Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1915)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: sandbox/win/src/filesystem_interception.cc

Issue 575623004: fix sandbox memory leak (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: sandbox/win/src/filesystem_interception.cc
diff --git a/sandbox/win/src/filesystem_interception.cc b/sandbox/win/src/filesystem_interception.cc
index 33688f0f6499d82c5b0127504d2dc920556d7767..2d9d36d458942dcad84f652329dfce799c48af49 100644
--- a/sandbox/win/src/filesystem_interception.cc
+++ b/sandbox/win/src/filesystem_interception.cc
@@ -35,6 +35,7 @@ NTSTATUS WINAPI TargetNtCreateFile(NtCreateFileFunction orig_CreateFile,
if (!SandboxFactory::GetTargetServices()->GetState()->InitCalled())
return status;
+ wchar_t* name = NULL;
do {
if (!ValidParameter(file, sizeof(HANDLE), WRITE))
break;
@@ -45,7 +46,6 @@ NTSTATUS WINAPI TargetNtCreateFile(NtCreateFileFunction orig_CreateFile,
if (NULL == memory)
break;
- wchar_t* name;
uint32 attributes = 0;
NTSTATUS ret = AllocAndCopyName(object_attributes, &name, &attributes,
NULL);
@@ -69,9 +69,6 @@ NTSTATUS WINAPI TargetNtCreateFile(NtCreateFileFunction orig_CreateFile,
ResultCode code = CrossCall(ipc, IPC_NTCREATEFILE_TAG, name, attributes,
desired_access, file_attributes, sharing,
disposition, options, &answer);
-
- operator delete(name, NT_ALLOC);
-
if (SBOX_ALL_OK != code)
break;
@@ -88,6 +85,9 @@ NTSTATUS WINAPI TargetNtCreateFile(NtCreateFileFunction orig_CreateFile,
}
} while (false);
+ if (name)
+ operator delete(name, NT_ALLOC);
+
return status;
}
@@ -106,6 +106,7 @@ NTSTATUS WINAPI TargetNtOpenFile(NtOpenFileFunction orig_OpenFile, PHANDLE file,
if (!SandboxFactory::GetTargetServices()->GetState()->InitCalled())
return status;
+ wchar_t* name = NULL;
do {
if (!ValidParameter(file, sizeof(HANDLE), WRITE))
break;
@@ -116,7 +117,6 @@ NTSTATUS WINAPI TargetNtOpenFile(NtOpenFileFunction orig_OpenFile, PHANDLE file,
if (NULL == memory)
break;
- wchar_t* name;
uint32 attributes;
NTSTATUS ret = AllocAndCopyName(object_attributes, &name, &attributes,
NULL);
@@ -137,9 +137,6 @@ NTSTATUS WINAPI TargetNtOpenFile(NtOpenFileFunction orig_OpenFile, PHANDLE file,
CrossCallReturn answer = {0};
ResultCode code = CrossCall(ipc, IPC_NTOPENFILE_TAG, name, attributes,
desired_access, sharing, options, &answer);
-
- operator delete(name, NT_ALLOC);
-
if (SBOX_ALL_OK != code)
break;
@@ -156,6 +153,9 @@ NTSTATUS WINAPI TargetNtOpenFile(NtOpenFileFunction orig_OpenFile, PHANDLE file,
}
} while (false);
+ if (name)
+ operator delete(name, NT_ALLOC);
+
return status;
}
@@ -172,6 +172,7 @@ NTSTATUS WINAPI TargetNtQueryAttributesFile(
if (!SandboxFactory::GetTargetServices()->GetState()->InitCalled())
return status;
+ wchar_t* name = NULL;
do {
if (!ValidParameter(file_attributes, sizeof(FILE_BASIC_INFORMATION), WRITE))
break;
@@ -180,7 +181,6 @@ NTSTATUS WINAPI TargetNtQueryAttributesFile(
if (NULL == memory)
break;
- wchar_t* name = NULL;
uint32 attributes = 0;
NTSTATUS ret = AllocAndCopyName(object_attributes, &name, &attributes,
NULL);
@@ -212,6 +212,9 @@ NTSTATUS WINAPI TargetNtQueryAttributesFile(
} while (false);
+ if (name)
+ operator delete(name, NT_ALLOC);
+
return status;
}
@@ -229,6 +232,7 @@ NTSTATUS WINAPI TargetNtQueryFullAttributesFile(
if (!SandboxFactory::GetTargetServices()->GetState()->InitCalled())
return status;
+ wchar_t* name = NULL;
do {
if (!ValidParameter(file_attributes, sizeof(FILE_NETWORK_OPEN_INFORMATION),
WRITE))
@@ -238,7 +242,6 @@ NTSTATUS WINAPI TargetNtQueryFullAttributesFile(
if (NULL == memory)
break;
- wchar_t* name = NULL;
uint32 attributes = 0;
NTSTATUS ret = AllocAndCopyName(object_attributes, &name, &attributes,
NULL);
@@ -269,6 +272,9 @@ NTSTATUS WINAPI TargetNtQueryFullAttributesFile(
return answer.nt_status;
Yun 2014/12/15 03:08:37 Change it as: status = answer.nt_status;
} while (false);
+ if (name)
+ operator delete(name, NT_ALLOC);
+
return status;
}
@@ -286,6 +292,7 @@ NTSTATUS WINAPI TargetNtSetInformationFile(
if (!SandboxFactory::GetTargetServices()->GetState()->InitCalled())
return status;
+ wchar_t* name = NULL;
do {
void* memory = GetGlobalIPCMemory();
if (NULL == memory)
@@ -315,7 +322,6 @@ NTSTATUS WINAPI TargetNtSetInformationFile(
break;
}
- wchar_t* name;
NTSTATUS ret = AllocAndCopyName(&object_attributes, &name, NULL, NULL);
if (!NT_SUCCESS(ret) || !name)
break;
@@ -345,6 +351,9 @@ NTSTATUS WINAPI TargetNtSetInformationFile(
status = answer.nt_status;
} while (false);
+ if (name)
+ operator delete(name, NT_ALLOC);
+
return status;
}
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698