diff options
| author | mseaborn@chromium.org <mseaborn@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-04-27 00:42:25 +0000 |
|---|---|---|
| committer | mseaborn@chromium.org <mseaborn@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-04-27 00:42:25 +0000 |
| commit | 4c65fb63c0e1b839ec6fa2ee3fa211ca93040d0c (patch) | |
| tree | 2e9822a33fbc57df93b0983d581983b6427f08d6 /ipc/ipc_message_utils.h | |
| parent | 0171eb11e465b01a25a52589c5e7fbdab610f593 (diff) | |
| download | chromium_src-4c65fb63c0e1b839ec6fa2ee3fa211ca93040d0c.zip chromium_src-4c65fb63c0e1b839ec6fa2ee3fa211ca93040d0c.tar.gz chromium_src-4c65fb63c0e1b839ec6fa2ee3fa211ca93040d0c.tar.bz2 | |
NaCl: Pass the process handle to the broker rather than reopening it
Previously, we would open the NaCl loader's Windows process handle by
its PID in the NaCl broker (when attaching a Windows debug exception
handler). But there is a potential race condition here: if the NaCl
loader dies, and its PID is reused, we could be opening the wrong
process.
Fix this by opening the process handle in the browser process and
passing it to the 64-bit NaCl broker.
This requires fixing a bug in ipc_message_utils.h. This code could
cope with sending a handle from a 64-bit process to a 32-bit process
(NaCl broker to browser), but the DCHECK would fail when sending a
handle from a 32-bit process to a 64-bit process (browser to NaCl
broker).
This change is in preparation for changing NaCl's Windows debug
exception handler to attach on demand, which would allow untrusted
NaCl code to cause the NaCl process to exit before
OnDebugExceptionHandlerLaunched() runs.
BUG=http://code.google.com/p/nativeclient/issues/detail?id=2618
TEST=run_inbrowser_exception_test in nacl_integration
Review URL: https://chromiumcodereview.appspot.com/10174031
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@134189 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'ipc/ipc_message_utils.h')
| -rw-r--r-- | ipc/ipc_message_utils.h | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/ipc/ipc_message_utils.h b/ipc/ipc_message_utils.h index 8772b67..9e259f1 100644 --- a/ipc/ipc_message_utils.h +++ b/ipc/ipc_message_utils.h @@ -706,15 +706,18 @@ struct ParamTraits<string16> { template <> struct ParamTraits<HANDLE> { typedef HANDLE param_type; + // Note that HWNDs/HANDLE/HCURSOR/HACCEL etc are always 32 bits, even on 64 + // bit systems. static void Write(Message* m, const param_type& p) { - // Note that HWNDs/HANDLE/HCURSOR/HACCEL etc are always 32 bits, even on 64 - // bit systems. m->WriteUInt32(reinterpret_cast<uint32>(p)); } static bool Read(const Message* m, PickleIterator* iter, param_type* r) { - DCHECK_EQ(sizeof(param_type), sizeof(uint32)); - return m->ReadUInt32(iter, reinterpret_cast<uint32*>(r)); + uint32 temp; + if (!m->ReadUInt32(iter, &temp)) + return false; + *r = reinterpret_cast<HANDLE>(temp); + return true; } static void Log(const param_type& p, std::string* l) { l->append(StringPrintf("0x%X", p)); |