allow_ntpath_in_SignedPolicy_GenerateRules.patch

Enable keyboard shortcuts

# HG changeset patch

# User Toshihito Kikuchi <tkikuchi@mozilla.com>

# Date 1605814807 28800

#      Thu Nov 19 11:40:07 2020 -0800

# Node ID 29b049665db1f28ffdfce319ad48912d4a024e23

# Parent  94435953fb89c1fe147c6b76a9ecb61f59625d30

Bug 1620114 - Allow an NT path string to be passed to SignedPolicy::GenerateRules.  r=bobowen

so that our SandboxBroker can add a policy rule with an NT path directly.

diff --git a/security/sandbox/chromium/sandbox/win/src/signed_policy.cc b/security/sandbox/chromium/sandbox/win/src/signed_policy.cc

--- a/security/sandbox/chromium/sandbox/win/src/signed_policy.cc

+++ b/security/sandbox/chromium/sandbox/win/src/signed_policy.cc

@@ -7,39 +7,63 @@

 #include <stdint.h>

 #include <string>

 #include "sandbox/win/src/ipc_tags.h"

 #include "sandbox/win/src/policy_engine_opcodes.h"

 #include "sandbox/win/src/policy_params.h"

 #include "sandbox/win/src/sandbox_policy.h"

+#include "sandbox/win/src/sandbox_utils.h"

 #include "sandbox/win/src/win_utils.h"

+namespace {

+bool IsValidNtPath(const base::FilePath& name) {

+  UNICODE_STRING uni_name;

+  OBJECT_ATTRIBUTES obj_attr;

+  sandbox::InitObjectAttribs(name.value(), OBJ_CASE_INSENSITIVE, nullptr,

+                             &obj_attr, &uni_name, nullptr);

+  NtQueryAttributesFileFunction NtQueryAttributesFile = nullptr;

+  ResolveNTFunctionPtr("NtQueryAttributesFile", &NtQueryAttributesFile);

+  FILE_BASIC_INFORMATION file_info;

+  return NtQueryAttributesFile &&

+         NT_SUCCESS(NtQueryAttributesFile(&obj_attr, &file_info));

+}

+}  // namespace

 namespace sandbox {

 bool SignedPolicy::GenerateRules(const wchar_t* name,

                                  TargetPolicy::Semantics semantics,

                                  LowLevelPolicy* policy) {

   // Only support one semantic.

   if (TargetPolicy::SIGNED_ALLOW_LOAD != semantics) {

     return false;

   base::FilePath file_path(name);

+  base::FilePath nt_filename;

   std::wstring nt_path_name;

-  if (!GetNtPathFromWin32Path(file_path.DirName().value().c_str(),

-                              &nt_path_name))

+  if (GetNtPathFromWin32Path(file_path.DirName().value().c_str(),

+                             &nt_path_name)) {

+    base::FilePath nt_path(nt_path_name);

+    nt_filename = nt_path.Append(file_path.BaseName());

+  } else if (IsValidNtPath(file_path)) {

+    nt_filename = std::move(file_path);

+  } else {

     return false;

-  base::FilePath nt_path(nt_path_name);

-  std::wstring nt_filename = nt_path.Append(file_path.BaseName()).value();

+  }

   // Create a rule to ASK_BROKER if name matches.

   PolicyRule signed_policy(ASK_BROKER);

-  if (!signed_policy.AddStringMatch(IF, NameBased::NAME, nt_filename.c_str(),

-                                    CASE_INSENSITIVE)) {

+  if (!signed_policy.AddStringMatch(

+          IF, NameBased::NAME, nt_filename.value().c_str(), CASE_INSENSITIVE)) {

     return false;

   if (!policy->AddRule(IpcTag::NTCREATESECTION, &signed_policy)) {

     return false;

   return true;