src/plugin/AdblockPlusClient.cpp - Issue 11756012: Enhanced Protected Mode support

Delta Between Two Patch Sets: src/plugin/AdblockPlusClient.cpp

Issue 11756012: Enhanced Protected Mode support (Closed)

Left Patch Set: Created Sept. 15, 2013, 1 a.m.

Right Patch Set: Addressing comments Created Sept. 17, 2013, 2:51 a.m.

Left:
Right:

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

Left: Side by side diff | Download
Right: Side by side diff | Download

LEFT	RIGHT
1 #include "PluginStdAfx.h"	1 #include "PluginStdAfx.h"

2

3 #include <Windows.h>

4 #include <Sddl.h>
Felix Dahlke 2013/09/16 16:30:12 Shouldn't these two includes go into PluginStdAfx? Shouldn't these two includes go into PluginStdAfx?
5

6

7 #include "PluginSettings.h"	2 #include "PluginSettings.h"

8 #include "PluginSystem.h"	3 #include "PluginSystem.h"

9 #include "PluginFilter.h"	4 #include "PluginFilter.h"

10 #include "PluginClientFactory.h"	5 #include "PluginClientFactory.h"

11 #include "PluginMutex.h"	6 #include "PluginMutex.h"

12 #include "PluginClass.h"	7 #include "PluginClass.h"

13	8

14 #include "AdblockPlusClient.h"	9 #include "AdblockPlusClient.h"

15	10

16 #include "../shared/Utils.h"	11 #include "../shared/Utils.h"

17	12

18 namespace	13 namespace

19 {	14 {

20 void SpawnAdblockPlusEngine()	15 void SpawnAdblockPlusEngine()

21 {	16 {

22 std::wstring engineExecutablePath = GetDllDir() + L"AdblockPlusEngine.exe";	17 std::wstring engineExecutablePath = GetDllDir() + L"AdblockPlusEngine.exe";

23 CString params = L"AdblockPlusEngine.exe " + CPluginSystem::GetInstance()->G etBrowserLanguage();	18 CString params = L"AdblockPlusEngine.exe " + CPluginSystem::GetInstance()->G etBrowserLanguage();

24	19

25 STARTUPINFO startupInfo = {};	20 STARTUPINFO startupInfo = {};

26 PROCESS_INFORMATION processInformation = {};	21 PROCESS_INFORMATION processInformation = {};

27	22

28 HANDLE token;	23 HANDLE token;

29 OpenProcessToken(GetCurrentProcess(), TOKEN_DUPLICATE \| TOKEN_ADJUST_DEFAULT \| TOKEN_QUERY \| TOKEN_ASSIGN_PRIMARY, &token);	24 OpenProcessToken(GetCurrentProcess(), TOKEN_DUPLICATE \| TOKEN_ADJUST_DEFAULT \| TOKEN_QUERY \| TOKEN_ASSIGN_PRIMARY, &token);

30	25

31 TOKEN_APPCONTAINER_INFORMATION *acSid = NULL;	26 TOKEN_APPCONTAINER_INFORMATION *acSid = NULL;
	Wladimir Palant 2013/09/17 07:53:48 Nit: that variable name also uses the Hungarian no Nit: that variable name also uses the Hungarian notation.
32 DWORD dwLength = 0;	27 DWORD length = 0;
Wladimir Palant 2013/09/16 13:45:07 Nit: Since when are we using Hungarian notation? I Nit: Since when are we using Hungarian notation? I'd suggest dropping the prefix in the variable names.
33	28

34 // Get AppContainer SID	29 // Get AppContainer SID

35 if (!GetTokenInformation(token, TokenAppContainerSid, (LPVOID) acSid, 0, &dw Length) && GetLastError() == ERROR_INSUFFICIENT_BUFFER)	30 if (!GetTokenInformation(token, TokenAppContainerSid, acSid, 0, &length) && GetLastError() == ERROR_INSUFFICIENT_BUFFER)
Wladimir Palant 2013/09/16 13:45:07 Nit: I think that the explicit cast to LPVOID here Nit: I think that the explicit cast to LPVOID here and below is unnecessary.
36 {	31 {

