From f781782dd67077478e117c61dca4ea5eefce3544 Mon Sep 17 00:00:00 2001 From: "slightlyoff@chromium.org" Date: Thu, 24 Sep 2009 05:11:58 +0000 Subject: Initial import of the Chrome Frame codebase. Integration in chrome.gyp coming in a separate CL. BUG=None TEST=None Review URL: http://codereview.chromium.org/218019 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@27042 0039d316-1c4b-4281-b951-d872f2087c98 --- chrome_frame/chrome_launcher.cc | 125 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 125 insertions(+) create mode 100644 chrome_frame/chrome_launcher.cc (limited to 'chrome_frame/chrome_launcher.cc') diff --git a/chrome_frame/chrome_launcher.cc b/chrome_frame/chrome_launcher.cc new file mode 100644 index 0000000..7670aec --- /dev/null +++ b/chrome_frame/chrome_launcher.cc @@ -0,0 +1,125 @@ +// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "chrome_frame/chrome_launcher.h" + +#include "base/base_switches.h" +#include "base/command_line.h" +#include "base/file_util.h" +#include "base/logging.h" +#include "base/path_service.h" +#include "chrome/common/chrome_constants.h" +#include "chrome/common/chrome_switches.h" +#include "chrome_frame/chrome_frame_automation.h" +#include "chrome_frame/crash_report.h" + +namespace chrome_launcher { + +const wchar_t kLauncherExeBaseName[] = L"chrome_launcher.exe"; + +// These are the switches we will allow (along with their values) in the +// safe-for-Low-Integrity version of the Chrome command line. +const wchar_t* kAllowedSwitches[] = { + switches::kAutomationClientChannelID, + switches::kDisableMetrics, + switches::kNoFirstRun, + switches::kUserDataDir, + switches::kLoadExtension, +}; + +CommandLine* CreateLaunchCommandLine() { + // TODO(joi) As optimization, could launch Chrome directly when running at + // medium integrity. (Requires bringing in code to read SIDs, etc.) + + // The launcher EXE will be in the same directory as the npchrome_tab DLL, + // so create a full path to it based on this assumption. Since our unit + // tests also use this function, and live in the directory above, we test + // existence of the file and try the path that includes the /servers/ + // directory if needed. + FilePath module_path; + if (PathService::Get(base::FILE_MODULE, &module_path)) { + FilePath current_dir = module_path.DirName(); + FilePath same_dir_path = current_dir.Append(kLauncherExeBaseName); + if (file_util::PathExists(same_dir_path)) { + return new CommandLine(same_dir_path.ToWStringHack()); + } else { + FilePath servers_path = + current_dir.Append(L"servers").Append(kLauncherExeBaseName); + DCHECK(file_util::PathExists(servers_path)) << + "What module is this? It's not in 'servers' or main output dir."; + return new CommandLine(servers_path.ToWStringHack()); + } + } else { + NOTREACHED(); + return NULL; + } +} + +void SanitizeCommandLine(const CommandLine& original, CommandLine* sanitized) { + int num_sanitized_switches = 0; + for (int i = 0; i < arraysize(kAllowedSwitches); ++i) { + const wchar_t* current_switch = kAllowedSwitches[i]; + if (original.HasSwitch(current_switch)) { + ++num_sanitized_switches; + std::wstring switch_value = original.GetSwitchValue(current_switch); + if (0 == switch_value.length()) { + sanitized->AppendSwitch(current_switch); + } else { + sanitized->AppendSwitchWithValue(current_switch, switch_value); + } + } + } + if (num_sanitized_switches != original.GetSwitchCount()) { + NOTREACHED(); + LOG(ERROR) << "Original command line from Low Integrity had switches " + << "that are not on our whitelist."; + } +} + +bool SanitizeAndLaunchChrome(const wchar_t* command_line) { + std::wstring command_line_with_program(L"dummy.exe "); + command_line_with_program += command_line; + CommandLine original(L""); + original.ParseFromString(command_line_with_program); + CommandLine sanitized(GetChromeExecutablePath()); + SanitizeCommandLine(original, &sanitized); + + return base::LaunchApp(sanitized.command_line_string(), false, false, NULL); +} + +std::wstring GetChromeExecutablePath() { + std::wstring cur_path; + PathService::Get(base::DIR_MODULE, &cur_path); + file_util::AppendToPath(&cur_path, chrome::kBrowserProcessExecutableName); + + // The installation model for Chrome places the DLLs in a versioned + // sub-folder one down from the Chrome executable. If we fail to find + // chrome.exe in the current path, try looking one up and launching that + // instead. + if (!file_util::PathExists(cur_path)) { + PathService::Get(base::DIR_MODULE, &cur_path); + file_util::UpOneDirectory(&cur_path); + file_util::AppendToPath(&cur_path, chrome::kBrowserProcessExecutableName); + } + + return cur_path; +} + +} // namespace chrome_launcher + +// Entrypoint that implements the logic of chrome_launcher.exe. +int CALLBACK CfLaunchChrome() { + if (chrome_launcher::SanitizeAndLaunchChrome(::GetCommandLine())) { + return ERROR_SUCCESS; + } else { + return ERROR_OPEN_FAILED; + } +} + +// Compile-time check to see that the type CfLaunchChromeProc is correct. +#ifndef NODEBUG +namespace { +chrome_launcher::CfLaunchChromeProc cf_launch_chrome = CfLaunchChrome; +} // namespace +#endif // NODEBUG -- cgit v1.1