Prevent the renderer from dying if launched under App-V/SoftGrid.

A version of Microsoft Office launches chrome under a virtual
environment, and this virtual environment does not allow us
to reduce the integrity level on the renderer.  Since it returns
a fake error (ERROR_INVALID_HANDLE), we can trap it and continue
execution anyway... until we find a better fix.

BUG=95888
Review URL: http://codereview.chromium.org/7857022

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@100328 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 6 insertions, 2 deletions

diff --git a/sandbox/src/target_services.cc b/sandbox/src/target_services.cc
index 9b91a1c..32a452f 100644
--- a/sandbox/src/target_services.cc
+++ b/sandbox/src/target_services.cc
@@ -71,8 +71,12 @@ ResultCode TargetServicesBase::Init() {
 
 // Failure here is a breach of security so the process is terminated.
 void TargetServicesBase::LowerToken() {
-  if (ERROR_SUCCESS !=
-      SetProcessIntegrityLevel(g_shared_delayed_integrity_level))
+  DWORD error_code = SetProcessIntegrityLevel(g_shared_delayed_integrity_level);
+  // Here we don't terminate the process if the error is ERROR_INVALID_HANDLE,
+  // this is because this error is not possible in normal circumstances, unless
+  // it is hooked by sftldr_wow64.dll, in which case we prefer to keep running.
+  // See http://crbug.com/95888.
+  if (ERROR_SUCCESS != error_code && ERROR_INVALID_HANDLE != error_code)
     ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_INTEGRITY);
   process_state_.SetRevertedToSelf();
   // If the client code as called RegOpenKey, advapi32.dll has cached some