diff options
author | thakis@chromium.org <thakis@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-08-20 19:31:10 +0000 |
---|---|---|
committer | thakis@chromium.org <thakis@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-08-20 19:32:33 +0000 |
commit | d4d772ea090aa8c073e93243ddee9c1258661cda (patch) | |
tree | 23f1c6fe8346074a9504f3ca7c9234fd37afab90 /sandbox | |
parent | 069c7b15ef037351d9f5771424bb6db80e5c92e0 (diff) | |
download | chromium_src-d4d772ea090aa8c073e93243ddee9c1258661cda.zip chromium_src-d4d772ea090aa8c073e93243ddee9c1258661cda.tar.gz chromium_src-d4d772ea090aa8c073e93243ddee9c1258661cda.tar.bz2 |
Don't pass const strings to CreateProcess.
The documentation says that CreateProcess() can modify its second parameter
in UNICODE builds.
BUG=396705
R=scottmg@chromium.org, vitalybuka@chromium.org
TBR=cpu
Review URL: https://codereview.chromium.org/487303004
Cr-Commit-Position: refs/heads/master@{#290890}
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@290890 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox')
-rw-r--r-- | sandbox/win/src/policy_target_test.cc | 7 | ||||
-rw-r--r-- | sandbox/win/src/process_policy_test.cc | 23 |
2 files changed, 19 insertions, 11 deletions
diff --git a/sandbox/win/src/policy_target_test.cc b/sandbox/win/src/policy_target_test.cc index 268f8d6..d1162e8 100644 --- a/sandbox/win/src/policy_target_test.cc +++ b/sandbox/win/src/policy_target_test.cc @@ -151,8 +151,11 @@ SBOX_TESTS_COMMAND int PolicyTargetTest_process(int argc, wchar_t **argv) { STARTUPINFO startup_info = {0}; startup_info.cb = sizeof(startup_info); PROCESS_INFORMATION temp_process_info = {}; - if (!::CreateProcessW(L"foo.exe", L"foo.exe", NULL, NULL, FALSE, 0, - NULL, NULL, &startup_info, &temp_process_info)) + // Note: CreateProcessW() can write to its lpCommandLine, don't pass a + // raw string literal. + base::string16 writable_cmdline_str(L"foo.exe"); + if (!::CreateProcessW(L"foo.exe", &writable_cmdline_str[0], NULL, NULL, FALSE, + 0, NULL, NULL, &startup_info, &temp_process_info)) return SBOX_TEST_SUCCEEDED; base::win::ScopedProcessInformation process_info(temp_process_info); return SBOX_TEST_FAILED; diff --git a/sandbox/win/src/process_policy_test.cc b/sandbox/win/src/process_policy_test.cc index ae62606..44effa3 100644 --- a/sandbox/win/src/process_policy_test.cc +++ b/sandbox/win/src/process_policy_test.cc @@ -44,15 +44,21 @@ sandbox::SboxTestResult CreateProcessHelper(const base::string16& exe, if (!exe.empty()) exe_name = exe.c_str(); - const wchar_t *cmd_line = NULL; - if (!command.empty()) - cmd_line = command.c_str(); + base::string16 writable_command = command; // Create the process with the unicode version of the API. sandbox::SboxTestResult ret1 = sandbox::SBOX_TEST_FAILED; PROCESS_INFORMATION temp_process_info = {}; - if (::CreateProcessW(exe_name, const_cast<wchar_t*>(cmd_line), NULL, NULL, - FALSE, 0, NULL, NULL, &si, &temp_process_info)) { + if (::CreateProcessW(exe_name, + command.empty() ? NULL : &writable_command[0], + NULL, + NULL, + FALSE, + 0, + NULL, + NULL, + &si, + &temp_process_info)) { pi.Set(temp_process_info); ret1 = sandbox::SBOX_TEST_SUCCEEDED; } else { @@ -72,12 +78,11 @@ sandbox::SboxTestResult CreateProcessHelper(const base::string16& exe, STARTUPINFOA sia = {sizeof(sia)}; sandbox::SboxTestResult ret2 = sandbox::SBOX_TEST_FAILED; - std::string narrow_cmd_line; - if (cmd_line) - narrow_cmd_line = base::SysWideToMultiByte(cmd_line, CP_UTF8); + std::string narrow_cmd_line = + base::SysWideToMultiByte(command.c_str(), CP_UTF8); if (::CreateProcessA( exe_name ? base::SysWideToMultiByte(exe_name, CP_UTF8).c_str() : NULL, - cmd_line ? const_cast<char*>(narrow_cmd_line.c_str()) : NULL, + command.empty() ? NULL : &narrow_cmd_line[0], NULL, NULL, FALSE, 0, NULL, NULL, &sia, &temp_process_info)) { pi.Set(temp_process_info); ret2 = sandbox::SBOX_TEST_SUCCEEDED; |