Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(146)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/target_process.cc

Issue 606443002: Remove implicit HANDLE conversions from sandbox. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/win/src/sync_policy_test.cc ('k') | sandbox/win/tests/common/controller.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/win/src/target_process.h" 5 #include "sandbox/win/src/target_process.h"
6 6
7 #include "base/basictypes.h" 7 #include "base/basictypes.h"
8 #include "base/memory/scoped_ptr.h" 8 #include "base/memory/scoped_ptr.h"
9 #include "base/win/pe_image.h" 9 #include "base/win/pe_image.h"
10 #include "base/win/startup_information.h" 10 #include "base/win/startup_information.h"
(...skipping 114 matching lines...) Expand 10 before | Expand all | Expand 10 after
125 if (startup_info.has_extended_startup_info()) 125 if (startup_info.has_extended_startup_info())
126 flags |= EXTENDED_STARTUPINFO_PRESENT; 126 flags |= EXTENDED_STARTUPINFO_PRESENT;
127 127
128 if (job_ && base::win::GetVersion() < base::win::VERSION_WIN8) { 128 if (job_ && base::win::GetVersion() < base::win::VERSION_WIN8) {
129 // Windows 8 implements nested jobs, but for older systems we need to 129 // Windows 8 implements nested jobs, but for older systems we need to
130 // break out of any job we're in to enforce our restrictions. 130 // break out of any job we're in to enforce our restrictions.
131 flags |= CREATE_BREAKAWAY_FROM_JOB; 131 flags |= CREATE_BREAKAWAY_FROM_JOB;
132 } 132 }
133 133
134 PROCESS_INFORMATION temp_process_info = {}; 134 PROCESS_INFORMATION temp_process_info = {};
135 if (!::CreateProcessAsUserW(lockdown_token_, 135 if (!::CreateProcessAsUserW(lockdown_token_.Get(),
136 exe_path, 136 exe_path,
137 cmd_line.get(), 137 cmd_line.get(),
138 NULL, // No security attribute. 138 NULL, // No security attribute.
139 NULL, // No thread attribute. 139 NULL, // No thread attribute.
140 inherit_handles, 140 inherit_handles,
141 flags, 141 flags,
142 NULL, // Use the environment of the caller. 142 NULL, // Use the environment of the caller.
143 NULL, // Use current directory of the caller. 143 NULL, // Use current directory of the caller.
144 startup_info.startup_info(), 144 startup_info.startup_info(),
145 &temp_process_info)) { 145 &temp_process_info)) {
(...skipping 11 matching lines...) Expand all
157 ::TerminateProcess(process_info.process_handle(), 0); 157 ::TerminateProcess(process_info.process_handle(), 0);
158 return win_result; 158 return win_result;
159 } 159 }
160 } 160 }
161 161
162 if (initial_token_.IsValid()) { 162 if (initial_token_.IsValid()) {
163 // Change the token of the main thread of the new process for the 163 // Change the token of the main thread of the new process for the
164 // impersonation token with more rights. This allows the target to start; 164 // impersonation token with more rights. This allows the target to start;
165 // otherwise it will crash too early for us to help. 165 // otherwise it will crash too early for us to help.
166 HANDLE temp_thread = process_info.thread_handle(); 166 HANDLE temp_thread = process_info.thread_handle();
167 if (!::SetThreadToken(&temp_thread, initial_token_)) { 167 if (!::SetThreadToken(&temp_thread, initial_token_.Get())) {
168 win_result = ::GetLastError(); 168 win_result = ::GetLastError();
169 // It might be a security breach if we let the target run outside the job 169 // It might be a security breach if we let the target run outside the job
170 // so kill it before it causes damage. 170 // so kill it before it causes damage.
171 ::TerminateProcess(process_info.process_handle(), 0); 171 ::TerminateProcess(process_info.process_handle(), 0);
172 return win_result; 172 return win_result;
173 } 173 }
174 initial_token_.Close(); 174 initial_token_.Close();
175 } 175 }
176 176
177 CONTEXT context; 177 CONTEXT context;
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after
254 shared_policy_size); 254 shared_policy_size);
255 shared_section_.Set(::CreateFileMappingW(INVALID_HANDLE_VALUE, NULL, 255 shared_section_.Set(::CreateFileMappingW(INVALID_HANDLE_VALUE, NULL,
256 PAGE_READWRITE | SEC_COMMIT, 256 PAGE_READWRITE | SEC_COMMIT,
257 0, shared_mem_size, NULL)); 257 0, shared_mem_size, NULL));
258 if (!shared_section_.IsValid()) { 258 if (!shared_section_.IsValid()) {
259 return ::GetLastError(); 259 return ::GetLastError();
260 } 260 }
261 261
262 DWORD access = FILE_MAP_READ | FILE_MAP_WRITE; 262 DWORD access = FILE_MAP_READ | FILE_MAP_WRITE;
263 HANDLE target_shared_section; 263 HANDLE target_shared_section;
264 if (!::DuplicateHandle(::GetCurrentProcess(), shared_section_, 264 if (!::DuplicateHandle(::GetCurrentProcess(), shared_section_.Get(),
265 sandbox_process_info_.process_handle(), 265 sandbox_process_info_.process_handle(),
266 &target_shared_section, access, FALSE, 0)) { 266 &target_shared_section, access, FALSE, 0)) {
267 return ::GetLastError(); 267 return ::GetLastError();
268 } 268 }
269 269
270 void* shared_memory = ::MapViewOfFile(shared_section_, 270 void* shared_memory = ::MapViewOfFile(shared_section_.Get(),
271 FILE_MAP_WRITE|FILE_MAP_READ, 271 FILE_MAP_WRITE|FILE_MAP_READ,
272 0, 0, 0); 272 0, 0, 0);
273 if (NULL == shared_memory) { 273 if (NULL == shared_memory) {
274 return ::GetLastError(); 274 return ::GetLastError();
275 } 275 }
276 276
277 CopyPolicyToTarget(policy, shared_policy_size, 277 CopyPolicyToTarget(policy, shared_policy_size,
278 reinterpret_cast<char*>(shared_memory) + shared_IPC_size); 278 reinterpret_cast<char*>(shared_memory) + shared_IPC_size);
279 279
280 ResultCode ret; 280 ResultCode ret;
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after
328 TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address) { 328 TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address) {
329 TargetProcess* target = new TargetProcess(NULL, NULL, NULL, NULL); 329 TargetProcess* target = new TargetProcess(NULL, NULL, NULL, NULL);
330 PROCESS_INFORMATION process_info = {}; 330 PROCESS_INFORMATION process_info = {};
331 process_info.hProcess = process; 331 process_info.hProcess = process;
332 target->sandbox_process_info_.Set(process_info); 332 target->sandbox_process_info_.Set(process_info);
333 target->base_address_ = base_address; 333 target->base_address_ = base_address;
334 return target; 334 return target;
335 } 335 }
336 336
337 } // namespace sandbox 337 } // namespace sandbox
OLDNEW
« no previous file with comments | « sandbox/win/src/sync_policy_test.cc ('k') | sandbox/win/tests/common/controller.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698