37 acSid = (TOKEN_APPCONTAINER_INFORMATION*)HeapAlloc(GetProcessHeap(), HEA P_ZERO_MEMORY, dwLength);	32 acSid = (TOKEN_APPCONTAINER_INFORMATION*) HeapAlloc(GetProcessHeap(), HE AP_ZERO_MEMORY, length);
Wladimir Palant 2013/09/16 13:45:07 Why are we using HeapAlloc() rather than "new" her Why are we using HeapAlloc() rather than "new" here? The latter can be used with a smart pointer which allows ignoring the cleanup. Speaking of cleanup, are we leaking that pointer? Nit: use static_cast for the type conversion here? Felix Dahlke 2013/09/16 16:30:12 Nit: Space before HeapAlloc? Nit: Space before HeapAlloc? Oleksandr 2013/09/17 03:11:37 "new" isn't good here since in the specific exampl Show quoted text On 2013/09/16 16:30:12, Felix H. Dahlke wrote: > Nit: Space before HeapAlloc? "new" isn't good here since in the specific example the required number of bytes to allocate is 48. And sizeof(TOKEN_APPCONTAIER_INFORMATION) is not 48. Some sort of trickery would still have to be made even if auto_ptr was used. Wladimir Palant 2013/09/17 07:53:48 What I actually meant: std::unique_ptr<char[]> si Show quoted text On 2013/09/17 03:11:37, Oleksandr wrote: > "new" isn't good here since in the specific example the required number of bytes > to allocate is 48. And sizeof(TOKEN_APPCONTAINER_INFORMATION) is not 48. What I actually meant: std::unique_ptr<char[]> sid(new char[length]); You can later cast the pointer to TOKEN_APPCONTAINER_INFORMATION when you need it. Note that unique_ptr will deal with arrays correctly, unlike auto_ptr.
38 if (acSid != NULL)	33 if (acSid != NULL)
Felix Dahlke 2013/09/16 16:30:12 What if the allocation failed? Isn't that worth an What if the allocation failed? Isn't that worth an exception?
39 {	34 {

40 GetTokenInformation(token, TokenAppContainerSid, (LPVOID) acSid, dwLen gth, &dwLength);	35 GetTokenInformation(token, TokenAppContainerSid, acSid, length, &lengt h);

	36 }

	37 else

	38 {

	39 throw std::runtime_error("Out of memory");

41 }	40 }

42 }	41 }

43	42

44 BOOL createProcRes = 0;	43 BOOL createProcRes = 0;

45 // Running inside AppContainer?	44 // Running inside AppContainer?

46 if ((acSid != NULL) && (acSid->TokenAppContainer != NULL))	45 if (acSid != NULL && acSid->TokenAppContainer != NULL)
Wladimir Palant 2013/09/16 13:45:07 Nit: the extra parentheses are unnecessary. Nit: the extra parentheses are unnecessary.
47 {	46 {

48 // Launch with default security. Registry entry will eat the user prompt	47 // Launch with default security. Registry entry will eat the user prompt

49 // See http://msdn.microsoft.com/en-us/library/bb250462(v=vs.85).aspx#wpm_ elebp	48 // See http://msdn.microsoft.com/en-us/library/bb250462(v=vs.85).aspx#wpm_ elebp

50 LPWSTR stringSid;	49 LPWSTR stringSid;

51 ConvertSidToStringSidW(acSid->TokenAppContainer, &stringSid);	50 ConvertSidToStringSidW(acSid->TokenAppContainer, &stringSid);

52 params.Append(L" ");	51 params.Append(L" ");

53 params.Append(stringSid);	52 params.Append(stringSid);

54 LocalFree(stringSid);	53 LocalFree(stringSid);

55 createProcRes = CreateProcess(engineExecutablePath.c_str(), params.GetBuff er(params.GetLength() + 1),	54 createProcRes = CreateProcessW(engineExecutablePath.c_str(), params.GetBuf fer(params.GetLength() + 1),

56 0, 0, false, 0, 0, 0, (STARTUPINFOW*)&startupInfo, &processInformation);	55 0, 0, false, 0, 0, 0, (STARTUPINFOW*)&startupInfo, &processInformation);

57 }	56 }

58 else	57 else

59 {	58 {

60 // Launch with the same security token (Low Integrity) explicitly	59 // Launch with the same security token (Low Integrity) explicitly

61 HANDLE newToken;	60 HANDLE newToken;

62 DuplicateTokenEx(token, 0, 0, SecurityImpersonation, TokenPrimary, &newTok en);	61 DuplicateTokenEx(token, 0, 0, SecurityImpersonation, TokenPrimary, &newTok en);

63	62

64 createProcRes = CreateProcessAsUser(newToken, engineExecutablePath.c_str() , params.GetBuffer(params.GetLength() + 1),	63 createProcRes = CreateProcessAsUser(newToken, engineExecutablePath.c_str() , params.GetBuffer(params.GetLength() + 1),
	Wladimir Palant 2013/09/17 07:53:48 Nit: This should be changed into CreateProcessAsUs Nit: This should be changed into CreateProcessAsUserW as well.
65 0, 0, false, 0, 0, 0, (STARTUPINFOW*)&startupInfo, &processInformation);	64 0, 0, false, 0, 0, 0, (STARTUPINFOW*)&startupInfo, &processInformation);

