diff options
author | cpu@chromium.org <cpu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-07 03:10:12 +0000 |
---|---|---|
committer | cpu@chromium.org <cpu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-07 03:10:12 +0000 |
commit | a7cab943cd84df541a4f290a431f39942f3934bf (patch) | |
tree | ae28a35b76b2d6676b0bcb1115ddfd8b51c03117 /sandbox/src/filesystem_policy.cc | |
parent | b78804c8b2abe1ea162383795e612af1a09e273f (diff) | |
download | chromium_src-a7cab943cd84df541a4f290a431f39942f3934bf.zip chromium_src-a7cab943cd84df541a4f290a431f39942f3934bf.tar.gz chromium_src-a7cab943cd84df541a4f290a431f39942f3934bf.tar.bz2 |
Allow native (nt-style) paths to be used for sandbox policy specification
1- bypass fixup when adding the path into the policy
2- make SameObject() do case-insensitive perfect match
BUG=50774
TEST= unit test included
Review URL: http://codereview.chromium.org/3092014
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@55329 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox/src/filesystem_policy.cc')
-rw-r--r-- | sandbox/src/filesystem_policy.cc | 31 |
1 files changed, 17 insertions, 14 deletions
diff --git a/sandbox/src/filesystem_policy.cc b/sandbox/src/filesystem_policy.cc index a703188..2a15555 100644 --- a/sandbox/src/filesystem_policy.cc +++ b/sandbox/src/filesystem_policy.cc @@ -67,20 +67,23 @@ bool FileSystemPolicy::GenerateRules(const wchar_t* name, return false; } - // TODO(cpu) bug 32224: This prefix add is a hack because we don't have the - // infrastructure to normalize names. In any case we need to escape the - // question marks. - if (!PreProcessName(mod_name, &mod_name)) { - // The path to be added might contain a reparse point. - NOTREACHED(); - return false; - } - - if (0 != mod_name.compare(0, kNTPrefixLen, kNTPrefix)) { - // TODO(nsylvain): Find a better way to do name resolution. Right now we - // take the name and we expand it. - mod_name.insert(0, L"\\/?/?\\"); - name = mod_name.c_str(); + // Don't do any pre-processing if the name starts like the the native + // object manager style. + if (0 != _wcsnicmp(mod_name.c_str(), kNTObjManPrefix, kNTObjManPrefixLen)) { + // TODO(cpu) bug 32224: This prefix add is a hack because we don't have the + // infrastructure to normalize names. In any case we need to escape the + // question marks. + if (!PreProcessName(mod_name, &mod_name)) { + // The path to be added might contain a reparse point. + NOTREACHED(); + return false; + } + if (0 != mod_name.compare(0, kNTPrefixLen, kNTPrefix)) { + // TODO(nsylvain): Find a better way to do name resolution. Right now we + // take the name and we expand it. + mod_name.insert(0, L"\\/?/?\\"); + name = mod_name.c_str(); + } } EvalResult result = ASK_BROKER; |