Index: components/nacl/browser/nacl_process_host.cc |
diff --git a/components/nacl/browser/nacl_process_host.cc b/components/nacl/browser/nacl_process_host.cc |
index 07bee0a8b8a960ecdde44b3e007a0e3b07fb7c1e..fbfa0c3bedeef9bfd7adb86e2c2619db082e8689 100644 |
--- a/components/nacl/browser/nacl_process_host.cc |
+++ b/components/nacl/browser/nacl_process_host.cc |
@@ -913,7 +913,7 @@ bool NaClProcessHost::StartNaClExecution() { |
return false; |
} |
- base::FilePath file_path; |
+ base::FilePath nexe_file_path; |
// Don't retrieve the file path when using nonsfi mode; there's no validation |
// caching in that case, so it's unnecessary work, and would expose the file |
// path to the plugin. |
@@ -928,48 +928,78 @@ bool NaClProcessHost::StartNaClExecution() { |
} |
} else if (NaClBrowser::GetInstance()->GetFilePath(nexe_token_.lo, |
nexe_token_.hi, |
- &file_path)) { |
- // We have to reopen the file in the browser process; we don't want a |
- // compromised renderer to pass an arbitrary fd that could get loaded |
+ &nexe_file_path)) { |
+ std::vector<base::FilePath> nexe_file_paths(resource_files_info_len_ + 1); |
+ nexe_file_paths[0] = nexe_file_path; |
+ for (size_t i = 0; i < resource_files_info_len_; ++i) { |
+ if (!NaClBrowser::GetInstance()->GetFilePath( |
+ resource_files_info_[i].file_token().lo, |
+ resource_files_info_[i].file_token().hi, |
+ &nexe_file_paths[i + 1])) { |
+ nexe_file_paths.resize(1); // We still need to open the main nexe file. |
+ break; |
+ } |
+ } |
+ // We have to reopen the files in the browser process; we don't want a |
+ // compromised renderer to pass arbitrary fds that could get loaded |
// into the plugin process. |
if (base::PostTaskAndReplyWithResult( |
content::BrowserThread::GetBlockingPool(), |
FROM_HERE, |
- base::Bind(OpenNaClReadExecImpl, |
- file_path, |
+ base::Bind(OpenNaClFilesReadExecImpl, |
+ nexe_file_paths, |
true /* is_executable */), |
- base::Bind(&NaClProcessHost::StartNaClFileResolved, |
+ base::Bind(&NaClProcessHost::StartNaClFilesResolved, |
weak_factory_.GetWeakPtr(), |
params, |
- file_path))) { |
+ nexe_file_paths.size()))) { |
return true; |
} |
} |
params.nexe_file = IPC::TakeFileHandleForProcess(nexe_file_.Pass(), |
process_->GetData().handle); |
- |
params.CheckNumOfDescriptors(); |
process_->Send(new NaClProcessMsg_Start(params)); |
return true; |
} |
-void NaClProcessHost::StartNaClFileResolved( |
+void NaClProcessHost::StartNaClFilesResolved( |
NaClStartParams params, |
- const base::FilePath& file_path, |
- base::File checked_nexe_file) { |
- if (checked_nexe_file.IsValid()) { |
+ size_t checked_nexe_files_len, |
+ scoped_ptr<OpenNaClFileReadExecImplResult[]> checked_nexe_files) { |
+ // The first element of the array is for the main nexe. |
+ DCHECK(checked_nexe_files_len > 0); |
+ if (checked_nexe_files[0].IsValid()) { |
// Release the file received from the renderer. This has to be done on a |
// thread where IO is permitted, though. |
content::BrowserThread::GetBlockingPool()->PostTask( |
FROM_HERE, |
base::Bind(&CloseFile, base::Passed(nexe_file_.Pass()))); |
- params.nexe_file_path_metadata = file_path; |
+ params.nexe_file_path_metadata = checked_nexe_files[0].file_path(); |
params.nexe_file = IPC::TakeFileHandleForProcess( |
- checked_nexe_file.Pass(), process_->GetData().handle); |
+ checked_nexe_files[0].file().Pass(), process_->GetData().handle); |
} else { |
params.nexe_file = IPC::TakeFileHandleForProcess( |
nexe_file_.Pass(), process_->GetData().handle); |
} |
+ |
+ // The rest is for resource files. |
+ for (size_t i = 1; i < checked_nexe_files_len; ++i) { |
+ // Release the resource files received from the renderer too. |
+ content::BrowserThread::GetBlockingPool()->PostTask( |
+ FROM_HERE, |
+ base::Bind(&CloseFile, |
+ base::Passed(resource_files_info_[i - 1].file().Pass()))); |
+ if (!checked_nexe_files[i].IsValid()) |
+ continue; |
+ IPC::PlatformFileForTransit file = IPC::TakeFileHandleForProcess( |
+ checked_nexe_files[i].file().Pass(), process_->GetData().handle); |
+ std::string file_key = resource_files_info_[i - 1].file_key(); |
+ params.resource_files.push_back(NaClStartParams::ResourceFileInfo( |
+ file, checked_nexe_files[i].file_path(), file_key)); |
+ } |
+ |
+ params.CheckNumOfDescriptors(); |
process_->Send(new NaClProcessMsg_Start(params)); |
} |