Skip to content

Commit

Permalink
Remove sandbox workarounds for deprecated OS X versions.
Browse files Browse the repository at this point in the history
As OS X 10.6 to 10.8 are no longer supported, a memory corruption bug
workaround is no longer necessary. In addition, the code can be simplified
by using the sandbox_init_with_parameters API present in recent OS X versions.

BUG=579255

Review URL: https://codereview.chromium.org/1764263002

Cr-Commit-Position: refs/heads/master@{#379371}
  • Loading branch information
kerrnel90 authored and Commit bot committed Mar 4, 2016
1 parent 0e9b1cb commit 9f239d6
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 63 deletions.
3 changes: 0 additions & 3 deletions content/common/sandbox_mac.h
Original file line number Diff line number Diff line change
Expand Up @@ -50,9 +50,6 @@ class CONTENT_EXPORT SandboxCompiler {
bool CompileAndApplyProfile(std::string* error);

private:
// Frees all of the system resources allocated for the sandbox.
void FreeSandboxResources(void* profile, void* params, char* error);

// Storage of the key/value pairs of strings that are used in the sandbox
// profile.
std::map<std::string, std::string> params_map_;
Expand Down
74 changes: 14 additions & 60 deletions content/common/sandbox_mac.mm
Original file line number Diff line number Diff line change
Expand Up @@ -47,14 +47,10 @@
void CGSSetDenyWindowServerConnections(bool);
void CGSShutdownServerConnections();

void* sandbox_create_params();
int sandbox_set_param(void* params, const char* key, const char* value);
void* sandbox_compile_string(const char* profile_str,
void* params,
char** error);
int sandbox_apply(void* profile);
void sandbox_free_params(void* params);
void sandbox_free_profile(void* profile);
int sandbox_init_with_parameters(const char* profile,
uint64_t flags,
const char* const parameters[],
char** errorbuf);
};

namespace content {
Expand All @@ -68,14 +64,6 @@
int sandbox_profile_resource_id;
};

// This is the internal definition of the structure used by sandbox parameters
// on OS X 10.6.
struct SandboxParams {
void* buf;
size_t count;
size_t size;
};

// Mapping from sandbox process types to resource IDs containing the sandbox
// profile for all process types known to content.
SandboxTypeToResourceIDMapping kDefaultSandboxTypeToResourceIDMapping[] = {
Expand Down Expand Up @@ -153,58 +141,24 @@ NOINLINE void FatalStringQuoteException(const std::string& str) {
return params_map_.insert(std::make_pair(key, value)).second;
}

void SandboxCompiler::FreeSandboxResources(void* profile,
void* params,
char* error) {
if (error)
sandbox_free_error(error);
if (params)
sandbox_free_params(params);
if (profile)
sandbox_free_profile(profile);
}

bool SandboxCompiler::CompileAndApplyProfile(std::string* error) {
char* error_internal = nullptr;
void* profile = nullptr;
void* params = nullptr;

if (!params_map_.empty()) {
if (base::mac::IsOSSnowLeopard()) {
// This is a workaround for 10.6, see crbug.com/509114.
// Check that there is no integer overflow.
base::CheckedNumeric<size_t> checked_size = params_map_.size();
checked_size *= 2;
if (!checked_size.IsValid())
return false;

SandboxParams* internal_params =
static_cast<SandboxParams*>(malloc(sizeof(SandboxParams)));
internal_params->buf = calloc(checked_size.ValueOrDie(), sizeof(void*));
internal_params->count = 0;
internal_params->size = checked_size.ValueOrDie();
params = internal_params;
} else {
params = sandbox_create_params();
if (!params)
return false;
}
std::vector<const char*> params;

for (const auto& kv : params_map_)
sandbox_set_param(params, kv.first.c_str(), kv.second.c_str());
for (const auto& kv : params_map_) {
params.push_back(kv.first.c_str());
params.push_back(kv.second.c_str());
}
// The parameters array must be null terminated.
params.push_back(static_cast<const char*>(0));

profile =
sandbox_compile_string(profile_str_.c_str(), params, &error_internal);
if (!profile) {
if (sandbox_init_with_parameters(profile_str_.c_str(), 0, params.data(),
&error_internal)) {
error->assign(error_internal);
FreeSandboxResources(profile, params, error_internal);
sandbox_free_error(error_internal);
return false;
}

int result = sandbox_apply(profile);
FreeSandboxResources(profile, params, error_internal);
return result == 0;
return true;
}

// static
Expand Down

0 comments on commit 9f239d6

Please sign in to comment.