Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(698)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/common/pepper_permission_util.cc

Issue 264923011: Add a whitelist check for nacl-nonsfi mode (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: feedback Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/nacl_host/nacl_browser_delegate_impl.cc ('K') | « chrome/chrome_tests_unit.gypi ('k') | chrome/common/pepper_permission_util_unittest.cc » ('j') | chrome/common/pepper_permission_util_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/common/pepper_permission_util.cc
diff --git a/chrome/common/pepper_permission_util.cc b/chrome/common/pepper_permission_util.cc
index a8e767539da0a18ca8112348597b9119d9cc604e..9bd271dfa92be2bf2fe263eca05b2f7e63fc4611 100644
--- a/chrome/common/pepper_permission_util.cc
+++ b/chrome/common/pepper_permission_util.cc
@@ -17,6 +17,7 @@
using extensions::Extension;
using extensions::Manifest;
+using extensions::SharedModuleInfo;
namespace chrome {
@@ -50,16 +51,19 @@ bool IsExtensionOrSharedModuleWhitelisted(
const Extension* extension = extension_set ? extension_set->GetByID(host)
: NULL;
if (extension) {
jln (very slow on Chromium) 2014/05/08 23:22:41 Nit: I would find "if (!extension) { return false;
elijahtaylor1 2014/05/09 00:33:28 Done.
- typedef std::vector<extensions::SharedModuleInfo::ImportInfo>
- ImportInfoVector;
- const ImportInfoVector& imports =
- extensions::SharedModuleInfo::GetImports(extension);
+ typedef std::vector<SharedModuleInfo::ImportInfo> ImportInfoVector;
+ const ImportInfoVector& imports = SharedModuleInfo::GetImports(extension);
for (ImportInfoVector::const_iterator it = imports.begin();
it != imports.end(); ++it) {
const Extension* imported_extension = extension_set->GetByID(
it->extension_id);
if (imported_extension &&
- extensions::SharedModuleInfo::IsSharedModule(imported_extension) &&
+ SharedModuleInfo::IsSharedModule(imported_extension) &&
+ // We check the whitelist explicitly even though the extension should
+ // never have been allowed to be installed in the first place if this
+ // fails.
+ SharedModuleInfo::IsExportAllowedByWhitelist(imported_extension,
+ host) &&
HostIsInSet(it->extension_id, whitelist)) {
return true;
}
« chrome/browser/nacl_host/nacl_browser_delegate_impl.cc ('K') | « chrome/chrome_tests_unit.gypi ('k') | chrome/common/pepper_permission_util_unittest.cc » ('j') | chrome/common/pepper_permission_util_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698