summaryrefslogtreecommitdiffstats
path: root/sandbox
diff options
context:
space:
mode:
Diffstat (limited to 'sandbox')
-rw-r--r--sandbox/win/src/Wow64.cc5
-rw-r--r--sandbox/win/src/job_unittest.cc5
-rw-r--r--sandbox/win/src/policy_target_test.cc15
-rw-r--r--sandbox/win/src/process_policy_test.cc24
-rw-r--r--sandbox/win/src/restricted_token_utils.cc5
-rw-r--r--sandbox/win/src/target_process.cc6
6 files changed, 37 insertions, 23 deletions
diff --git a/sandbox/win/src/Wow64.cc b/sandbox/win/src/Wow64.cc
index 39108e5..a710d75 100644
--- a/sandbox/win/src/Wow64.cc
+++ b/sandbox/win/src/Wow64.cc
@@ -157,10 +157,11 @@ bool Wow64::RunWowHelper(void* buffer) {
STARTUPINFO startup_info = {0};
startup_info.cb = sizeof(startup_info);
- base::win::ScopedProcessInformation process_info;
+ PROCESS_INFORMATION temp_process_info = {};
if (!::CreateProcess(NULL, writable_command.get(), NULL, NULL, FALSE, 0, NULL,
- NULL, &startup_info, process_info.Receive()))
+ NULL, &startup_info, &temp_process_info))
return false;
+ base::win::ScopedProcessInformation process_info(temp_process_info);
DWORD reason = ::WaitForSingleObject(process_info.process_handle(), INFINITE);
diff --git a/sandbox/win/src/job_unittest.cc b/sandbox/win/src/job_unittest.cc
index 597c86c..3b2b331 100644
--- a/sandbox/win/src/job_unittest.cc
+++ b/sandbox/win/src/job_unittest.cc
@@ -164,10 +164,11 @@ TEST(JobTest, ProcessInJob) {
wchar_t notepad[] = L"notepad";
STARTUPINFO si = { sizeof(si) };
- base::win::ScopedProcessInformation pi;
+ PROCESS_INFORMATION temp_process_info = {};
result = ::CreateProcess(NULL, notepad, NULL, NULL, FALSE, 0, NULL, NULL, &si,
- pi.Receive());
+ &temp_process_info);
ASSERT_TRUE(result);
+ base::win::ScopedProcessInformation pi(temp_process_info);
ASSERT_EQ(ERROR_SUCCESS, job.AssignProcessToJob(pi.process_handle()));
// Get the job handle.
diff --git a/sandbox/win/src/policy_target_test.cc b/sandbox/win/src/policy_target_test.cc
index ee28260..1e29df2 100644
--- a/sandbox/win/src/policy_target_test.cc
+++ b/sandbox/win/src/policy_target_test.cc
@@ -150,10 +150,11 @@ SBOX_TESTS_COMMAND int PolicyTargetTest_process(int argc, wchar_t **argv) {
// Use default values to create a new process.
STARTUPINFO startup_info = {0};
startup_info.cb = sizeof(startup_info);
- base::win::ScopedProcessInformation process_info;
+ PROCESS_INFORMATION temp_process_info = {};
if (!::CreateProcessW(L"foo.exe", L"foo.exe", NULL, NULL, FALSE, 0,
- NULL, NULL, &startup_info, process_info.Receive()))
+ NULL, NULL, &startup_info, &temp_process_info))
return SBOX_TEST_SUCCEEDED;
+ base::win::ScopedProcessInformation process_info(temp_process_info);
return SBOX_TEST_FAILED;
}
@@ -239,11 +240,14 @@ TEST(PolicyTargetTest, DesktopPolicy) {
TargetPolicy* policy = broker->CreatePolicy();
policy->SetAlternateDesktop(false);
policy->SetTokenLevel(USER_INTERACTIVE, USER_LOCKDOWN);
+ PROCESS_INFORMATION temp_process_info = {};
result = broker->SpawnTarget(prog_name, arguments.c_str(), policy,
- target.Receive());
+ &temp_process_info);
policy->Release();
EXPECT_EQ(SBOX_ALL_OK, result);
+ if (result == SBOX_ALL_OK)
+ target.Set(temp_process_info);
EXPECT_EQ(1, ::ResumeThread(target.thread_handle()));
@@ -299,11 +303,14 @@ TEST(PolicyTargetTest, WinstaPolicy) {
TargetPolicy* policy = broker->CreatePolicy();
policy->SetAlternateDesktop(true);
policy->SetTokenLevel(USER_INTERACTIVE, USER_LOCKDOWN);
+ PROCESS_INFORMATION temp_process_info = {};
result = broker->SpawnTarget(prog_name, arguments.c_str(), policy,
- target.Receive());
+ &temp_process_info);
policy->Release();
EXPECT_EQ(SBOX_ALL_OK, result);
+ if (result == SBOX_ALL_OK)
+ target.Set(temp_process_info);
EXPECT_EQ(1, ::ResumeThread(target.thread_handle()));
diff --git a/sandbox/win/src/process_policy_test.cc b/sandbox/win/src/process_policy_test.cc
index babe321..a03e0be 100644
--- a/sandbox/win/src/process_policy_test.cc
+++ b/sandbox/win/src/process_policy_test.cc
@@ -50,8 +50,12 @@ sandbox::SboxTestResult CreateProcessHelper(const string16& exe,
// Create the process with the unicode version of the API.
