diff options
author | rvargas@google.com <rvargas@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-01-27 19:20:42 +0000 |
---|---|---|
committer | rvargas@google.com <rvargas@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-01-27 19:20:42 +0000 |
commit | 4f1f3d0f03c79ddaace56f067cf28a27f9466b7d (patch) | |
tree | bc0bcae7b48b6e4e218d4fca358af50467893940 /sandbox/src/filesystem_policy.cc | |
parent | 2377f7f26715ae20f671c5fd7e7edee778c1f64f (diff) | |
download | chromium_src-4f1f3d0f03c79ddaace56f067cf28a27f9466b7d.zip chromium_src-4f1f3d0f03c79ddaace56f067cf28a27f9466b7d.tar.gz chromium_src-4f1f3d0f03c79ddaace56f067cf28a27f9466b7d.tar.bz2 |
Improve handling and testing of reparse points.
BUG=28804
TEST=unit tests.
Review URL: http://codereview.chromium.org/553080
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@37286 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox/src/filesystem_policy.cc')
-rw-r--r-- | sandbox/src/filesystem_policy.cc | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/sandbox/src/filesystem_policy.cc b/sandbox/src/filesystem_policy.cc index c11c031..a703188 100644 --- a/sandbox/src/filesystem_policy.cc +++ b/sandbox/src/filesystem_policy.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -40,6 +40,12 @@ NTSTATUS NtCreateFileInTarget(HANDLE* target_file_handle, return status; } + if (!sandbox::SameObject(local_handle, obj_attributes->ObjectName->Buffer)) { + // The handle points somewhere else. Fail the operation. + ::CloseHandle(local_handle); + return STATUS_ACCESS_DENIED; + } + if (!::DuplicateHandle(::GetCurrentProcess(), local_handle, target_process, target_file_handle, 0, FALSE, DUPLICATE_CLOSE_SOURCE | DUPLICATE_SAME_ACCESS)) { @@ -49,7 +55,7 @@ NTSTATUS NtCreateFileInTarget(HANDLE* target_file_handle, return STATUS_SUCCESS; } -} +} // namespace. namespace sandbox { @@ -61,7 +67,7 @@ bool FileSystemPolicy::GenerateRules(const wchar_t* name, return false; } - // TODO(cpu): This prefix add is a hack because we don't have the + // TODO(cpu) bug 32224: This prefix add is a hack because we don't have the // infrastructure to normalize names. In any case we need to escape the // question marks. if (!PreProcessName(mod_name, &mod_name)) { |