Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(220)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/src/handle_dispatcher.cc

Issue 10389210: Add a sandbox policy for duplicating handles into the broker. (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: Created 8 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « content/common/sandbox_policy.cc ('k') | sandbox/src/handle_policy.cc » ('j') | sandbox/src/handle_policy.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/src/handle_dispatcher.h" 5 #include "sandbox/src/handle_dispatcher.h"
6 6
7 #include "base/win/scoped_handle.h" 7 #include "base/win/scoped_handle.h"
8 #include "sandbox/src/handle_interception.h" 8 #include "sandbox/src/handle_interception.h"
9 #include "sandbox/src/handle_policy.h" 9 #include "sandbox/src/handle_policy.h"
10 #include "sandbox/src/ipc_tags.h" 10 #include "sandbox/src/ipc_tags.h"
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after
63 OBJECT_TYPE_INFORMATION* type_info = 63 OBJECT_TYPE_INFORMATION* type_info =
64 reinterpret_cast<OBJECT_TYPE_INFORMATION*>(buffer); 64 reinterpret_cast<OBJECT_TYPE_INFORMATION*>(buffer);
65 ULONG size = sizeof(buffer) - sizeof(wchar_t); 65 ULONG size = sizeof(buffer) - sizeof(wchar_t);
66 error = QueryObject(handle, ObjectTypeInformation, type_info, size, &size); 66 error = QueryObject(handle, ObjectTypeInformation, type_info, size, &size);
67 if (!NT_SUCCESS(error)) { 67 if (!NT_SUCCESS(error)) {
68 ipc->return_info.win32_result = error; 68 ipc->return_info.win32_result = error;
69 return false; 69 return false;
70 } 70 }
71 type_info->Name.Buffer[type_info->Name.Length / sizeof(wchar_t)] = L'\0'; 71 type_info->Name.Buffer[type_info->Name.Length / sizeof(wchar_t)] = L'\0';
72 72
73 CountedParameterSet<NameBased> params; 73 CountedParameterSet<HandleTarget> params;
74 params[NameBased::NAME] = ParamPickerMake(type_info->Name.Buffer); 74 params[HandleTarget::NAME] = ParamPickerMake(type_info->Name.Buffer);
75 params[HandleTarget::TARGET] = ParamPickerMake(target_process_id);
75 76
76 EvalResult eval = policy_base_->EvalPolicy(IPC_DUPLICATEHANDLEPROXY_TAG, 77 EvalResult eval = policy_base_->EvalPolicy(IPC_DUPLICATEHANDLEPROXY_TAG,
77 params.GetBase()); 78 params.GetBase());
78 ipc->return_info.win32_result = 79 ipc->return_info.win32_result =
79 HandlePolicy::DuplicateHandleProxyAction(eval, *ipc->client_info, 80 HandlePolicy::DuplicateHandleProxyAction(eval, *ipc->client_info,
80 source_handle, 81 source_handle,
81 target_process_id, 82 target_process_id,
82 &ipc->return_info.handle, 83 &ipc->return_info.handle,
83 desired_access, options); 84 desired_access, options);
84 return true; 85 return true;
85 } 86 }
86 87
87 } // namespace sandbox 88 } // namespace sandbox
88 89
OLDNEW
« no previous file with comments | « content/common/sandbox_policy.cc ('k') | sandbox/src/handle_policy.cc » ('j') | sandbox/src/handle_policy.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698