| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/filesystem_interception.h" | 5 #include "sandbox/win/src/filesystem_interception.h" |
| 6 | 6 |
| 7 #include "sandbox/win/src/crosscall_client.h" | 7 #include "sandbox/win/src/crosscall_client.h" |
| 8 #include "sandbox/win/src/ipc_tags.h" | 8 #include "sandbox/win/src/ipc_tags.h" |
| 9 #include "sandbox/win/src/policy_params.h" | 9 #include "sandbox/win/src/policy_params.h" |
| 10 #include "sandbox/win/src/policy_target.h" | 10 #include "sandbox/win/src/policy_target.h" |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 67 SharedMemIPCClient ipc(memory); | 67 SharedMemIPCClient ipc(memory); |
| 68 CrossCallReturn answer = {0}; | 68 CrossCallReturn answer = {0}; |
| 69 // The following call must match in the parameters with | 69 // The following call must match in the parameters with |
| 70 // FilesystemDispatcher::ProcessNtCreateFile. | 70 // FilesystemDispatcher::ProcessNtCreateFile. |
| 71 ResultCode code = CrossCall(ipc, IPC_NTCREATEFILE_TAG, name, attributes, | 71 ResultCode code = CrossCall(ipc, IPC_NTCREATEFILE_TAG, name, attributes, |
| 72 desired_access_uint32, file_attributes, sharing, | 72 desired_access_uint32, file_attributes, sharing, |
| 73 disposition, options_uint32, &answer); | 73 disposition, options_uint32, &answer); |
| 74 if (SBOX_ALL_OK != code) | 74 if (SBOX_ALL_OK != code) |
| 75 break; | 75 break; |
| 76 | 76 |
| 77 status = answer.nt_status; |
| 78 |
| 77 if (!NT_SUCCESS(answer.nt_status)) | 79 if (!NT_SUCCESS(answer.nt_status)) |
| 78 return answer.nt_status; | 80 break; |
| 79 | 81 |
| 80 __try { | 82 __try { |
| 81 *file = answer.handle; | 83 *file = answer.handle; |
| 82 io_status->Status = answer.nt_status; | 84 io_status->Status = answer.nt_status; |
| 83 io_status->Information = answer.extended[0].ulong_ptr; | 85 io_status->Information = answer.extended[0].ulong_ptr; |
| 84 status = io_status->Status; | |
| 85 } __except(EXCEPTION_EXECUTE_HANDLER) { | 86 } __except(EXCEPTION_EXECUTE_HANDLER) { |
| 86 break; | 87 break; |
| 87 } | 88 } |
| 88 } while (false); | 89 } while (false); |
| 89 | 90 |
| 90 if (name) | 91 if (name) |
| 91 operator delete(name, NT_ALLOC); | 92 operator delete(name, NT_ALLOC); |
| 92 | 93 |
| 93 return status; | 94 return status; |
| 94 } | 95 } |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 138 break; | 139 break; |
| 139 | 140 |
| 140 SharedMemIPCClient ipc(memory); | 141 SharedMemIPCClient ipc(memory); |
| 141 CrossCallReturn answer = {0}; | 142 CrossCallReturn answer = {0}; |
| 142 ResultCode code = CrossCall(ipc, IPC_NTOPENFILE_TAG, name, attributes, | 143 ResultCode code = CrossCall(ipc, IPC_NTOPENFILE_TAG, name, attributes, |
| 143 desired_access_uint32, sharing, options_uint32, | 144 desired_access_uint32, sharing, options_uint32, |
| 144 &answer); | 145 &answer); |
| 145 if (SBOX_ALL_OK != code) | 146 if (SBOX_ALL_OK != code) |
| 146 break; | 147 break; |
| 147 | 148 |
| 149 status = answer.nt_status; |
| 150 |
| 148 if (!NT_SUCCESS(answer.nt_status)) | 151 if (!NT_SUCCESS(answer.nt_status)) |
| 149 return answer.nt_status; | 152 break; |
| 150 | 153 |
| 151 __try { | 154 __try { |
| 152 *file = answer.handle; | 155 *file = answer.handle; |
| 153 io_status->Status = answer.nt_status; | 156 io_status->Status = answer.nt_status; |
| 154 io_status->Information = answer.extended[0].ulong_ptr; | 157 io_status->Information = answer.extended[0].ulong_ptr; |
| 155 status = io_status->Status; | |
| 156 } __except(EXCEPTION_EXECUTE_HANDLER) { | 158 } __except(EXCEPTION_EXECUTE_HANDLER) { |
| 157 break; | 159 break; |
| 158 } | 160 } |
| 159 } while (false); | 161 } while (false); |
| 160 | 162 |
