diff options
| author | rsesek@chromium.org <rsesek@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-06-03 10:48:26 +0000 |
|---|---|---|
| committer | rsesek@chromium.org <rsesek@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-06-03 10:48:26 +0000 |
| commit | cdd0be1b2d639a31eae9acbb49771653ec86510f (patch) | |
| tree | dbe55a59ac16560d5aefe74a3d90f7cbec171b34 /sandbox/mac/policy.h | |
| parent | 98e5a9e1c8c1dd1931850a4e0bd99124c67d3c95 (diff) | |
| download | chromium_src-cdd0be1b2d639a31eae9acbb49771653ec86510f.zip chromium_src-cdd0be1b2d639a31eae9acbb49771653ec86510f.tar.gz chromium_src-cdd0be1b2d639a31eae9acbb49771653ec86510f.tar.bz2 | |
Do not double-unref send rights when using POLICY_SUBSTITUE_PORT.
By destroying the reply message, the already-copied-out right will be unrefed
again, leading to an over-release of send rights.
This also requires that Rule(POLICY_SUBSTITUTE_PORT) users provide a send right
that can be duplicated with MACH_MSG_TYPE_COPY_SEND, rather than using MAKE_SEND.
BUG=367863
R=mark@chromium.org
Review URL: https://codereview.chromium.org/306123012
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@274467 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox/mac/policy.h')
| -rw-r--r-- | sandbox/mac/policy.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sandbox/mac/policy.h b/sandbox/mac/policy.h index 01ea85a..0cedcb8 100644 --- a/sandbox/mac/policy.h +++ b/sandbox/mac/policy.h @@ -42,7 +42,8 @@ struct SANDBOX_EXPORT Rule { PolicyDecision result; // The Rule does not take ownership of this port, but additional send rights - // will be allocated to it before it is sent to a client. + // will be allocated to it before it is sent to a client. This name must + // denote a send right that can duplicated with MACH_MSG_TYPE_COPY_SEND. mach_port_t substitute_port; }; |