diff options
| author | jeremy@chromium.org <jeremy@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-07-18 11:40:57 +0000 |
|---|---|---|
| committer | jeremy@chromium.org <jeremy@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-07-18 11:40:57 +0000 |
| commit | ebc1fca19b6a2e85e9e16a4a85e4e86619602dba (patch) | |
| tree | 518b6cd7afae872677124893100befaff42045dd /chrome/common/sandbox_mac.mm | |
| parent | e6875c1f87e04c966d490ba9bd04d267f3ebecbf (diff) | |
| download | chromium_src-ebc1fca19b6a2e85e9e16a4a85e4e86619602dba.zip chromium_src-ebc1fca19b6a2e85e9e16a4a85e4e86619602dba.tar.gz chromium_src-ebc1fca19b6a2e85e9e16a4a85e4e86619602dba.tar.bz2 | |
Recommit - r52326 - Mac: Use canonicalization rather than absolute paths for sandbox.
Turns out that we do need to escape the ]} characters on 10.5 .
BUG=None
TEST=Installing themes should continue to work.
Review URL: http://codereview.chromium.org/3022005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@52853 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/common/sandbox_mac.mm')
| -rw-r--r-- | chrome/common/sandbox_mac.mm | 44 |
1 files changed, 32 insertions, 12 deletions
diff --git a/chrome/common/sandbox_mac.mm b/chrome/common/sandbox_mac.mm index bc0929e..3d2985c 100644 --- a/chrome/common/sandbox_mac.mm +++ b/chrome/common/sandbox_mac.mm @@ -10,6 +10,7 @@ extern "C" { #include <sandbox.h> } +#include <sys/param.h> #include "base/basictypes.h" #include "base/command_line.h" @@ -118,20 +119,19 @@ bool QuotePlainString(const std::string& str_utf8, std::string* dst) { // // Returns: true on success, false otherwise. bool QuoteStringForRegex(const std::string& str_utf8, std::string* dst) { - // List of chars with special meaning to regex. - // This list is derived from http://perldoc.perl.org/perlre.html . + // Characters with special meanings in sandbox profile syntax. const char regex_special_chars[] = { '\\', // Metacharacters '^', '.', + '[', + ']', '$', - '|', '(', ')', - '[', - ']', + '|', // Quantifiers '*', @@ -345,14 +345,11 @@ bool EnableSandbox(SandboxProcessType sandbox_type, // needed so the caller doesn't need to worry about things like /var // being a link to /private/var (like in the paths CreateNewTempDirectory() // returns). - FilePath allowed_dir_absolute(allowed_dir); - if (!file_util::AbsolutePath(&allowed_dir_absolute)) { - PLOG(FATAL) << "Failed to resolve absolute path"; - return false; - } + FilePath allowed_dir_canonical(allowed_dir); + GetCanonicalSandboxPath(&allowed_dir_canonical); std::string allowed_dir_escaped; - if (!QuoteStringForRegex(allowed_dir_absolute.value(), + if (!QuoteStringForRegex(allowed_dir_canonical.value(), &allowed_dir_escaped)) { LOG(FATAL) << "Regex string quoting failed " << allowed_dir.value(); return false; @@ -384,8 +381,12 @@ bool EnableSandbox(SandboxProcessType sandbox_type, // If we ever need this on pre-10.6 OSs then we'll have to rethink the // surrounding sandbox syntax. std::string home_dir = base::SysNSStringToUTF8(NSHomeDirectory()); + + FilePath home_dir_canonical(home_dir); + GetCanonicalSandboxPath(&home_dir_canonical); + std::string home_dir_escaped; - if (!QuotePlainString(home_dir, &home_dir_escaped)) { + if (!QuotePlainString(home_dir_canonical.value(), &home_dir_escaped)) { LOG(FATAL) << "Sandbox string quoting failed"; return false; } @@ -411,4 +412,23 @@ bool EnableSandbox(SandboxProcessType sandbox_type, return success; } +void GetCanonicalSandboxPath(FilePath* path) { + int fd = HANDLE_EINTR(open(path->value().c_str(), O_RDONLY)); + if (fd < 0) { + PLOG(FATAL) << "GetCanonicalSandboxPath() failed for: " + << path->value(); + return; + } + file_util::ScopedFD file_closer(&fd); + + FilePath::CharType canonical_path[MAXPATHLEN]; + if (HANDLE_EINTR(fcntl(fd, F_GETPATH, canonical_path)) != 0) { + PLOG(FATAL) << "GetCanonicalSandboxPath() failed for: " + << path->value(); + return; + } + + *path = FilePath(canonical_path); +} + } // namespace sandbox |