Added protection against mapping image sections between processes.

This patch adds guards to stop SharedMemory objects from mapping Windows image sections which could come from untrusted sources. BUG=564238 Review URL: https://codereview.chromium.org/1501003002 Cr-Commit-Position: refs/heads/master@{#365984}
author: forshaw <forshaw@chromium.org> 2015-12-17 18:16:59 -0800
committer: Commit bot <commit-bot@chromium.org> 2015-12-18 02:17:55 +0000
commit: 0474abea8469d78ce3988364ee273984ac49a9f2 (patch)
tree: 5e3ce9634a5d62be3769310874ec925ef1d3125e /sandbox/win/src/target_process.cc
parent: fd9fac9d699eb48d589506f8412c8703e9e7e2fb (diff)
download: chromium_src-0474abea8469d78ce3988364ee273984ac49a9f2.zip
chromium_src-0474abea8469d78ce3988364ee273984ac49a9f2.tar.gz
chromium_src-0474abea8469d78ce3988364ee273984ac49a9f2.tar.bz2
1 files changed, 1 insertions, 1 deletions
diff --git a/sandbox/win/src/target_process.cc b/sandbox/win/src/target_process.cc
index 69dce20..8645e75 100644
--- a/sandbox/win/src/target_process.cc
+++ b/sandbox/win/src/target_process.cc
@@ -284,7 +284,7 @@ DWORD TargetProcess::Init(Dispatcher* ipc_dispatcher, void* policy,
     return ::GetLastError();
   }
 
-  DWORD access = FILE_MAP_READ | FILE_MAP_WRITE;
+  DWORD access = FILE_MAP_READ | FILE_MAP_WRITE | SECTION_QUERY;
   HANDLE target_shared_section;
   if (!::DuplicateHandle(::GetCurrentProcess(), shared_section_.Get(),
                          sandbox_process_info_.process_handle(),
author	forshaw <forshaw@chromium.org>	2015-12-17 18:16:59 -0800
committer	Commit bot <commit-bot@chromium.org>	2015-12-18 02:17:55 +0000
commit	0474abea8469d78ce3988364ee273984ac49a9f2 (patch)
tree	5e3ce9634a5d62be3769310874ec925ef1d3125e /sandbox/win/src/target_process.cc
parent	fd9fac9d699eb48d589506f8412c8703e9e7e2fb (diff)
download	chromium_src-0474abea8469d78ce3988364ee273984ac49a9f2.zip chromium_src-0474abea8469d78ce3988364ee273984ac49a9f2.tar.gz chromium_src-0474abea8469d78ce3988364ee273984ac49a9f2.tar.bz2