summaryrefslogtreecommitdiffstats
path: root/chrome_frame/chrome_launcher.cc
blob: 374f47f1f20c1ccfa0950fe176a0ac51bdd25fc8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
// Copyright (c) 2009 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "chrome_frame/chrome_launcher.h"

#include "base/base_switches.h"
#include "base/command_line.h"
#include "base/file_util.h"
#include "base/logging.h"
#include "base/path_service.h"
#include "chrome/common/chrome_constants.h"
#include "chrome/common/chrome_switches.h"
#include "chrome_frame/chrome_frame_automation.h"

namespace chrome_launcher {

const wchar_t kLauncherExeBaseName[] = L"chrome_launcher.exe";

// These are the switches we will allow (along with their values) in the
// safe-for-Low-Integrity version of the Chrome command line.
const char* kAllowedSwitches[] = {
  switches::kAutomationClientChannelID,
  switches::kChromeFrame,
  switches::kDisableMetrics,
  switches::kEnableRendererAccessibility,
  switches::kEnableExperimentalExtensionApis,
  switches::kEnableMetricsExtensionApi,
  switches::kNoErrorDialogs,
  switches::kNoFirstRun,
  switches::kUserDataDir,
  switches::kDisablePopupBlocking,
};

CommandLine* CreateLaunchCommandLine() {
  // TODO(joi) As optimization, could launch Chrome directly when running at
  // medium integrity.  (Requires bringing in code to read SIDs, etc.)

  // The launcher EXE will be in the same directory as the Chrome Frame DLL,
  // so create a full path to it based on this assumption.  Since our unit
  // tests also use this function, and live in the directory above, we test
  // existence of the file and try the path that includes the /servers/
  // directory if needed.
  FilePath module_path;
  if (PathService::Get(base::FILE_MODULE, &module_path)) {
    FilePath current_dir = module_path.DirName();
    FilePath same_dir_path = current_dir.Append(kLauncherExeBaseName);
    if (file_util::PathExists(same_dir_path)) {
      return new CommandLine(same_dir_path);
    } else {
      FilePath servers_path =
          current_dir.Append(L"servers").Append(kLauncherExeBaseName);
      DCHECK(file_util::PathExists(servers_path)) <<
          "What module is this? It's not in 'servers' or main output dir.";
      return new CommandLine(servers_path);
    }
  } else {
    NOTREACHED();
    return NULL;
  }
}

void SanitizeCommandLine(const CommandLine& original, CommandLine* sanitized) {
  int num_sanitized_switches = 0;
  for (int i = 0; i < arraysize(kAllowedSwitches); ++i) {
    const char* current_switch = kAllowedSwitches[i];
    if (original.HasSwitch(current_switch)) {
      ++num_sanitized_switches;
      std::wstring switch_value = original.GetSwitchValue(current_switch);
      if (0 == switch_value.length()) {
        sanitized->AppendSwitch(current_switch);
      } else {
        sanitized->AppendSwitchWithValue(current_switch, switch_value);
      }
    }
  }
  if (num_sanitized_switches != original.GetSwitchCount()) {
    NOTREACHED();
    LOG(ERROR) << "Original command line from Low Integrity had switches "
        << "that are not on our whitelist.";
  }
}

bool SanitizeAndLaunchChrome(const wchar_t* command_line) {
  std::wstring command_line_with_program(L"dummy.exe ");
  command_line_with_program += command_line;
  CommandLine original = CommandLine::FromString(command_line_with_program);
  CommandLine sanitized(GetChromeExecutablePath());
  SanitizeCommandLine(original, &sanitized);

  return base::LaunchApp(sanitized.command_line_string(), false, false, NULL);
}

FilePath GetChromeExecutablePath() {
  FilePath cur_path;
  PathService::Get(base::DIR_MODULE, &cur_path);
  cur_path = cur_path.Append(chrome::kBrowserProcessExecutableName);

  // The installation model for Chrome places the DLLs in a versioned
  // sub-folder one down from the Chrome executable. If we fail to find
  // chrome.exe in the current path, try looking one up and launching that
  // instead.
  if (!file_util::PathExists(cur_path)) {
    PathService::Get(base::DIR_MODULE, &cur_path);
    cur_path = cur_path.DirName().Append(chrome::kBrowserProcessExecutableName);
  }

  return cur_path;
}

}  // namespace chrome_launcher

// Entrypoint that implements the logic of chrome_launcher.exe.
int CALLBACK CfLaunchChrome() {
  if (chrome_launcher::SanitizeAndLaunchChrome(::GetCommandLine())) {
    return ERROR_SUCCESS;
  } else {
    return ERROR_OPEN_FAILED;
  }
}

// Compile-time check to see that the type CfLaunchChromeProc is correct.
#ifndef NODEBUG
namespace {
chrome_launcher::CfLaunchChromeProc cf_launch_chrome = CfLaunchChrome;
}  // namespace
#endif  // NODEBUG