From 4c65fb63c0e1b839ec6fa2ee3fa211ca93040d0c Mon Sep 17 00:00:00 2001 From: "mseaborn@chromium.org" Date: Fri, 27 Apr 2012 00:42:25 +0000 Subject: NaCl: Pass the process handle to the broker rather than reopening it Previously, we would open the NaCl loader's Windows process handle by its PID in the NaCl broker (when attaching a Windows debug exception handler). But there is a potential race condition here: if the NaCl loader dies, and its PID is reused, we could be opening the wrong process. Fix this by opening the process handle in the browser process and passing it to the 64-bit NaCl broker. This requires fixing a bug in ipc_message_utils.h. This code could cope with sending a handle from a 64-bit process to a 32-bit process (NaCl broker to browser), but the DCHECK would fail when sending a handle from a 32-bit process to a 64-bit process (browser to NaCl broker). This change is in preparation for changing NaCl's Windows debug exception handler to attach on demand, which would allow untrusted NaCl code to cause the NaCl process to exit before OnDebugExceptionHandlerLaunched() runs. BUG=http://code.google.com/p/nativeclient/issues/detail?id=2618 TEST=run_inbrowser_exception_test in nacl_integration Review URL: https://chromiumcodereview.appspot.com/10174031 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@134189 0039d316-1c4b-4281-b951-d872f2087c98 --- ipc/ipc_message_utils.h | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'ipc/ipc_message_utils.h') diff --git a/ipc/ipc_message_utils.h b/ipc/ipc_message_utils.h index 8772b67..9e259f1 100644 --- a/ipc/ipc_message_utils.h +++ b/ipc/ipc_message_utils.h @@ -706,15 +706,18 @@ struct ParamTraits { template <> struct ParamTraits { typedef HANDLE param_type; + // Note that HWNDs/HANDLE/HCURSOR/HACCEL etc are always 32 bits, even on 64 + // bit systems. static void Write(Message* m, const param_type& p) { - // Note that HWNDs/HANDLE/HCURSOR/HACCEL etc are always 32 bits, even on 64 - // bit systems. m->WriteUInt32(reinterpret_cast(p)); } static bool Read(const Message* m, PickleIterator* iter, param_type* r) { - DCHECK_EQ(sizeof(param_type), sizeof(uint32)); - return m->ReadUInt32(iter, reinterpret_cast(r)); + uint32 temp; + if (!m->ReadUInt32(iter, &temp)) + return false; + *r = reinterpret_cast(temp); + return true; } static void Log(const param_type& p, std::string* l) { l->append(StringPrintf("0x%X", p)); -- cgit v1.1