Replace NT prefix in sandbox rules match string to handle correct wildcard escaping

sandbox/win/src/filesystem_policy.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <string>
 
 #include "sandbox/win/src/filesystem_policy.h"
 
 #include "base/logging.h"
 #include "base/win/scoped_handle.h"
@@ skipping 59 matching lines @@
   // object manager style.
   if (0 != _wcsnicmp(mod_name.c_str(), kNTObjManPrefix, kNTObjManPrefixLen)) {
     // TODO(cpu) bug 32224: This prefix add is a hack because we don't have the
     // infrastructure to normalize names. In any case we need to escape the
     // question marks.
     if (!PreProcessName(mod_name, &mod_name)) {
       // The path to be added might contain a reparse point.
       NOTREACHED();
       return false;
     }
-    if (0 != mod_name.compare(0, kNTPrefixLen, kNTPrefix)) {
-      // TODO(nsylvain): Find a better way to do name resolution. Right now we
-      // take the name and we expand it.
-      mod_name.insert(0, L"\\/?/?\\");
-      name = mod_name.c_str();
-    }
+
+    mod_name = FixNTPrefixForMatch(mod_name);
+    name = mod_name.c_str();
   }
 
   EvalResult result = ASK_BROKER;
 
   // List of supported calls for the filesystem.
   const unsigned kCallNtCreateFile = 0x1;
   const unsigned kCallNtOpenFile = 0x2;
   const unsigned kCallNtQueryAttributesFile = 0x4;
   const unsigned kCallNtQueryFullAttributesFile = 0x8;
   const unsigned kCallNtSetInfoRename = 0x10;
@@ skipping 280 matching lines @@
   ConvertToLongPath(path, new_path);
 
   bool reparsed = false;
   if (ERROR_SUCCESS != IsReparsePoint(*new_path, &reparsed))
     return false;
 
   // We can't process reparsed file.
   return !reparsed;
 }
 
+base::string16 FixNTPrefixForMatch(const base::string16& name) {
+  base::string16 mod_name = name;
+
+  // NT prefix escaped for rule matcher
+  const wchar_t kNTPrefixEscaped[] = L"\\/?/?\\";
+  const int kNTPrefixEscapedLen = arraysize(kNTPrefixEscaped) - 1;
+
+  if (0 != mod_name.compare(0, kNTPrefixLen, kNTPrefix)) {
+    if (0 != mod_name.compare(0, kNTPrefixEscapedLen, kNTPrefixEscaped)) {
+      // TODO(nsylvain): Find a better way to do name resolution. Right now we
+      // take the name and we expand it.
+      mod_name.insert(0, kNTPrefixEscaped);
+    }
+  } else {
+    // Start of name matches NT prefix, replace with escaped format
+    // Fixes bug: 334882

[rvargas (doing something else), 2014/08/16 02:23:17]

nit: we don't generally add bug numbers that are fixed by CLs... that's what
blame is for.

+    mod_name.replace(0, kNTPrefixLen, kNTPrefixEscaped);
+  }
+
+  return mod_name;
+}
+
 }  // namespace sandbox