Merge 237541 "Revert of https://codereview.chromium.org/71013004/"

remoting/host/win/launch_process_with_token.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "remoting/host/win/launch_process_with_token.h"
 
 #include <windows.h>
 #include <winternl.h>
 
 #include <limits>
@@ skipping 104 matching lines @@
     return false;
   }
 
   *pipe_out = pipe.Pass();
   return true;
 }
 
 // Copies the process token making it a primary impersonation token.
 // The returned handle will have |desired_access| rights.
 bool CopyProcessToken(DWORD desired_access, ScopedHandle* token_out) {
-  HANDLE temp_handle;
+  ScopedHandle process_token;
   if (!OpenProcessToken(GetCurrentProcess(),
                         TOKEN_DUPLICATE | desired_access,
-                        &temp_handle)) {
+                        process_token.Receive())) {
     LOG_GETLASTERROR(ERROR) << "Failed to open process token";
     return false;
   }
-  ScopedHandle process_token(temp_handle);
 
+  ScopedHandle copied_token;
   if (!DuplicateTokenEx(process_token,
                         desired_access,
                         NULL,
                         SecurityImpersonation,
                         TokenPrimary,
-                        &temp_handle)) {
+                        copied_token.Receive())) {
     LOG_GETLASTERROR(ERROR) << "Failed to duplicate the process token";
     return false;
   }
 
-  token_out->Set(temp_handle);
+  *token_out = copied_token.Pass();
   return true;
 }
 
 // Creates a copy of the current process with SE_TCB_NAME privilege enabled.
 bool CreatePrivilegedToken(ScopedHandle* token_out) {
   ScopedHandle privileged_token;
   DWORD desired_access = TOKEN_ADJUST_PRIVILEGES | TOKEN_IMPERSONATE |
                          TOKEN_DUPLICATE | TOKEN_QUERY;
   if (!CopyProcessToken(desired_access, &privileged_token)) {
     return false;
@@ skipping 305 matching lines @@
                             ScopedHandle* process_out,
                             ScopedHandle* thread_out) {
   base::FilePath::StringType application_name = binary.value();
 
   STARTUPINFOW startup_info;
   memset(&startup_info, 0, sizeof(startup_info));
   startup_info.cb = sizeof(startup_info);
   if (desktop_name)
     startup_info.lpDesktop = const_cast<char16*>(desktop_name);
 
-  PROCESS_INFORMATION temp_process_info = {};
+  base::win::ScopedProcessInformation process_info;
   BOOL result = CreateProcessAsUser(user_token,
                                     application_name.c_str(),
                                     const_cast<LPWSTR>(command_line.c_str()),
                                     process_attributes,
                                     thread_attributes,
                                     inherit_handles,
                                     creation_flags,
                                     NULL,
                                     NULL,
                                     &startup_info,
-                                    &temp_process_info);
+                                    process_info.Receive());
 
   // CreateProcessAsUser will fail on XP and W2K3 with ERROR_PIPE_NOT_CONNECTED
   // if the user hasn't logged to the target session yet. In such a case
   // we try to talk to the execution server directly emulating what
   // the undocumented and not-exported advapi32!CreateRemoteSessionProcessW()
   // function does. The created process will run under Winlogon'a token instead
   // of |user_token|. Since Winlogon runs as SYSTEM, this suits our needs.
   if (!result &&
       GetLastError() == ERROR_PIPE_NOT_CONNECTED &&
       base::win::GetVersion() < base::win::VERSION_VISTA) {
     DWORD session_id;
     DWORD return_length;
     result = GetTokenInformation(user_token,
                                  TokenSessionId,
                                  &session_id,
                                  sizeof(session_id),
                                  &return_length);
     if (result && session_id != 0) {
       result = CreateRemoteSessionProcess(session_id,
                                           application_name,
                                           command_line,
                                           creation_flags,
                                           desktop_name,
-                                          &temp_process_info);
+                                          process_info.Receive());
     } else {
       // Restore the error status returned by CreateProcessAsUser().
       result = FALSE;
       SetLastError(ERROR_PIPE_NOT_CONNECTED);
     }
   }
 
   if (!result) {
     LOG_GETLASTERROR(ERROR) <<
         "Failed to launch a process with a user token";
     return false;
   }
 
-  base::win::ScopedProcessInformation process_info(temp_process_info);
-
   CHECK(process_info.IsValid());
   process_out->Set(process_info.TakeProcessHandle());
   thread_out->Set(process_info.TakeThreadHandle());
   return true;
 }
 
 } // namespace remoting