1# HG changeset patch
2# User Toshihito Kikuchi <tkikuchi@mozilla.com>
3# Date 1605814807 28800
4#      Thu Nov 19 11:40:07 2020 -0800
5# Node ID 29b049665db1f28ffdfce319ad48912d4a024e23
6# Parent  94435953fb89c1fe147c6b76a9ecb61f59625d30
7Bug 1620114 - Allow an NT path string to be passed to SignedPolicy::GenerateRules.  r=bobowen
8so that our SandboxBroker can add a policy rule with an NT path directly.
9
10diff --git a/security/sandbox/chromium/sandbox/win/src/signed_policy.cc b/security/sandbox/chromium/sandbox/win/src/signed_policy.cc
11--- a/security/sandbox/chromium/sandbox/win/src/signed_policy.cc
12+++ b/security/sandbox/chromium/sandbox/win/src/signed_policy.cc
13@@ -7,39 +7,63 @@
14 #include <stdint.h>
15
16 #include <string>
17
18 #include "sandbox/win/src/ipc_tags.h"
19 #include "sandbox/win/src/policy_engine_opcodes.h"
20 #include "sandbox/win/src/policy_params.h"
21 #include "sandbox/win/src/sandbox_policy.h"
22+#include "sandbox/win/src/sandbox_utils.h"
23 #include "sandbox/win/src/win_utils.h"
24
25+namespace {
26+
27+bool IsValidNtPath(const base::FilePath& name) {
28+  UNICODE_STRING uni_name;
29+  OBJECT_ATTRIBUTES obj_attr;
30+  sandbox::InitObjectAttribs(name.value(), OBJ_CASE_INSENSITIVE, nullptr,
31+                             &obj_attr, &uni_name, nullptr);
32+
33+  NtQueryAttributesFileFunction NtQueryAttributesFile = nullptr;
34+  ResolveNTFunctionPtr("NtQueryAttributesFile", &NtQueryAttributesFile);
35+  FILE_BASIC_INFORMATION file_info;
36+  return NtQueryAttributesFile &&
37+         NT_SUCCESS(NtQueryAttributesFile(&obj_attr, &file_info));
38+}
39+
40+}  // namespace
41+
42 namespace sandbox {
43
44 bool SignedPolicy::GenerateRules(const wchar_t* name,
45                                  TargetPolicy::Semantics semantics,
46                                  LowLevelPolicy* policy) {
47   // Only support one semantic.
48   if (TargetPolicy::SIGNED_ALLOW_LOAD != semantics) {
49     return false;
50   }
51
52   base::FilePath file_path(name);
53+  base::FilePath nt_filename;
54   std::wstring nt_path_name;
55-  if (!GetNtPathFromWin32Path(file_path.DirName().value().c_str(),
56-                              &nt_path_name))
57+  if (GetNtPathFromWin32Path(file_path.DirName().value().c_str(),
58+                             &nt_path_name)) {
59+    base::FilePath nt_path(nt_path_name);
60+    nt_filename = nt_path.Append(file_path.BaseName());
61+  } else if (IsValidNtPath(file_path)) {
62+    nt_filename = std::move(file_path);
63+  } else {
64     return false;
65-  base::FilePath nt_path(nt_path_name);
66-  std::wstring nt_filename = nt_path.Append(file_path.BaseName()).value();
67+  }
68+
69   // Create a rule to ASK_BROKER if name matches.
70   PolicyRule signed_policy(ASK_BROKER);
71-  if (!signed_policy.AddStringMatch(IF, NameBased::NAME, nt_filename.c_str(),
72-                                    CASE_INSENSITIVE)) {
73+  if (!signed_policy.AddStringMatch(
74+          IF, NameBased::NAME, nt_filename.value().c_str(), CASE_INSENSITIVE)) {
75     return false;
76   }
77   if (!policy->AddRule(IpcTag::NTCREATESECTION, &signed_policy)) {
78     return false;
79   }
80
81   return true;
82 }
83