tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

41_allow_ntpath_in_SignedPolicy_GenerateRules.patch (2672B)

      1 # HG changeset patch
      2 # User Toshihito Kikuchi <tkikuchi@mozilla.com>
      3 # Date 1605814807 28800
      4 #      Thu Nov 19 11:40:07 2020 -0800
      5 # Node ID 29b049665db1f28ffdfce319ad48912d4a024e23
      6 # Parent  94435953fb89c1fe147c6b76a9ecb61f59625d30
      7 Bug 1620114 - Allow an NT path string to be passed to SignedPolicy::GenerateRules.  r=bobowen
      8 so that our SandboxBroker can add a policy rule with an NT path directly.
      9 
     10 diff --git a/sandbox/win/src/signed_policy.cc b/sandbox/win/src/signed_policy.cc
     11 --- a/sandbox/win/src/signed_policy.cc
     12 +++ b/sandbox/win/src/signed_policy.cc
     13 @@ -11,31 +11,54 @@
     14 
     15 #include "sandbox/win/src/ipc_tags.h"
     16 #include "sandbox/win/src/policy_engine_opcodes.h"
     17 #include "sandbox/win/src/policy_params.h"
     18 #include "sandbox/win/src/sandbox_nt_util.h"
     19 #include "sandbox/win/src/sandbox_policy.h"
     20 #include "sandbox/win/src/win_utils.h"
     21 
     22 +namespace {
     23 +bool IsValidNtPath(const base::FilePath& name) {
     24 +  UNICODE_STRING uni_name;
     25 +  ::RtlInitUnicodeString(&uni_name, name.value().c_str());
     26 +  OBJECT_ATTRIBUTES obj_attr;
     27 +  InitializeObjectAttributes(&obj_attr, &uni_name, OBJ_CASE_INSENSITIVE,
     28 +                             nullptr, nullptr);
     29 +
     30 +  static const auto NtQueryAttributesFile =
     31 +      reinterpret_cast<NtQueryAttributesFileFunction>(::GetProcAddress(
     32 +          ::GetModuleHandleW(L"ntdll.dll"), "NtQueryAttributesFile"));
     33 +
     34 +  FILE_BASIC_INFORMATION file_info;
     35 +  return NtQueryAttributesFile &&
     36 +         NT_SUCCESS(NtQueryAttributesFile(&obj_attr, &file_info));
     37 +}
     38 +}  // namespace
     39 +
     40 namespace sandbox {
     41 
     42 bool SignedPolicy::GenerateRules(const wchar_t* name,
     43                                  LowLevelPolicy* policy) {
     44   base::FilePath file_path(name);
     45 +  base::FilePath nt_filename;
     46   auto nt_path_name = GetNtPathFromWin32Path(file_path.DirName().value());
     47 -  if (!nt_path_name)
     48 +  if (nt_path_name) {
     49 +    base::FilePath nt_path(nt_path_name.value());
     50 +    nt_filename = nt_path.Append(file_path.BaseName());
     51 +  } else if (IsValidNtPath(file_path)) {
     52 +    nt_filename = std::move(file_path);
     53 +  } else {
     54     return false;
     55 +  }
     56 
     57 -  base::FilePath nt_path(nt_path_name.value());
     58 -  std::wstring nt_filename = nt_path.Append(file_path.BaseName()).value();
     59   // Create a rule to ASK_BROKER if name matches.
     60   PolicyRule signed_policy(ASK_BROKER);
     61 -  if (!signed_policy.AddStringMatch(IF, NameBased::NAME, nt_filename.c_str(),
     62 -                                    CASE_INSENSITIVE)) {
     63 +  if (!signed_policy.AddStringMatch(
     64 +          IF, NameBased::NAME, nt_filename.value().c_str(), CASE_INSENSITIVE)) {
     65     return false;
     66   }
     67   if (!policy->AddRule(IpcTag::NTCREATESECTION, &signed_policy)) {
     68     return false;
     69   }
     70 
     71   return true;
     72 }