66 }	65 }

67	66

68 if (!createProcRes)	67 if (!createProcRes)

69 {	68 {

70 throw std::runtime_error("Failed to start Adblock Plus Engine");	69 throw std::runtime_error("Failed to start Adblock Plus Engine");

71 }	70 }

72	71

73 CloseHandle(processInformation.hProcess);	72 CloseHandle(processInformation.hProcess);

74 CloseHandle(processInformation.hThread);	73 CloseHandle(processInformation.hThread);

(...skipping 16 matching lines...) Expand all Loading...
91 try	90 try

92 {	91 {

93 return new Communication::Pipe(Communication::pipeName, Communication: :Pipe::MODE_CONNECT);	92 return new Communication::Pipe(Communication::pipeName, Communication: :Pipe::MODE_CONNECT);

94 }	93 }

95 catch (Communication::PipeConnectionError e)	94 catch (Communication::PipeConnectionError e)

96 {	95 {

97 }	96 }

98 }	97 }

99 throw std::runtime_error("Unable to open Adblock Plus Engine pipe");	98 throw std::runtime_error("Unable to open Adblock Plus Engine pipe");

100 }	99 }

101 catch(...)
Wladimir Palant 2013/09/16 13:45:07 I don't really like seeing "catch all", what kind I don't really like seeing "catch all", what kind of error are you expecting here that we react to by spawing the engine?
102 {

103 SpawnAdblockPlusEngine();

104 }

105 }	100 }

106	101

107 std::vector<std::wstring> ReadStrings(Communication::InputBuffer& message)	102 std::vector<std::wstring> ReadStrings(Communication::InputBuffer& message)

108 {	103 {

109 int32_t count;	104 int32_t count;

110 message >> count;	105 message >> count;

111	106

112 std::vector<std::wstring> result;	107 std::vector<std::wstring> result;

113 for (int32_t i = 0; i < count; i++)	108 for (int32_t i = 0; i < count; i++)

114 {	109 {

(...skipping 359 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
474 DEBUG_GENERAL((L"GetPref: " + name + L" end").c_str());	469 DEBUG_GENERAL((L"GetPref: " + name + L" end").c_str());

475 return value;	470 return value;

476 }	471 }

477 else	472 else

478 {	473 {

479 DEBUG_GENERAL((L"GetPref: " + name + L" end").c_str());	474 DEBUG_GENERAL((L"GetPref: " + name + L" end").c_str());

480 return defaultValue;	475 return defaultValue;

481 }	476 }

482 }	477 }

483	478

484 void CAdblockPlusClient::CheckForUpdates(HWND callbackWindow)	479 void CAdblockPlusClient::CheckForUpdates()

485 {	480 {

486 Communication::OutputBuffer request;	481 CallEngine(Communication::PROC_CHECK_FOR_UPDATES);

487 request << Communication::PROC_CHECK_FOR_UPDATES << (int32_t&)callbackWindow;

488 CallEngine(request);

489 }	482 }

490	483

491 std::wstring CAdblockPlusClient::GetDocumentationLink()	484 std::wstring CAdblockPlusClient::GetDocumentationLink()

492 {	485 {

493 DEBUG_GENERAL("GetDocumentationLink");	486 DEBUG_GENERAL("GetDocumentationLink");

494 Communication::InputBuffer response;	487 Communication::InputBuffer response;

495 if (!CallEngine(Communication::PROC_GET_DOCUMENTATION_LINK, response))	488 if (!CallEngine(Communication::PROC_GET_DOCUMENTATION_LINK, response))

496 return L"";	489 return L"";

497 std::wstring docLink;	490 std::wstring docLink;

498 response >> docLink;	491 response >> docLink;

499 return docLink;	492 return docLink;

500 }	493 }

501	494

502 bool CAdblockPlusClient::TogglePluginEnabled()	495 bool CAdblockPlusClient::TogglePluginEnabled()

503 {	496 {

504 DEBUG_GENERAL("TogglePluginEnabled");	497 DEBUG_GENERAL("TogglePluginEnabled");

505 Communication::InputBuffer response;	498 Communication::InputBuffer response;

506 if (!CallEngine(Communication::PROC_TOGGLE_PLUGIN_ENABLED, response))	499 if (!CallEngine(Communication::PROC_TOGGLE_PLUGIN_ENABLED, response))

507 return false;	500 return false;

508 bool currentEnabledState;	501 bool currentEnabledState;

509 response >> currentEnabledState;	502 response >> currentEnabledState;

510 return currentEnabledState;	503 return currentEnabledState;

511 }	504 }

LEFT	RIGHT