| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <memory> | 5 #include <memory> |
| 6 #include <string> | 6 #include <string> |
| 7 | 7 |
| 8 #include "base/strings/string16.h" | 8 #include "base/strings/string16.h" |
| 9 #include "base/strings/sys_string_conversions.h" | 9 #include "base/strings/sys_string_conversions.h" |
| 10 #include "base/win/scoped_handle.h" | 10 #include "base/win/scoped_handle.h" |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 43 const wchar_t *exe_name = NULL; | 43 const wchar_t *exe_name = NULL; |
| 44 if (!exe.empty()) | 44 if (!exe.empty()) |
| 45 exe_name = exe.c_str(); | 45 exe_name = exe.c_str(); |
| 46 | 46 |
| 47 const wchar_t *cmd_line = NULL; | 47 const wchar_t *cmd_line = NULL; |
| 48 if (!command.empty()) | 48 if (!command.empty()) |
| 49 cmd_line = command.c_str(); | 49 cmd_line = command.c_str(); |
| 50 | 50 |
| 51 // Create the process with the unicode version of the API. | 51 // Create the process with the unicode version of the API. |
| 52 sandbox::SboxTestResult ret1 = sandbox::SBOX_TEST_FAILED; | 52 sandbox::SboxTestResult ret1 = sandbox::SBOX_TEST_FAILED; |
| 53 PROCESS_INFORMATION temp_process_info = {}; | 53 if (!::CreateProcessW(exe_name, const_cast<wchar_t*>(cmd_line), NULL, NULL, |
| 54 if (::CreateProcessW(exe_name, const_cast<wchar_t*>(cmd_line), NULL, NULL, | 54 FALSE, 0, NULL, NULL, &si, pi.Receive())) { |
| 55 FALSE, 0, NULL, NULL, &si, &temp_process_info)) { | |
| 56 pi.Set(temp_process_info); | |
| 57 ret1 = sandbox::SBOX_TEST_SUCCEEDED; | |
| 58 } else { | |
| 59 DWORD last_error = GetLastError(); | 55 DWORD last_error = GetLastError(); |
| 60 if ((ERROR_NOT_ENOUGH_QUOTA == last_error) || | 56 if ((ERROR_NOT_ENOUGH_QUOTA == last_error) || |
| 61 (ERROR_ACCESS_DENIED == last_error) || | 57 (ERROR_ACCESS_DENIED == last_error) || |
| 62 (ERROR_FILE_NOT_FOUND == last_error)) { | 58 (ERROR_FILE_NOT_FOUND == last_error)) { |
| 63 ret1 = sandbox::SBOX_TEST_DENIED; | 59 ret1 = sandbox::SBOX_TEST_DENIED; |
| 64 } else { | 60 } else { |
| 65 ret1 = sandbox::SBOX_TEST_FAILED; | 61 ret1 = sandbox::SBOX_TEST_FAILED; |
| 66 } | 62 } |
| 63 } else { |
| 64 ret1 = sandbox::SBOX_TEST_SUCCEEDED; |
| 67 } | 65 } |
| 68 | 66 |
| 69 pi.Close(); | 67 pi.Close(); |
| 70 | 68 |
| 71 // Do the same with the ansi version of the api | 69 // Do the same with the ansi version of the api |
| 72 STARTUPINFOA sia = {sizeof(sia)}; | 70 STARTUPINFOA sia = {sizeof(sia)}; |
| 73 sandbox::SboxTestResult ret2 = sandbox::SBOX_TEST_FAILED; | 71 sandbox::SboxTestResult ret2 = sandbox::SBOX_TEST_FAILED; |
| 74 | 72 |
| 75 std::string narrow_cmd_line; | 73 std::string narrow_cmd_line; |
| 76 if (cmd_line) | 74 if (cmd_line) |
| 77 narrow_cmd_line = base::SysWideToMultiByte(cmd_line, CP_UTF8); | 75 narrow_cmd_line = base::SysWideToMultiByte(cmd_line, CP_UTF8); |
| 78 if (::CreateProcessA( | 76 if (!::CreateProcessA( |
| 79 exe_name ? base::SysWideToMultiByte(exe_name, CP_UTF8).c_str() : NULL, | 77 exe_name ? base::SysWideToMultiByte(exe_name, CP_UTF8).c_str() : NULL, |
| 80 cmd_line ? const_cast<char*>(narrow_cmd_line.c_str()) : NULL, | 78 cmd_line ? const_cast<char*>(narrow_cmd_line.c_str()) : NULL, |
| 81 NULL, NULL, FALSE, 0, NULL, NULL, &sia, &temp_process_info)) { | 79 NULL, NULL, FALSE, 0, NULL, NULL, &sia, pi.Receive())) { |
| 82 pi.Set(temp_process_info); | |
| 83 ret2 = sandbox::SBOX_TEST_SUCCEEDED; | |
| 84 } else { | |
| 85 DWORD last_error = GetLastError(); | 80 DWORD last_error = GetLastError(); |
| 86 if ((ERROR_NOT_ENOUGH_QUOTA == last_error) || | 81 if ((ERROR_NOT_ENOUGH_QUOTA == last_error) || |
| 87 (ERROR_ACCESS_DENIED == last_error) || | 82 (ERROR_ACCESS_DENIED == last_error) || |
