| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <memory> | 5 #include <memory> |
| 6 #include <string> | 6 #include <string> |
| 7 | 7 |
| 8 #include "base/strings/string16.h" | 8 #include "base/strings/string16.h" |
| 9 #include "base/strings/sys_string_conversions.h" | 9 #include "base/strings/sys_string_conversions.h" |
| 10 #include "base/win/scoped_handle.h" | 10 #include "base/win/scoped_handle.h" |
| 11 #include "base/win/scoped_process_information.h" | 11 #include "base/win/scoped_process_information.h" |
| 12 #include "base/win/windows_version.h" | 12 #include "base/win/windows_version.h" |
| 13 #include "sandbox/win/src/sandbox.h" | 13 #include "sandbox/win/src/sandbox.h" |
| 14 #include "sandbox/win/src/sandbox_factory.h" | 14 #include "sandbox/win/src/sandbox_factory.h" |
| 15 #include "sandbox/win/src/sandbox_policy.h" | 15 #include "sandbox/win/src/sandbox_policy.h" |
| 16 #include "sandbox/win/tests/common/controller.h" | 16 #include "sandbox/win/tests/common/controller.h" |
| 17 #include "testing/gtest/include/gtest/gtest.h" | 17 #include "testing/gtest/include/gtest/gtest.h" |
| 18 | 18 |
| 19 namespace { | 19 namespace { |
| 20 | 20 |
| 21 // While the shell API provides better calls than this home brew function | 21 // While the shell API provides better calls than this home brew function |
| 22 // we use GetSystemWindowsDirectoryW which does not query the registry so | 22 // we use GetSystemWindowsDirectoryW which does not query the registry so |
| 23 // it is safe to use after revert. | 23 // it is safe to use after revert. |
| 24 string16 MakeFullPathToSystem32(const wchar_t* name) { | 24 base::string16 MakeFullPathToSystem32(const wchar_t* name) { |
| 25 wchar_t windows_path[MAX_PATH] = {0}; | 25 wchar_t windows_path[MAX_PATH] = {0}; |
| 26 ::GetSystemWindowsDirectoryW(windows_path, MAX_PATH); | 26 ::GetSystemWindowsDirectoryW(windows_path, MAX_PATH); |
| 27 string16 full_path(windows_path); | 27 base::string16 full_path(windows_path); |
| 28 if (full_path.empty()) { | 28 if (full_path.empty()) { |
| 29 return full_path; | 29 return full_path; |
| 30 } | 30 } |
| 31 full_path += L"\\system32\\"; | 31 full_path += L"\\system32\\"; |
| 32 full_path += name; | 32 full_path += name; |
| 33 return full_path; | 33 return full_path; |
| 34 } | 34 } |
| 35 | 35 |
| 36 // Creates a process with the |exe| and |command| parameter using the | 36 // Creates a process with the |exe| and |command| parameter using the |
| 37 // unicode and ascii version of the api. | 37 // unicode and ascii version of the api. |
| 38 sandbox::SboxTestResult CreateProcessHelper(const string16& exe, | 38 sandbox::SboxTestResult CreateProcessHelper(const base::string16& exe, |
| 39 const string16& command) { | 39 const base::string16& command) { |
| 40 base::win::ScopedProcessInformation pi; | 40 base::win::ScopedProcessInformation pi; |
| 41 STARTUPINFOW si = {sizeof(si)}; | 41 STARTUPINFOW si = {sizeof(si)}; |
| 42 | 42 |
| 43 const wchar_t *exe_name = NULL; | 43 const wchar_t *exe_name = NULL; |
| 44 if (!exe.empty()) | 44 if (!exe.empty()) |
| 45 exe_name = exe.c_str(); | 45 exe_name = exe.c_str(); |
| 46 | 46 |
| 47 const wchar_t *cmd_line = NULL; | 47 const wchar_t *cmd_line = NULL; |
| 48 if (!command.empty()) | 48 if (!command.empty()) |
| 49 cmd_line = command.c_str(); | 49 cmd_line = command.c_str(); |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 102 | 102 |
| 103 namespace sandbox { | 103 namespace sandbox { |
| 104 | 104 |
| 105 SBOX_TESTS_COMMAND int Process_RunApp1(int argc, wchar_t **argv) { | 105 SBOX_TESTS_COMMAND int Process_RunApp1(int argc, wchar_t **argv) { |
| 106 if (argc != 1) { | 106 if (argc != 1) { |
| 107 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 107 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 108 } | 108 } |
