content/plugin/plugin_main.cc - Issue 10892045: Remove memory hole mitigation for Flash Windows plugin

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/plugin/plugin_main.cc

Issue 10892045: Remove memory hole mitigation for Flash Windows plugin (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: Created 8 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: content/plugin/plugin_main.cc

===================================================================

--- content/plugin/plugin_main.cc (revision 157123)

+++ content/plugin/plugin_main.cc (working copy)

@@ -89,41 +89,6 @@

}

-// VirtualAlloc doesn't randomize well, so we use these calls to poke a

-// random-sized hole in the address space and set an event to later remove it.

-void FreeRandomMemoryHole(void *hole) {

- ::VirtualFree(hole, 0, MEM_RELEASE);

-bool CreateRandomMemoryHole() {

- const uint32_t kRandomValueMax = 8 * 1024; // Yields a 512mb max hole.

- const uint32_t kRandomValueDivisor = 8;

- const uint32_t kMaxWaitSeconds = 18 * 60; // 18 Minutes in seconds.

- COMPILE_ASSERT((kMaxWaitSeconds > (kRandomValueMax / kRandomValueDivisor)),

- kMaxWaitSeconds_value_too_small);

- uint32_t rand_val;

- if (rand_s(&rand_val) != S_OK) {

- DVLOG(ERROR) << "rand_s() failed";

- }

- rand_val %= kRandomValueMax;

- // Reserve a (randomly selected) range of address space.

- if (void* hole = ::VirtualAlloc(NULL, 65536 * (1 + rand_val),

- MEM_RESERVE, PAGE_NOACCESS)) {

- // Set up an event to remove the memory hole. Base the wait time on the

- // inverse of the allocation size, meaning a bigger hole gets a shorter

- // wait (ranging from 1-18 minutes).

- const uint32_t wait = kMaxWaitSeconds - (rand_val / kRandomValueDivisor);

- MessageLoop::current()->PostDelayedTask(FROM_HERE,

- base::Bind(&FreeRandomMemoryHole, hole),

- base::TimeDelta::FromSeconds(wait));

- return true;

- }

- return false;

#endif

// main() routine for running as the plugin process.

@@ -185,11 +150,6 @@

if (IsPluginBuiltInFlash(parsed_command_line)) {

DVLOG(1) << "Sandboxing flash";

- // Poke hole in the address space to improve randomization.

- if (!CreateRandomMemoryHole()) {

- DVLOG(ERROR) << "Failed to create random memory hole";

- }

if (!PreloadIMEForFlash())

DVLOG(1) << "IME preload failed";

DelayedLowerToken(target_services);

« no previous file with comments | « no previous file | no next file » | no next file with comments »