blob: 60bb45e3afb3b9959880aabeb8ed6edf007d2981 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
# HG changeset patch
# User Bob Owen <bobowencode@gmail.com>
# Date 1510058662 0
# Tue Nov 07 12:44:22 2017 +0000
# Node ID 5b2b8b6c509a1025ef6d6ba208b093d4c4359186
# Parent 2c3a28eab0bfcaa5a14771454f83703ae938da6c
Revert commit f7540af7428f4b146136ec19b781886693f8c03f changes to policy_target.cc for causing issues with CoInitializeSecurity. r=aklotz
diff --git a/security/sandbox/chromium/sandbox/win/src/policy_target.cc b/security/sandbox/chromium/sandbox/win/src/policy_target.cc
--- a/security/sandbox/chromium/sandbox/win/src/policy_target.cc
+++ b/security/sandbox/chromium/sandbox/win/src/policy_target.cc
@@ -78,16 +78,26 @@ NTSTATUS WINAPI TargetNtSetInformationTh
NT_THREAD_INFORMATION_CLASS thread_info_class,
PVOID thread_information,
ULONG thread_information_bytes) {
do {
if (SandboxFactory::GetTargetServices()->GetState()->RevertedToSelf())
break;
if (ThreadImpersonationToken != thread_info_class)
break;
+ if (!thread_information)
+ break;
+ HANDLE token;
+ if (sizeof(token) > thread_information_bytes)
+ break;
+
+ NTSTATUS ret = CopyData(&token, thread_information, sizeof(token));
+ if (!NT_SUCCESS(ret) || NULL != token)
+ break;
+
// This is a revert to self.
return STATUS_SUCCESS;
} while (false);
return orig_SetInformationThread(
thread, thread_info_class, thread_information, thread_information_bytes);
}
// Hooks NtOpenThreadToken to force the open_as_self parameter to be set to
|