| 161 if (name) | 163 if (name) |
| 162 operator delete(name, NT_ALLOC); | 164 operator delete(name, NT_ALLOC); |
| 163 | 165 |
| 164 return status; | 166 return status; |
| 165 } | 167 } |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 201 params[FileName::BROKER] = ParamPickerMake(broker); | 203 params[FileName::BROKER] = ParamPickerMake(broker); |
| 202 | 204 |
| 203 if (!QueryBroker(IPC_NTQUERYATTRIBUTESFILE_TAG, params.GetBase())) | 205 if (!QueryBroker(IPC_NTQUERYATTRIBUTESFILE_TAG, params.GetBase())) |
| 204 break; | 206 break; |
| 205 | 207 |
| 206 SharedMemIPCClient ipc(memory); | 208 SharedMemIPCClient ipc(memory); |
| 207 CrossCallReturn answer = {0}; | 209 CrossCallReturn answer = {0}; |
| 208 ResultCode code = CrossCall(ipc, IPC_NTQUERYATTRIBUTESFILE_TAG, name, | 210 ResultCode code = CrossCall(ipc, IPC_NTQUERYATTRIBUTESFILE_TAG, name, |
| 209 attributes, file_info, &answer); | 211 attributes, file_info, &answer); |
| 210 | 212 |
| 211 operator delete(name, NT_ALLOC); | |
| 212 | |
| 213 if (SBOX_ALL_OK != code) | 213 if (SBOX_ALL_OK != code) |
| 214 break; | 214 break; |
| 215 | 215 |
| 216 return answer.nt_status; | 216 status = answer.nt_status; |
| 217 | 217 |
| 218 } while (false); | 218 } while (false); |
| 219 | 219 |
| 220 if (name) | 220 if (name) |
| 221 operator delete(name, NT_ALLOC); | 221 operator delete(name, NT_ALLOC); |
| 222 | 222 |
| 223 return status; | 223 return status; |
| 224 } | 224 } |
| 225 | 225 |
| 226 NTSTATUS WINAPI TargetNtQueryFullAttributesFile( | 226 NTSTATUS WINAPI TargetNtQueryFullAttributesFile( |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 262 params[FileName::BROKER] = ParamPickerMake(broker); | 262 params[FileName::BROKER] = ParamPickerMake(broker); |
| 263 | 263 |
| 264 if (!QueryBroker(IPC_NTQUERYFULLATTRIBUTESFILE_TAG, params.GetBase())) | 264 if (!QueryBroker(IPC_NTQUERYFULLATTRIBUTESFILE_TAG, params.GetBase())) |
| 265 break; | 265 break; |
| 266 | 266 |
| 267 SharedMemIPCClient ipc(memory); | 267 SharedMemIPCClient ipc(memory); |
| 268 CrossCallReturn answer = {0}; | 268 CrossCallReturn answer = {0}; |
| 269 ResultCode code = CrossCall(ipc, IPC_NTQUERYFULLATTRIBUTESFILE_TAG, name, | 269 ResultCode code = CrossCall(ipc, IPC_NTQUERYFULLATTRIBUTESFILE_TAG, name, |
| 270 attributes, file_info, &answer); | 270 attributes, file_info, &answer); |
| 271 | 271 |
| 272 operator delete(name, NT_ALLOC); | |
| 273 | |
| 274 if (SBOX_ALL_OK != code) | 272 if (SBOX_ALL_OK != code) |
| 275 break; | 273 break; |
| 276 | 274 |
| 277 return answer.nt_status; | 275 status = answer.nt_status; |
| 278 } while (false); | 276 } while (false); |
| 279 | 277 |
| 280 if (name) | 278 if (name) |
| 281 operator delete(name, NT_ALLOC); | 279 operator delete(name, NT_ALLOC); |
| 282 | 280 |
| 283 return status; | 281 return status; |
| 284 } | 282 } |
| 285 | 283 |
| 286 NTSTATUS WINAPI TargetNtSetInformationFile( | 284 NTSTATUS WINAPI TargetNtSetInformationFile( |
| 287 NtSetInformationFileFunction orig_SetInformationFile, HANDLE file, | 285 NtSetInformationFileFunction orig_SetInformationFile, HANDLE file, |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 356 status = answer.nt_status; | 354 status = answer.nt_status; |
| 357 } while (false); | 355 } while (false); |
| 358 | 356 |
| 359 if (name) | 357 if (name) |
| 360 operator delete(name, NT_ALLOC); | 358 operator delete(name, NT_ALLOC); |
| 361 | 359 |
| 362 return status; | 360 return status; |
| 363 } | 361 } |
| 364 | 362 |
| 365 } // namespace sandbox | 363 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 849553002:
Fix some sandbox memory leaks (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master