sandbox::SboxTestResult ret1 = sandbox::SBOX_TEST_FAILED;
- if (!::CreateProcessW(exe_name, const_cast<wchar_t*>(cmd_line), NULL, NULL,
- FALSE, 0, NULL, NULL, &si, pi.Receive())) {
+ PROCESS_INFORMATION temp_process_info = {};
+ if (::CreateProcessW(exe_name, const_cast<wchar_t*>(cmd_line), NULL, NULL,
+ FALSE, 0, NULL, NULL, &si, &temp_process_info)) {
+ pi.Set(temp_process_info);
+ ret1 = sandbox::SBOX_TEST_SUCCEEDED;
+ } else {
DWORD last_error = GetLastError();
if ((ERROR_NOT_ENOUGH_QUOTA == last_error) ||
(ERROR_ACCESS_DENIED == last_error) ||
@@ -60,8 +64,6 @@ sandbox::SboxTestResult CreateProcessHelper(const string16& exe,
} else {
ret1 = sandbox::SBOX_TEST_FAILED;
}
- } else {
- ret1 = sandbox::SBOX_TEST_SUCCEEDED;
}
pi.Close();
@@ -73,10 +75,13 @@ sandbox::SboxTestResult CreateProcessHelper(const string16& exe,
std::string narrow_cmd_line;
if (cmd_line)
narrow_cmd_line = base::SysWideToMultiByte(cmd_line, CP_UTF8);
- if (!::CreateProcessA(
+ if (::CreateProcessA(
exe_name ? base::SysWideToMultiByte(exe_name, CP_UTF8).c_str() : NULL,
cmd_line ? const_cast<char*>(narrow_cmd_line.c_str()) : NULL,
- NULL, NULL, FALSE, 0, NULL, NULL, &sia, pi.Receive())) {
+ NULL, NULL, FALSE, 0, NULL, NULL, &sia, &temp_process_info)) {
+ pi.Set(temp_process_info);
+ ret2 = sandbox::SBOX_TEST_SUCCEEDED;
+ } else {
DWORD last_error = GetLastError();
if ((ERROR_NOT_ENOUGH_QUOTA == last_error) ||
(ERROR_ACCESS_DENIED == last_error) ||
@@ -85,8 +90,6 @@ sandbox::SboxTestResult CreateProcessHelper(const string16& exe,
} else {
ret2 = sandbox::SBOX_TEST_FAILED;
}
- } else {
- ret2 = sandbox::SBOX_TEST_SUCCEEDED;
}
if (ret1 == ret2)
@@ -215,13 +218,14 @@ SBOX_TESTS_COMMAND int Process_GetChildProcessToken(int argc, wchar_t **argv) {
string16 path = MakeFullPathToSystem32(argv[0]);
- base::win::ScopedProcessInformation pi;
STARTUPINFOW si = {sizeof(si)};
+ PROCESS_INFORMATION temp_process_info = {};
if (!::CreateProcessW(path.c_str(), NULL, NULL, NULL, FALSE, CREATE_SUSPENDED,
- NULL, NULL, &si, pi.Receive())) {
+ NULL, NULL, &si, &temp_process_info)) {
return SBOX_TEST_FAILED;
}
+ base::win::ScopedProcessInformation pi(temp_process_info);
HANDLE token = NULL;
BOOL result =
diff --git a/sandbox/win/src/restricted_token_utils.cc b/sandbox/win/src/restricted_token_utils.cc
index 5f1a246..f30a8a6 100644
--- a/sandbox/win/src/restricted_token_utils.cc
+++ b/sandbox/win/src/restricted_token_utils.cc
@@ -183,7 +183,7 @@ DWORD StartRestrictedProcessInJob(wchar_t *command_line,
// Start the process
STARTUPINFO startup_info = {0};
- base::win::ScopedProcessInformation process_info;
+ PROCESS_INFORMATION temp_process_info = {};
DWORD flags = CREATE_SUSPENDED;
if (base::win::GetVersion() < base::win::VERSION_WIN8) {
@@ -202,9 +202,10 @@ DWORD StartRestrictedProcessInJob(wchar_t *command_line,
NULL, // Use the environment of the caller.
NULL, // Use current directory of the caller.
&startup_info,
- process_info.Receive())) {
+ &temp_process_info)) {
return ::GetLastError();
}
+ base::win::ScopedProcessInformation process_info(temp_process_info);
// Change the token of the main thread of the new process for the
// impersonation token with more rights.
diff --git a/sandbox/win/src/target_process.cc b/sandbox/win/src/target_process.cc
index 9300cce..a2d630c 100644
--- a/sandbox/win/src/target_process.cc
+++ b/sandbox/win/src/target_process.cc
@@ -131,8 +131,7 @@ DWORD TargetProcess::Create(const wchar_t* exe_path,
flags |= CREATE_BREAKAWAY_FROM_JOB;
}
- base::win::ScopedProcessInformation process_info;
-
+ PROCESS_INFORMATION temp_process_info = {};
if (!::CreateProcessAsUserW(lockdown_token_,
exe_path,
cmd_line.get(),
@@ -143,9 +142,10 @@ DWORD TargetProcess::Create(const wchar_t* exe_path,
NULL, // Use the environment of the caller.
NULL, // Use current directory of the caller.
startup_info.startup_info(),
- process_info.Receive())) {
+ &temp_process_info)) {
return ::GetLastError();
}
+ base::win::ScopedProcessInformation process_info(temp_process_info);
lockdown_token_.Close();
DWORD win_result = ERROR_SUCCESS;