| 109 if ((NULL == argv) || (NULL == argv[0])) { | 109 if ((NULL == argv) || (NULL == argv[0])) { |
| 110 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 110 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 111 } | 111 } |
| 112 string16 path = MakeFullPathToSystem32(argv[0]); | 112 base::string16 path = MakeFullPathToSystem32(argv[0]); |
| 113 | 113 |
| 114 // TEST 1: Try with the path in the app_name. | 114 // TEST 1: Try with the path in the app_name. |
| 115 return CreateProcessHelper(path, string16()); | 115 return CreateProcessHelper(path, base::string16()); |
| 116 } | 116 } |
| 117 | 117 |
| 118 SBOX_TESTS_COMMAND int Process_RunApp2(int argc, wchar_t **argv) { | 118 SBOX_TESTS_COMMAND int Process_RunApp2(int argc, wchar_t **argv) { |
| 119 if (argc != 1) { | 119 if (argc != 1) { |
| 120 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 120 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 121 } | 121 } |
| 122 if ((NULL == argv) || (NULL == argv[0])) { | 122 if ((NULL == argv) || (NULL == argv[0])) { |
| 123 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 123 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 124 } | 124 } |
| 125 string16 path = MakeFullPathToSystem32(argv[0]); | 125 base::string16 path = MakeFullPathToSystem32(argv[0]); |
| 126 | 126 |
| 127 // TEST 2: Try with the path in the cmd_line. | 127 // TEST 2: Try with the path in the cmd_line. |
| 128 string16 cmd_line = L"\""; | 128 base::string16 cmd_line = L"\""; |
| 129 cmd_line += path; | 129 cmd_line += path; |
| 130 cmd_line += L"\""; | 130 cmd_line += L"\""; |
| 131 return CreateProcessHelper(string16(), cmd_line); | 131 return CreateProcessHelper(base::string16(), cmd_line); |
| 132 } | 132 } |
| 133 | 133 |
| 134 SBOX_TESTS_COMMAND int Process_RunApp3(int argc, wchar_t **argv) { | 134 SBOX_TESTS_COMMAND int Process_RunApp3(int argc, wchar_t **argv) { |
| 135 if (argc != 1) { | 135 if (argc != 1) { |
| 136 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 136 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 137 } | 137 } |
| 138 if ((NULL == argv) || (NULL == argv[0])) { | 138 if ((NULL == argv) || (NULL == argv[0])) { |
| 139 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 139 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 140 } | 140 } |
| 141 | 141 |
| 142 // TEST 3: Try file name in the cmd_line. | 142 // TEST 3: Try file name in the cmd_line. |
| 143 return CreateProcessHelper(string16(), argv[0]); | 143 return CreateProcessHelper(base::string16(), argv[0]); |
| 144 } | 144 } |
| 145 | 145 |
| 146 SBOX_TESTS_COMMAND int Process_RunApp4(int argc, wchar_t **argv) { | 146 SBOX_TESTS_COMMAND int Process_RunApp4(int argc, wchar_t **argv) { |
| 147 if (argc != 1) { | 147 if (argc != 1) { |
| 148 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 148 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 149 } | 149 } |
| 150 if ((NULL == argv) || (NULL == argv[0])) { | 150 if ((NULL == argv) || (NULL == argv[0])) { |
| 151 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 151 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 152 } | 152 } |
| 153 | 153 |
| 154 // TEST 4: Try file name in the app_name and current directory sets correctly. | 154 // TEST 4: Try file name in the app_name and current directory sets correctly. |
| 155 string16 system32 = MakeFullPathToSystem32(L""); | 155 base::string16 system32 = MakeFullPathToSystem32(L""); |
| 156 wchar_t current_directory[MAX_PATH + 1]; | 156 wchar_t current_directory[MAX_PATH + 1]; |
| 157 int result4; | 157 int result4; |
| 158 bool test_succeeded = false; | 158 bool test_succeeded = false; |
