diff options
| author | sverrir@chromium.org <sverrir@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-02-28 23:19:23 +0000 |
|---|---|---|
| committer | sverrir@chromium.org <sverrir@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-02-28 23:19:23 +0000 |
| commit | 3a29f7db26b4dc30eee84aeb958c26172eeae1fc (patch) | |
| tree | 0d95c6340efa9d1dab2ade98f4ff43e0ec295e6c /chrome/app | |
| parent | 57fc229a0b6b8b2a109cd8d4d1d7c2df67f3aef4 (diff) | |
| download | chromium_src-3a29f7db26b4dc30eee84aeb958c26172eeae1fc.zip chromium_src-3a29f7db26b4dc30eee84aeb958c26172eeae1fc.tar.gz chromium_src-3a29f7db26b4dc30eee84aeb958c26172eeae1fc.tar.bz2 | |
Prevent chrome from launching with a chromehtml: argument
unless its preceeded by the switch terminator. This is to
prevent chromehtml: urls to supply arguments to Chrome.
BUG=5825
Review URL: http://codereview.chromium.org/20469
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@10684 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/app')
| -rw-r--r-- | chrome/app/chrome_dll_main.cc | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/chrome/app/chrome_dll_main.cc b/chrome/app/chrome_dll_main.cc index 265f5f7..57d49b9 100644 --- a/chrome/app/chrome_dll_main.cc +++ b/chrome/app/chrome_dll_main.cc @@ -10,6 +10,7 @@ #include "build/build_config.h" #if defined(OS_WIN) +#include <algorithm> #include <atlbase.h> #include <atlapp.h> #include <malloc.h> @@ -119,6 +120,38 @@ void ChromeAssert(const std::string& str) { #pragma optimize("", on) +// Early versions of Chrome incorrectly registered a chromehtml: URL handler. +// Later versions fixed the registration but in some cases (e.g. Vista and non- +// admin installs) the fix could not be applied. This prevents Chrome to be +// launched with the incorrect format. +// CORRECT: <broser.exe> -- "chromehtml:<url>" +// INVALID: <broser.exe> "chromehtml:<url>" +bool IncorrectChromeHtmlArguments(const std::wstring& command_line) { + const wchar_t kChromeHtml[] = L"-- \"chromehtml:"; + const wchar_t kOffset = 5; // Where chromehtml: starts in above + std::wstring command_line_lower = command_line; + + // We are only searching for ASCII characters so this is OK. + StringToLowerASCII(&command_line_lower); + + std::wstring::size_type pos = command_line_lower.find( + kChromeHtml + kOffset); + + if (pos == std::wstring::npos) + return false; + + // The browser is being launched with chromehtml: somewhere on the command + // line. We will not launch unless it's preceded by the -- switch terminator. + if (pos >= kOffset) { + if (equal(kChromeHtml, kChromeHtml + arraysize(kChromeHtml) - 1, + command_line_lower.begin() + pos - kOffset)) { + return false; + } + } + + return true; +} + #endif // OS_WIN // Register the invalid param handler and pure call handler to be able to @@ -227,6 +260,12 @@ int ChromeMain(int argc, const char** argv) { #endif const CommandLine& parsed_command_line = *CommandLine::ForCurrentProcess(); +#if defined(OS_WIN) + // Must do this before any other usage of command line! + if (::IncorrectChromeHtmlArguments(parsed_command_line.command_line_string())) + return 1; +#endif + SetupCRT(parsed_command_line); // Initialize the Chrome path provider. |