content/common/sandbox_win.cc - Issue 92173002: Merge 237541 "Revert of https://codereview.chromium.org/71013004/"

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/common/sandbox_win.cc

Issue 92173002: Merge 237541 "Revert of https://codereview.chromium.org/71013004/" (Closed) Base URL: svn://svn.chromium.org/chrome/branches/1721/src/

Patch Set: Created 7 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: content/common/sandbox_win.cc

===================================================================

--- content/common/sandbox_win.cc (revision 237598)

+++ content/common/sandbox_win.cc (working copy)

@@ -467,14 +467,13 @@

if (!::IsProcessInJob(target_process_handle, NULL, &is_in_job)) {

// We need a handle with permission to check the job object.

if (ERROR_ACCESS_DENIED == ::GetLastError()) {

- HANDLE temp_handle;

+ base::win::ScopedHandle process;

CHECK(g_iat_orig_duplicate_handle(::GetCurrentProcess(),

target_process_handle,

::GetCurrentProcess(),

- &temp_handle,

+ process.Receive(),

PROCESS_QUERY_INFORMATION,

FALSE, 0));

- base::win::ScopedHandle process(temp_handle);

CHECK(::IsProcessInJob(process, NULL, &is_in_job));

}

@@ -484,11 +483,10 @@

CHECK(!inherit_handle) << kDuplicateHandleWarning;

// Duplicate the handle again, to get the final permissions.

- HANDLE temp_handle;

+ base::win::ScopedHandle handle;

CHECK(g_iat_orig_duplicate_handle(target_process_handle, *target_handle,

- ::GetCurrentProcess(), &temp_handle,

+ ::GetCurrentProcess(), handle.Receive(),

0, FALSE, DUPLICATE_SAME_ACCESS));

- base::win::ScopedHandle handle(temp_handle);

// Callers use CHECK macro to make sure we get the right stack.

CheckDuplicateHandle(handle);

@@ -602,6 +600,7 @@

return process;

}

+ base::win::ScopedProcessInformation target;

sandbox::TargetPolicy* policy = g_broker_services->CreatePolicy();

sandbox::MitigationFlags mitigations = sandbox::MITIGATION_HEAP_TERMINATE |

@@ -673,13 +672,11 @@

TRACE_EVENT_BEGIN_ETW("StartProcessWithAccess::LAUNCHPROCESS", 0, 0);

- PROCESS_INFORMATION temp_process_info = {};

result = g_broker_services->SpawnTarget(

- cmd_line->GetProgram().value().c_str(),

- cmd_line->GetCommandLineString().c_str(),

- policy, &temp_process_info);

+ cmd_line->GetProgram().value().c_str(),

+ cmd_line->GetCommandLineString().c_str(),

+ policy, target.Receive());

policy->Release();

- base::win::ScopedProcessInformation target(temp_process_info);

TRACE_EVENT_END_ETW("StartProcessWithAccess::LAUNCHPROCESS", 0, 0);

« no previous file with comments | « components/nacl/browser/nacl_process_host.cc ('k') | device/bluetooth/bluetooth_task_manager_win.cc » ('j') | no next file with comments »