| 159 DWORD ret = ::GetCurrentDirectory(MAX_PATH, current_directory); | 159 DWORD ret = ::GetCurrentDirectory(MAX_PATH, current_directory); |
| 160 if (!ret) | 160 if (!ret) |
| 161 return SBOX_TEST_FIRST_ERROR; | 161 return SBOX_TEST_FIRST_ERROR; |
| 162 | 162 |
| 163 if (ret < MAX_PATH) { | 163 if (ret < MAX_PATH) { |
| 164 current_directory[ret] = L'\\'; | 164 current_directory[ret] = L'\\'; |
| 165 current_directory[ret+1] = L'\0'; | 165 current_directory[ret+1] = L'\0'; |
| 166 if (::SetCurrentDirectory(system32.c_str())) { | 166 if (::SetCurrentDirectory(system32.c_str())) { |
| 167 result4 = CreateProcessHelper(argv[0], string16()); | 167 result4 = CreateProcessHelper(argv[0], base::string16()); |
| 168 if (::SetCurrentDirectory(current_directory)) { | 168 if (::SetCurrentDirectory(current_directory)) { |
| 169 test_succeeded = true; | 169 test_succeeded = true; |
| 170 } | 170 } |
| 171 } else { | 171 } else { |
| 172 return SBOX_TEST_SECOND_ERROR; | 172 return SBOX_TEST_SECOND_ERROR; |
| 173 } | 173 } |
| 174 } | 174 } |
| 175 if (!test_succeeded) | 175 if (!test_succeeded) |
| 176 result4 = SBOX_TEST_FAILED; | 176 result4 = SBOX_TEST_FAILED; |
| 177 | 177 |
| 178 return result4; | 178 return result4; |
| 179 } | 179 } |
| 180 | 180 |
| 181 SBOX_TESTS_COMMAND int Process_RunApp5(int argc, wchar_t **argv) { | 181 SBOX_TESTS_COMMAND int Process_RunApp5(int argc, wchar_t **argv) { |
| 182 if (argc != 1) { | 182 if (argc != 1) { |
| 183 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 183 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 184 } | 184 } |
| 185 if ((NULL == argv) || (NULL == argv[0])) { | 185 if ((NULL == argv) || (NULL == argv[0])) { |
| 186 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 186 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 187 } | 187 } |
| 188 string16 path = MakeFullPathToSystem32(argv[0]); | 188 base::string16 path = MakeFullPathToSystem32(argv[0]); |
| 189 | 189 |
| 190 // TEST 5: Try with the path in the cmd_line and arguments. | 190 // TEST 5: Try with the path in the cmd_line and arguments. |
| 191 string16 cmd_line = L"\""; | 191 base::string16 cmd_line = L"\""; |
| 192 cmd_line += path; | 192 cmd_line += path; |
| 193 cmd_line += L"\" /I"; | 193 cmd_line += L"\" /I"; |
| 194 return CreateProcessHelper(string16(), cmd_line); | 194 return CreateProcessHelper(base::string16(), cmd_line); |
| 195 } | 195 } |
| 196 | 196 |
| 197 SBOX_TESTS_COMMAND int Process_RunApp6(int argc, wchar_t **argv) { | 197 SBOX_TESTS_COMMAND int Process_RunApp6(int argc, wchar_t **argv) { |
| 198 if (argc != 1) { | 198 if (argc != 1) { |
| 199 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 199 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 200 } | 200 } |
| 201 if ((NULL == argv) || (NULL == argv[0])) { | 201 if ((NULL == argv) || (NULL == argv[0])) { |
| 202 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 202 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 203 } | 203 } |
| 204 | 204 |
| 205 // TEST 6: Try with the file_name in the cmd_line and arguments. | 205 // TEST 6: Try with the file_name in the cmd_line and arguments. |
| 206 string16 cmd_line = argv[0]; | 206 base::string16 cmd_line = argv[0]; |
| 207 cmd_line += L" /I"; | 207 cmd_line += L" /I"; |
| 208 return CreateProcessHelper(string16(), cmd_line); | 208 return CreateProcessHelper(base::string16(), cmd_line); |
| 209 } | 209 } |
| 210 | 210 |
| 211 // Creates a process and checks if it's possible to get a handle to it's token. | 211 // Creates a process and checks if it's possible to get a handle to it's token. |
| 212 SBOX_TESTS_COMMAND int Process_GetChildProcessToken(int argc, wchar_t **argv) { | 212 SBOX_TESTS_COMMAND int Process_GetChildProcessToken(int argc, wchar_t **argv) { |
| 213 if (argc != 1) | 213 if (argc != 1) |
