Media Galleries API Picasa: Put PMP parsing step into sandboxed utility process.

This changeset moves the Picasa PMP database parsing step onto the sandboxed utility process to securify the parsing of untrusted user data.

The CL is contingent on 18231002.

BUG=151701

Review URL: https://chromiumcodereview.appspot.com/18387003

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@210701 0039d316-1c4b-4281-b951-d872f2087c98

2 files changed, 48 insertions, 0 deletions

diff --git a/chrome/common/media_galleries/picasa_types.cc b/chrome/common/media_galleries/picasa_types.cc
index 1bcc398..a7be5e3 100644
--- a/chrome/common/media_galleries/picasa_types.cc
+++ b/chrome/common/media_galleries/picasa_types.cc
@@ -11,6 +11,19 @@ namespace picasa {
 
 namespace {
 
+base::PlatformFile OpenPlatformFile(const base::FilePath& directory_path,
+                                    const std::string& suffix) {
+  base::FilePath path = directory_path.Append(base::FilePath::FromUTF8Unsafe(
+      std::string(kPicasaAlbumTableName) + "_" + suffix));
+  int flags = base::PLATFORM_FILE_OPEN | base::PLATFORM_FILE_READ;
+  return base::CreatePlatformFile(path, flags, NULL, NULL);
+}
+
+base::PlatformFile OpenColumnPlatformFile(const base::FilePath& directory_path,
+                                          const std::string& column_name) {
+  return OpenPlatformFile(directory_path, column_name + "." + kPmpExtension);
+}
+
 void ClosePlatformFile(base::PlatformFile* platform_file) {
   DCHECK(platform_file);
   if (base::ClosePlatformFile(*platform_file))
@@ -41,6 +54,26 @@ AlbumTableFiles::AlbumTableFiles()
       uid_file(base::kInvalidPlatformFileValue) {
 }
 
+AlbumTableFiles::AlbumTableFiles(const base::FilePath& directory_path)
+    : indicator_file(OpenPlatformFile(directory_path, "0")),
+      category_file(OpenColumnPlatformFile(directory_path, "category")),
+      date_file(OpenColumnPlatformFile(directory_path, "date")),
+      filename_file(OpenColumnPlatformFile(directory_path, "filename")),
+      name_file(OpenColumnPlatformFile(directory_path, "name")),
+      token_file(OpenColumnPlatformFile(directory_path, "token")),
+      uid_file(OpenColumnPlatformFile(directory_path, "uid")) {
+}
+
+AlbumTableFilesForTransit::AlbumTableFilesForTransit()
+    : indicator_file(IPC::InvalidPlatformFileForTransit()),
+      category_file(IPC::InvalidPlatformFileForTransit()),
+      date_file(IPC::InvalidPlatformFileForTransit()),
+      filename_file(IPC::InvalidPlatformFileForTransit()),
+      name_file(IPC::InvalidPlatformFileForTransit()),
+      token_file(IPC::InvalidPlatformFileForTransit()),
+      uid_file(IPC::InvalidPlatformFileForTransit()) {
+}
+
 void CloseAlbumTableFiles(AlbumTableFiles* table_files) {
   ClosePlatformFile(&(table_files->indicator_file));
   ClosePlatformFile(&(table_files->category_file));
diff --git a/chrome/common/media_galleries/picasa_types.h b/chrome/common/media_galleries/picasa_types.h
index 7e6bc67..58dcf32 100644
--- a/chrome/common/media_galleries/picasa_types.h
+++ b/chrome/common/media_galleries/picasa_types.h
@@ -9,6 +9,7 @@
 
 #include "base/files/file_path.h"
 #include "base/platform_file.h"
+#include "ipc/ipc_platform_file.h"
 
 namespace picasa {
 
@@ -29,6 +30,7 @@ struct AlbumInfo {
 
 struct AlbumTableFiles {
   AlbumTableFiles();
+  explicit AlbumTableFiles(const base::FilePath& directory_path);
 
   // Special empty file used to confirm existence of table.
   base::PlatformFile indicator_file;
@@ -41,6 +43,19 @@ struct AlbumTableFiles {
   base::PlatformFile uid_file;
 };
 
+// A mirror of AlbumTableFiles but for transit.
+struct AlbumTableFilesForTransit {
+  AlbumTableFilesForTransit();
+  IPC::PlatformFileForTransit indicator_file;
+
+  IPC::PlatformFileForTransit category_file;
+  IPC::PlatformFileForTransit date_file;
+  IPC::PlatformFileForTransit filename_file;
+  IPC::PlatformFileForTransit name_file;
+  IPC::PlatformFileForTransit token_file;
+  IPC::PlatformFileForTransit uid_file;
+};
+
 void CloseAlbumTableFiles(AlbumTableFiles* table_files);
 
 }  // namespace picasa