diff options
author | forshaw <forshaw@chromium.org> | 2015-12-17 18:16:59 -0800 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-12-18 02:17:55 +0000 |
commit | 0474abea8469d78ce3988364ee273984ac49a9f2 (patch) | |
tree | 5e3ce9634a5d62be3769310874ec925ef1d3125e /sandbox/win/src/target_process.cc | |
parent | fd9fac9d699eb48d589506f8412c8703e9e7e2fb (diff) | |
download | chromium_src-0474abea8469d78ce3988364ee273984ac49a9f2.zip chromium_src-0474abea8469d78ce3988364ee273984ac49a9f2.tar.gz chromium_src-0474abea8469d78ce3988364ee273984ac49a9f2.tar.bz2 |
Added protection against mapping image sections between processes.
This patch adds guards to stop SharedMemory objects from mapping Windows
image sections which could come from untrusted sources.
BUG=564238
Review URL: https://codereview.chromium.org/1501003002
Cr-Commit-Position: refs/heads/master@{#365984}
Diffstat (limited to 'sandbox/win/src/target_process.cc')
-rw-r--r-- | sandbox/win/src/target_process.cc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sandbox/win/src/target_process.cc b/sandbox/win/src/target_process.cc index 69dce20..8645e75 100644 --- a/sandbox/win/src/target_process.cc +++ b/sandbox/win/src/target_process.cc @@ -284,7 +284,7 @@ DWORD TargetProcess::Init(Dispatcher* ipc_dispatcher, void* policy, return ::GetLastError(); } - DWORD access = FILE_MAP_READ | FILE_MAP_WRITE; + DWORD access = FILE_MAP_READ | FILE_MAP_WRITE | SECTION_QUERY; HANDLE target_shared_section; if (!::DuplicateHandle(::GetCurrentProcess(), shared_section_.Get(), sandbox_process_info_.process_handle(), |