| 214 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 214 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 215 | 215 |
| 216 if ((NULL == argv) || (NULL == argv[0])) | 216 if ((NULL == argv) || (NULL == argv[0])) |
| 217 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; | 217 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; |
| 218 | 218 |
| 219 string16 path = MakeFullPathToSystem32(argv[0]); | 219 base::string16 path = MakeFullPathToSystem32(argv[0]); |
| 220 | 220 |
| 221 STARTUPINFOW si = {sizeof(si)}; | 221 STARTUPINFOW si = {sizeof(si)}; |
| 222 | 222 |
| 223 PROCESS_INFORMATION temp_process_info = {}; | 223 PROCESS_INFORMATION temp_process_info = {}; |
| 224 if (!::CreateProcessW(path.c_str(), NULL, NULL, NULL, FALSE, CREATE_SUSPENDED, | 224 if (!::CreateProcessW(path.c_str(), NULL, NULL, NULL, FALSE, CREATE_SUSPENDED, |
| 225 NULL, NULL, &si, &temp_process_info)) { | 225 NULL, NULL, &si, &temp_process_info)) { |
| 226 return SBOX_TEST_FAILED; | 226 return SBOX_TEST_FAILED; |
| 227 } | 227 } |
| 228 base::win::ScopedProcessInformation pi(temp_process_info); | 228 base::win::ScopedProcessInformation pi(temp_process_info); |
| 229 | 229 |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 277 runner.GetPolicy()->SetTokenLevel(USER_INTERACTIVE, USER_INTERACTIVE); | 277 runner.GetPolicy()->SetTokenLevel(USER_INTERACTIVE, USER_INTERACTIVE); |
| 278 | 278 |
| 279 EXPECT_EQ(SBOX_ALL_OK, | 279 EXPECT_EQ(SBOX_ALL_OK, |
| 280 runner.GetPolicy()->AddRule(TargetPolicy::SUBSYS_PROCESS, | 280 runner.GetPolicy()->AddRule(TargetPolicy::SUBSYS_PROCESS, |
| 281 TargetPolicy::PROCESS_ALL_EXEC, | 281 TargetPolicy::PROCESS_ALL_EXEC, |
| 282 L"this is not important")); | 282 L"this is not important")); |
| 283 } | 283 } |
| 284 | 284 |
| 285 TEST(ProcessPolicyTest, CreateProcessAW) { | 285 TEST(ProcessPolicyTest, CreateProcessAW) { |
| 286 TestRunner runner; | 286 TestRunner runner; |
| 287 string16 exe_path = MakeFullPathToSystem32(L"findstr.exe"); | 287 base::string16 exe_path = MakeFullPathToSystem32(L"findstr.exe"); |
| 288 string16 system32 = MakeFullPathToSystem32(L""); | 288 base::string16 system32 = MakeFullPathToSystem32(L""); |
| 289 ASSERT_TRUE(!exe_path.empty()); | 289 ASSERT_TRUE(!exe_path.empty()); |
| 290 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, | 290 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, |
| 291 TargetPolicy::PROCESS_MIN_EXEC, | 291 TargetPolicy::PROCESS_MIN_EXEC, |
| 292 exe_path.c_str())); | 292 exe_path.c_str())); |
| 293 | 293 |
| 294 // Need to add directory rules for the directories that we use in | 294 // Need to add directory rules for the directories that we use in |
| 295 // SetCurrentDirectory. | 295 // SetCurrentDirectory. |
| 296 EXPECT_TRUE(runner.AddFsRule(TargetPolicy::FILES_ALLOW_DIR_ANY, | 296 EXPECT_TRUE(runner.AddFsRule(TargetPolicy::FILES_ALLOW_DIR_ANY, |
| 297 system32.c_str())); | 297 system32.c_str())); |
| 298 | 298 |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 332 #endif | 332 #endif |
| 333 } | 333 } |
| 334 | 334 |
| 335 TEST(ProcessPolicyTest, OpenToken) { | 335 TEST(ProcessPolicyTest, OpenToken) { |
| 336 TestRunner runner; | 336 TestRunner runner; |
| 337 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"Process_OpenToken")); | 337 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"Process_OpenToken")); |
| 338 } | 338 } |
| 339 | 339 |
| 340 TEST(ProcessPolicyTest, TestGetProcessTokenMinAccess) { | 340 TEST(ProcessPolicyTest, TestGetProcessTokenMinAccess) { |
| 341 TestRunner runner; | 341 TestRunner runner; |
| 342 string16 exe_path = MakeFullPathToSystem32(L"findstr.exe"); | 342 base::string16 exe_path = MakeFullPathToSystem32(L"findstr.exe"); |
| 343 ASSERT_TRUE(!exe_path.empty()); | 343 ASSERT_TRUE(!exe_path.empty()); |