| 88 (ERROR_FILE_NOT_FOUND == last_error)) { | 83 (ERROR_FILE_NOT_FOUND == last_error)) { |
| 89 ret2 = sandbox::SBOX_TEST_DENIED; | 84 ret2 = sandbox::SBOX_TEST_DENIED; |
| 90 } else { | 85 } else { |
| 91 ret2 = sandbox::SBOX_TEST_FAILED; | 86 ret2 = sandbox::SBOX_TEST_FAILED; |
| 92 } | 87 } |
| 88 } else { |
| 89 ret2 = sandbox::SBOX_TEST_SUCCEEDED; |
| 93 } | 90 } |
| 94 | 91 |
| 95 if (ret1 == ret2) | 92 if (ret1 == ret2) |
| 96 return ret1; | 93 return ret1; |
| 97 | 94 |
| 98 return sandbox::SBOX_TEST_FAILED; | 95 return sandbox::SBOX_TEST_FAILED; |
| 99 } | 96 } |
| 100 | 97 |
| 101 } // namespace | 98 } // namespace |
| 102 | 99 |
| (...skipping 108 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 211 // Creates a process and checks if it's possible to get a handle to it's token. | 208 // Creates a process and checks if it's possible to get a handle to it's token. |
| 212 SBOX_TESTS_COMMAND int Process_GetChildProcessToken(int argc, wchar_t **argv) { | 209 SBOX_TESTS_COMMAND int Process_GetChildProcessToken(int argc, wchar_t **argv) { |
| 213 if (argc != 1) | 210 if (argc != 1) |
| 214 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 211 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 215 | 212 |
| 216 if ((NULL == argv) || (NULL == argv[0])) | 213 if ((NULL == argv) || (NULL == argv[0])) |
| 217 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 214 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 218 | 215 |
| 219 string16 path = MakeFullPathToSystem32(argv[0]); | 216 string16 path = MakeFullPathToSystem32(argv[0]); |
| 220 | 217 |
| 218 base::win::ScopedProcessInformation pi; |
| 221 STARTUPINFOW si = {sizeof(si)}; | 219 STARTUPINFOW si = {sizeof(si)}; |
| 222 | 220 |
| 223 PROCESS_INFORMATION temp_process_info = {}; | |
| 224 if (!::CreateProcessW(path.c_str(), NULL, NULL, NULL, FALSE, CREATE_SUSPENDED, | 221 if (!::CreateProcessW(path.c_str(), NULL, NULL, NULL, FALSE, CREATE_SUSPENDED, |
| 225 NULL, NULL, &si, &temp_process_info)) { | 222 NULL, NULL, &si, pi.Receive())) { |
| 226 return SBOX_TEST_FAILED; | 223 return SBOX_TEST_FAILED; |
| 227 } | 224 } |
| 228 base::win::ScopedProcessInformation pi(temp_process_info); | |
| 229 | 225 |
| 230 HANDLE token = NULL; | 226 HANDLE token = NULL; |
| 231 BOOL result = | 227 BOOL result = |
| 232 ::OpenProcessToken(pi.process_handle(), TOKEN_IMPERSONATE, &token); | 228 ::OpenProcessToken(pi.process_handle(), TOKEN_IMPERSONATE, &token); |
| 233 DWORD error = ::GetLastError(); | 229 DWORD error = ::GetLastError(); |
| 234 | 230 |
| 235 base::win::ScopedHandle token_handle(token); | 231 base::win::ScopedHandle token_handle(token); |
| 236 | 232 |
| 237 if (!::TerminateProcess(pi.process_handle(), 0)) | 233 if (!::TerminateProcess(pi.process_handle(), 0)) |
| 238 return SBOX_TEST_FAILED; | 234 return SBOX_TEST_FAILED; |
| (...skipping 140 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 379 ASSERT_TRUE(!exe_path.empty()); | 375 ASSERT_TRUE(!exe_path.empty()); |
| 380 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, | 376 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, |
| 381 TargetPolicy::PROCESS_ALL_EXEC, | 377 TargetPolicy::PROCESS_ALL_EXEC, |
| 382 exe_path.c_str())); | 378 exe_path.c_str())); |
| 383 | 379 |
| 384 EXPECT_EQ(SBOX_TEST_SUCCEEDED, | 380 EXPECT_EQ(SBOX_TEST_SUCCEEDED, |
| 385 runner.RunTest(L"Process_GetChildProcessToken findstr.exe")); | 381 runner.RunTest(L"Process_GetChildProcessToken findstr.exe")); |
| 386 } | 382 } |
| 387 | 383 |
| 388 } // namespace sandbox | 384 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 92173002:
Merge 237541 "Revert of https://codereview.chromium.org/71013004/" (Closed)
Base URL: svn://svn.chromium.org/chrome/branches/1721/src/