diff options
author | wfh <wfh@chromium.org> | 2015-04-10 20:52:25 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-04-11 03:52:58 +0000 |
commit | 7b9fd9686259825cd9ed4f9d999a22eb5e9682f2 (patch) | |
tree | 5bfd8d38e0c5a46688beca945325e893b1f88e7c | |
parent | 92c5e06599547fa733d45f4c000a31acbe0c66f8 (diff) | |
download | chromium_src-7b9fd9686259825cd9ed4f9d999a22eb5e9682f2.zip chromium_src-7b9fd9686259825cd9ed4f9d999a22eb5e9682f2.tar.gz chromium_src-7b9fd9686259825cd9ed4f9d999a22eb5e9682f2.tar.bz2 |
Add new exit code for when browser process is incorrectly running sandboxed.
This should never happen, except if the command line of child processes is incorrectly truncated by 3rd party software.
BUG=453541,385714
Review URL: https://codereview.chromium.org/1073393002
Cr-Commit-Position: refs/heads/master@{#324769}
-rw-r--r-- | chrome/app/chrome_main_delegate.cc | 19 | ||||
-rw-r--r-- | chrome/common/chrome_result_codes.h | 3 | ||||
-rw-r--r-- | tools/metrics/histograms/histograms.xml | 2 |
3 files changed, 24 insertions, 0 deletions
diff --git a/chrome/app/chrome_main_delegate.cc b/chrome/app/chrome_main_delegate.cc index c9578a9..8b2c6dc 100644 --- a/chrome/app/chrome_main_delegate.cc +++ b/chrome/app/chrome_main_delegate.cc @@ -23,6 +23,7 @@ #include "chrome/common/chrome_content_client.h" #include "chrome/common/chrome_paths.h" #include "chrome/common/chrome_paths_internal.h" +#include "chrome/common/chrome_result_codes.h" #include "chrome/common/chrome_switches.h" #include "chrome/common/chrome_version_info.h" #include "chrome/common/crash_keys.h" @@ -171,6 +172,14 @@ void SuppressWindowsErrorDialogs() { SetErrorMode(existing_flags | new_flags); } +bool IsSandboxedProcess() { + typedef bool (*IsSandboxedProcessFunc)(); + IsSandboxedProcessFunc is_sandboxed_process_func = + reinterpret_cast<IsSandboxedProcessFunc>( + GetProcAddress(GetModuleHandle(NULL), "IsSandboxedProcess")); + return is_sandboxed_process_func && is_sandboxed_process_func(); +} + #endif // defined(OS_WIN) #if defined(OS_LINUX) @@ -406,6 +415,16 @@ bool ChromeMainDelegate::BasicStartupComplete(int* exit_code) { const base::CommandLine& command_line = *base::CommandLine::ForCurrentProcess(); + +#if defined(OS_WIN) + // Browser should not be sandboxed. + const bool is_browser = !command_line.HasSwitch(switches::kProcessType); + if (is_browser && IsSandboxedProcess()) { + *exit_code = chrome::RESULT_CODE_INVALID_SANDBOX_STATE; + return true; + } +#endif + #if defined(OS_MACOSX) // Give the browser process a longer treadmill, since crashes // there have more impact. diff --git a/chrome/common/chrome_result_codes.h b/chrome/common/chrome_result_codes.h index 9f80d9d..a5a0fc6 100644 --- a/chrome/common/chrome_result_codes.h +++ b/chrome/common/chrome_result_codes.h @@ -92,6 +92,9 @@ enum ResultCode { // The action is not allowed by a policy. RESULT_CODE_ACTION_DISALLOWED_BY_POLICY, + // An browser process was sandboxed. This should never happen. + RESULT_CODE_INVALID_SANDBOX_STATE, + // Last return code (keep this last). RESULT_CODE_CHROME_LAST_CODE, }; diff --git a/tools/metrics/histograms/histograms.xml b/tools/metrics/histograms/histograms.xml index 2d2ef79..1202a6b 100644 --- a/tools/metrics/histograms/histograms.xml +++ b/tools/metrics/histograms/histograms.xml @@ -63154,6 +63154,8 @@ To add a new entry, add it with any value and run test to compute valid value. <int value="26" label="chrome::RESULT_CODE_NOTUSED_2"/> <int value="27" label="chrome::RESULT_CODE_EULA_REFUSED"/> <int value="28" label="chrome::RESULT_CODE_SXS_MIGRATION_FAILED"/> + <int value="29" label="chrome::RESULT_CODE_ACTION_DISALLOWED_BY_POLICY"/> + <int value="30" label="chrome::RESULT_CODE_INVALID_SANDBOX_STATE"/> <int value="259" label="0x103 - STILL_ACTIVE."/> <int value="1073807364" label="0x40010004 - DBG_TERMINATE_PROCESS"/> </enum> |