolicy a struct, containing the existing rule map and a new default rule. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 6 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: sandbox/mac/policy.cc

diff --git a/sandbox/mac/policy.cc b/sandbox/mac/policy.cc

index 5493c28e4f292543cbd9df8786d05bf86e1c13ee..5c599490c4bb7d73a3066ee60ee94723cf3ec094 100644

--- a/sandbox/mac/policy.cc

+++ b/sandbox/mac/policy.cc

@@ -21,22 +21,37 @@ Rule::Rule(mach_port_t override_port)

substitute_port(override_port) {

}

+BootstrapSandboxPolicy::BootstrapSandboxPolicy()

+ : default_rule(POLICY_DENY_ERROR) {

+BootstrapSandboxPolicy::~BootstrapSandboxPolicy() {}

+static bool IsRuleValid(const Rule& rule) {

+ if (!(rule.result > POLICY_DECISION_INVALID &&

+ rule.result < POLICY_DECISION_LAST)) {

+ return false;

+ }

+ if (rule.result == POLICY_SUBSTITUTE_PORT) {

+ if (rule.substitute_port == MACH_PORT_NULL)

+ return false;

+ } else {

+ if (rule.substitute_port != MACH_PORT_NULL)

+ return false;

+ }

+ return true;

bool IsPolicyValid(const BootstrapSandboxPolicy& policy) {

- for (BootstrapSandboxPolicy::const_iterator it = policy.begin();

- it != policy.end();

+ if (!IsRuleValid(policy.default_rule))

+ return false;

+ for (BootstrapSandboxPolicy::NamedRules::const_iterator it =

Mark Mentovai 2014/06/03 16:57:27 You can just write "for (const auto& kv : policy.r

Robert Sesek 2014/06/03 17:30:52 I like const auto&.

+ policy.rules.begin();

+ it != policy.rules.end();

++it) {

- const Rule& rule = it->second;

- if (!(rule.result > POLICY_DECISION_INVALID &&

- rule.result < POLICY_DECISION_LAST)) {

+ if (!IsRuleValid(it->second))

return false;

- }

- if (rule.result == POLICY_SUBSTITUTE_PORT) {

- if (rule.substitute_port == MACH_PORT_NULL)

- return false;

- } else {

- if (rule.substitute_port != MACH_PORT_NULL)

- return false;

- }

}

return true;

}

« no previous file with comments | « sandbox/mac/policy.h ('k') | sandbox/mac/policy_unittest.cc » ('j') | no next file with comments »