| Index: components/nacl/renderer/ppb_nacl_private_impl.cc
|
| diff --git a/components/nacl/renderer/ppb_nacl_private_impl.cc b/components/nacl/renderer/ppb_nacl_private_impl.cc
|
| index 3c84afe5d1ee4a16187fef0b715342f5b239acf4..fb5e6dc9e356f52fef1a591e386cada970e43eaf 100644
|
| --- a/components/nacl/renderer/ppb_nacl_private_impl.cc
|
| +++ b/components/nacl/renderer/ppb_nacl_private_impl.cc
|
| @@ -89,6 +89,21 @@ bool InitializePnaclResourceHost() {
|
| return true;
|
| }
|
|
|
| +bool CanOpenViaFastPath(content::PepperPluginInstance* plugin_instance,
|
| + const GURL& gurl) {
|
| + // Fast path only works for installed file URLs.
|
| + if (!gurl.SchemeIs("chrome-extension"))
|
| + return PP_kInvalidFileHandle;
|
| +
|
| + // IMPORTANT: Make sure the document can request the given URL. If we don't
|
| + // check, a malicious app could probe the extension system. This enforces a
|
| + // same-origin policy which prevents the app from requesting resources from
|
| + // another app.
|
| + blink::WebSecurityOrigin security_origin =
|
| + plugin_instance->GetContainer()->element().document().securityOrigin();
|
| + return security_origin.canRequest(gurl);
|
| +}
|
| +
|
| // This contains state that is produced by LaunchSelLdr() and consumed
|
| // by StartPpapiProxy().
|
| struct InstanceInfo {
|
| @@ -375,7 +390,10 @@ void LaunchSelLdr(PP_Instance instance,
|
| int routing_id = GetRoutingID(instance);
|
| NexeLoadManager* load_manager = GetNexeLoadManager(instance);
|
| DCHECK(load_manager);
|
| - if (!routing_id || !load_manager) {
|
| + content::PepperPluginInstance* plugin_instance =
|
| + content::PepperPluginInstance::Get(instance);
|
| + DCHECK(plugin_instance);
|
| + if (!routing_id || !load_manager || !plugin_instance) {
|
| if (nexe_file_info->handle != PP_kInvalidFileHandle) {
|
| base::File closer(nexe_file_info->handle);
|
| }
|
| @@ -401,6 +419,23 @@ void LaunchSelLdr(PP_Instance instance,
|
|
|
| IPC::PlatformFileForTransit nexe_for_transit =
|
| IPC::InvalidPlatformFileForTransit();
|
| +
|
| + std::vector<std::pair<
|
| + std::string /*key*/, std::string /*url*/> > resource_files_to_prefetch;
|
| + if (process_type == kNativeNaClProcessType && uses_nonsfi_mode) {
|
| + JsonManifest* manifest = GetJsonManifest(instance);
|
| + if (manifest)
|
| + manifest->GetPrefetchableFiles(&resource_files_to_prefetch);
|
| + for (size_t i = 0; i < resource_files_to_prefetch.size(); ++i) {
|
| + const GURL gurl(resource_files_to_prefetch[i].second);
|
| + // Important security check. Do not remove.
|
| + if (!CanOpenViaFastPath(plugin_instance, gurl)) {
|
| + resource_files_to_prefetch.clear();
|
| + break;
|
| + }
|
| + }
|
| + }
|
| +
|
| #if defined(OS_POSIX)
|
| if (nexe_file_info->handle != PP_kInvalidFileHandle)
|
| nexe_for_transit = base::FileDescriptor(nexe_file_info->handle, true);
|
| @@ -418,6 +453,7 @@ void LaunchSelLdr(PP_Instance instance,
|
| nexe_for_transit,
|
| nexe_file_info->token_lo,
|
| nexe_file_info->token_hi,
|
| + resource_files_to_prefetch,
|
| routing_id,
|
| perm_bits,
|
| PP_ToBool(uses_nonsfi_mode),
|
| @@ -711,11 +747,6 @@ PP_FileHandle OpenNaClExecutable(PP_Instance instance,
|
| const char* file_url,
|
| uint64_t* nonce_lo,
|
| uint64_t* nonce_hi) {
|
| - // Fast path only works for installed file URLs.
|
| - GURL gurl(file_url);
|
| - if (!gurl.SchemeIs("chrome-extension"))
|
| - return PP_kInvalidFileHandle;
|
| -
|
| NexeLoadManager* load_manager = GetNexeLoadManager(instance);
|
| DCHECK(load_manager);
|
| if (!load_manager)
|
| @@ -725,13 +756,10 @@ PP_FileHandle OpenNaClExecutable(PP_Instance instance,
|
| content::PepperPluginInstance::Get(instance);
|
| if (!plugin_instance)
|
| return PP_kInvalidFileHandle;
|
| - // IMPORTANT: Make sure the document can request the given URL. If we don't
|
| - // check, a malicious app could probe the extension system. This enforces a
|
| - // same-origin policy which prevents the app from requesting resources from
|
| - // another app.
|
| - blink::WebSecurityOrigin security_origin =
|
| - plugin_instance->GetContainer()->element().document().securityOrigin();
|
| - if (!security_origin.canRequest(gurl))
|
| +
|
| + GURL gurl(file_url);
|
| + // Important security check. Do not remove.
|
| + if (!CanOpenViaFastPath(plugin_instance, gurl))
|
| return PP_kInvalidFileHandle;
|
|
|
| IPC::PlatformFileForTransit out_fd = IPC::InvalidPlatformFileForTransit();
|
|
|
Chromium Code Reviews
Issue 649603004:
Non-SFI NaCl: Batch-open resource files (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master