| 344 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, | 344 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, |
| 345 TargetPolicy::PROCESS_MIN_EXEC, | 345 TargetPolicy::PROCESS_MIN_EXEC, |
| 346 exe_path.c_str())); | 346 exe_path.c_str())); |
| 347 | 347 |
| 348 EXPECT_EQ(SBOX_TEST_DENIED, | 348 EXPECT_EQ(SBOX_TEST_DENIED, |
| 349 runner.RunTest(L"Process_GetChildProcessToken findstr.exe")); | 349 runner.RunTest(L"Process_GetChildProcessToken findstr.exe")); |
| 350 } | 350 } |
| 351 | 351 |
| 352 TEST(ProcessPolicyTest, TestGetProcessTokenMaxAccess) { | 352 TEST(ProcessPolicyTest, TestGetProcessTokenMaxAccess) { |
| 353 TestRunner runner(JOB_UNPROTECTED, USER_INTERACTIVE, USER_INTERACTIVE); | 353 TestRunner runner(JOB_UNPROTECTED, USER_INTERACTIVE, USER_INTERACTIVE); |
| 354 string16 exe_path = MakeFullPathToSystem32(L"findstr.exe"); | 354 base::string16 exe_path = MakeFullPathToSystem32(L"findstr.exe"); |
| 355 ASSERT_TRUE(!exe_path.empty()); | 355 ASSERT_TRUE(!exe_path.empty()); |
| 356 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, | 356 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, |
| 357 TargetPolicy::PROCESS_ALL_EXEC, | 357 TargetPolicy::PROCESS_ALL_EXEC, |
| 358 exe_path.c_str())); | 358 exe_path.c_str())); |
| 359 | 359 |
| 360 EXPECT_EQ(SBOX_TEST_SUCCEEDED, | 360 EXPECT_EQ(SBOX_TEST_SUCCEEDED, |
| 361 runner.RunTest(L"Process_GetChildProcessToken findstr.exe")); | 361 runner.RunTest(L"Process_GetChildProcessToken findstr.exe")); |
| 362 } | 362 } |
| 363 | 363 |
| 364 TEST(ProcessPolicyTest, TestGetProcessTokenMinAccessNoJob) { | 364 TEST(ProcessPolicyTest, TestGetProcessTokenMinAccessNoJob) { |
| 365 TestRunner runner(JOB_NONE, USER_RESTRICTED_SAME_ACCESS, USER_LOCKDOWN); | 365 TestRunner runner(JOB_NONE, USER_RESTRICTED_SAME_ACCESS, USER_LOCKDOWN); |
| 366 string16 exe_path = MakeFullPathToSystem32(L"findstr.exe"); | 366 base::string16 exe_path = MakeFullPathToSystem32(L"findstr.exe"); |
| 367 ASSERT_TRUE(!exe_path.empty()); | 367 ASSERT_TRUE(!exe_path.empty()); |
| 368 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, | 368 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, |
| 369 TargetPolicy::PROCESS_MIN_EXEC, | 369 TargetPolicy::PROCESS_MIN_EXEC, |
| 370 exe_path.c_str())); | 370 exe_path.c_str())); |
| 371 | 371 |
| 372 EXPECT_EQ(SBOX_TEST_DENIED, | 372 EXPECT_EQ(SBOX_TEST_DENIED, |
| 373 runner.RunTest(L"Process_GetChildProcessToken findstr.exe")); | 373 runner.RunTest(L"Process_GetChildProcessToken findstr.exe")); |
| 374 } | 374 } |
| 375 | 375 |
| 376 TEST(ProcessPolicyTest, TestGetProcessTokenMaxAccessNoJob) { | 376 TEST(ProcessPolicyTest, TestGetProcessTokenMaxAccessNoJob) { |
| 377 TestRunner runner(JOB_NONE, USER_INTERACTIVE, USER_INTERACTIVE); | 377 TestRunner runner(JOB_NONE, USER_INTERACTIVE, USER_INTERACTIVE); |
| 378 string16 exe_path = MakeFullPathToSystem32(L"findstr.exe"); | 378 base::string16 exe_path = MakeFullPathToSystem32(L"findstr.exe"); |
| 379 ASSERT_TRUE(!exe_path.empty()); | 379 ASSERT_TRUE(!exe_path.empty()); |
| 380 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, | 380 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, |
| 381 TargetPolicy::PROCESS_ALL_EXEC, | 381 TargetPolicy::PROCESS_ALL_EXEC, |
| 382 exe_path.c_str())); | 382 exe_path.c_str())); |
| 383 | 383 |
| 384 EXPECT_EQ(SBOX_TEST_SUCCEEDED, | 384 EXPECT_EQ(SBOX_TEST_SUCCEEDED, |
| 385 runner.RunTest(L"Process_GetChildProcessToken findstr.exe")); | 385 runner.RunTest(L"Process_GetChildProcessToken findstr.exe")); |
| 386 } | 386 } |
| 387 | 387 |
| 388 } // namespace sandbox | 388 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 119713003:
Add base:: to string16s in sandbox/. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src