diff options
| author | brettw@chromium.org <brettw@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-03-14 05:20:52 +0000 |
|---|---|---|
| committer | brettw@chromium.org <brettw@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-03-14 05:20:52 +0000 |
| commit | d9851bd77eb86992f3a0f37e8de3ad39c0234e21 (patch) | |
| tree | 3ebf07da9aee8259fbb8c4f625613e2903b162b2 /base/file_util.h | |
| parent | 826252a5e0305fa09ed3730f448be3faf34aaeb3 (diff) | |
| download | chromium_src-d9851bd77eb86992f3a0f37e8de3ad39c0234e21.zip chromium_src-d9851bd77eb86992f3a0f37e8de3ad39c0234e21.tar.gz chromium_src-d9851bd77eb86992f3a0f37e8de3ad39c0234e21.tar.bz2 | |
Implement ScopedFD in terms of ScopedGeneric.
Move to a new file base/files/scoped_file.h. I will also add ScopedFILE to here (currently in file_util.h) later.
I think there is a crash in the old code in content/browser/zygote_host/zygote_host_impl_linux.cc that this patch should fix. The old ScopedFD took the address of something in a vector that is being modified.
I removed SafeScopedFD from content/common/sandbox_linux/sandbox_linux.cc since base's ScopedFD not CHECKs on close failure (this is a more recent addition).
BUG=
R=agl@chromium.org, viettrungluu@chromium.org
Review URL: https://codereview.chromium.org/191673003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@257001 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'base/file_util.h')
| -rw-r--r-- | base/file_util.h | 26 |
1 files changed, 0 insertions, 26 deletions
diff --git a/base/file_util.h b/base/file_util.h index 431569a..b86d8cb 100644 --- a/base/file_util.h +++ b/base/file_util.h @@ -426,32 +426,6 @@ struct ScopedFILEClose { // Automatically closes |FILE*|s. typedef scoped_ptr<FILE, ScopedFILEClose> ScopedFILE; -#if defined(OS_POSIX) -// Functor for |ScopedFD| (below). -struct ScopedFDClose { - inline void operator()(int* x) const { - if (x && *x >= 0) { - // It's important to crash here. - // There are security implications to not closing a file descriptor - // properly. As file descriptors are "capabilities", keeping them open - // would make the current process keep access to a resource. Much of - // Chrome relies on being able to "drop" such access. - // It's especially problematic on Linux with the setuid sandbox, where - // a single open directory would bypass the entire security model. - PCHECK(0 == IGNORE_EINTR(close(*x))); - } - } -}; - -// Automatically closes FDs (note: doesn't store the FD). -// TODO(viettrungluu): This is a very odd API, since (unlike |FILE*|s, you'll -// need to store the FD separately and keep its memory alive). This should -// probably be called |ScopedFDCloser| or something like that. -typedef scoped_ptr<int, ScopedFDClose> ScopedFD; -// Let new users use ScopedFDCloser already, while ScopedFD is replaced. -typedef ScopedFD ScopedFDCloser; -#endif // OS_POSIX - } // namespace file_util // Internal -------------------------------------------------------------------- |