| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/process/process_handle.h" | 5 #include "base/process/process_handle.h" |
| 6 | 6 |
| 7 #include <windows.h> | 7 #include <windows.h> |
| 8 | 8 |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/win/scoped_handle.h" | 10 #include "base/win/scoped_handle.h" |
| 11 #include "base/win/windows_version.h" | 11 #include "base/win/windows_version.h" |
| 12 | 12 |
| 13 namespace base { | 13 namespace base { |
| 14 | 14 |
| 15 ProcessId GetCurrentProcId() { | 15 ProcessId GetCurrentProcId() { |
| 16 return ::GetCurrentProcessId(); | 16 return ::GetCurrentProcessId(); |
| 17 } | 17 } |
| 18 | 18 |
| 19 ProcessHandle GetCurrentProcessHandle() { | 19 ProcessHandle GetCurrentProcessHandle() { |
| 20 return ::GetCurrentProcess(); | 20 return ::GetCurrentProcess(); |
| 21 } | 21 } |
| 22 | 22 |
| 23 ProcessId GetProcId(ProcessHandle process) { | 23 ProcessId GetProcId(ProcessHandle process) { |
| 24 // This returns 0 if we have insufficient rights to query the process handle. | 24 // This returns 0 if we have insufficient rights to query the process handle. |
| 25 return GetProcessId(process); | 25 return GetProcessId(process); |
| 26 } | 26 } |
| 27 | 27 |
| 28 bool GetProcessIntegrityLevel(ProcessHandle process, IntegrityLevel *level) { | |
| 29 if (!level) | |
| 30 return false; | |
| 31 | |
| 32 if (win::GetVersion() < base::win::VERSION_VISTA) | |
| 33 return false; | |
| 34 | |
| 35 HANDLE process_token; | |
| 36 if (!OpenProcessToken(process, TOKEN_QUERY | TOKEN_QUERY_SOURCE, | |
| 37 &process_token)) | |
| 38 return false; | |
| 39 | |
| 40 win::ScopedHandle scoped_process_token(process_token); | |
| 41 | |
| 42 DWORD token_info_length = 0; | |
| 43 if (GetTokenInformation(process_token, TokenIntegrityLevel, NULL, 0, | |
| 44 &token_info_length) || | |
| 45 GetLastError() != ERROR_INSUFFICIENT_BUFFER) | |
| 46 return false; | |
| 47 | |
| 48 scoped_ptr<char[]> token_label_bytes(new char[token_info_length]); | |
| 49 if (!token_label_bytes.get()) | |
| 50 return false; | |
| 51 | |
| 52 TOKEN_MANDATORY_LABEL* token_label = | |
| 53 reinterpret_cast<TOKEN_MANDATORY_LABEL*>(token_label_bytes.get()); | |
| 54 if (!token_label) | |
| 55 return false; | |
| 56 | |
| 57 if (!GetTokenInformation(process_token, TokenIntegrityLevel, token_label, | |
| 58 token_info_length, &token_info_length)) | |
| 59 return false; | |
| 60 | |
| 61 DWORD integrity_level = *GetSidSubAuthority(token_label->Label.Sid, | |
| 62 (DWORD)(UCHAR)(*GetSidSubAuthorityCount(token_label->Label.Sid)-1)); | |
| 63 | |
| 64 if (integrity_level < SECURITY_MANDATORY_MEDIUM_RID) { | |
| 65 *level = LOW_INTEGRITY; | |
| 66 } else if (integrity_level >= SECURITY_MANDATORY_MEDIUM_RID && | |
| 67 integrity_level < SECURITY_MANDATORY_HIGH_RID) { | |
| 68 *level = MEDIUM_INTEGRITY; | |
| 69 } else if (integrity_level >= SECURITY_MANDATORY_HIGH_RID) { | |
| 70 *level = HIGH_INTEGRITY; | |
| 71 } else { | |
| 72 NOTREACHED(); | |
| 73 return false; | |
| 74 } | |
| 75 | |
| 76 return true; | |
| 77 } | |
| 78 | |
| 79 } // namespace base | 28 } // namespace base |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 921913002:
Move GetProcessIntegrityLevel to file_info.h and remove the handle argument. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master