src/plugin/AdblockPlusClient.cpp - Issue 11756012: Enhanced Protected Mode support

Unified Diff: src/plugin/AdblockPlusClient.cpp

Issue 11756012: Enhanced Protected Mode support (Closed)

Patch Set: Created Sept. 15, 2013, 1 a.m.

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View side-by-side diff with in-line comments

Index: src/plugin/AdblockPlusClient.cpp

===================================================================

--- a/src/plugin/AdblockPlusClient.cpp

+++ b/src/plugin/AdblockPlusClient.cpp

@@ -1,5 +1,9 @@

#include "PluginStdAfx.h"

+#include <Windows.h>

+#include <Sddl.h>

Felix Dahlke 2013/09/16 16:30:12 Shouldn't these two includes go into PluginStdAfx?

#include "PluginSettings.h"

#include "PluginSystem.h"

#include "PluginFilter.h"

@@ -23,14 +27,46 @@

HANDLE token;

OpenProcessToken(GetCurrentProcess(), TOKEN_DUPLICATE | TOKEN_ADJUST_DEFAULT | TOKEN_QUERY | TOKEN_ASSIGN_PRIMARY, &token);

- HANDLE newToken;

- DuplicateTokenEx(token, 0, 0, SecurityImpersonation, TokenPrimary, &newToken);

- if (!CreateProcessAsUserW(newToken, engineExecutablePath.c_str(),

- params.GetBuffer(params.GetLength() + 1),

- 0, 0, 0, 0, 0, 0, &startupInfo, &processInformation))

+ TOKEN_APPCONTAINER_INFORMATION *acSid = NULL;

+ DWORD dwLength = 0;

Wladimir Palant 2013/09/16 13:45:07 Nit: Since when are we using Hungarian notation? I

+ // Get AppContainer SID

+ if (!GetTokenInformation(token, TokenAppContainerSid, (LPVOID) acSid, 0, &dwLength) && GetLastError() == ERROR_INSUFFICIENT_BUFFER)

Wladimir Palant 2013/09/16 13:45:07 Nit: I think that the explicit cast to LPVOID here

{

- DWORD error = GetLastError();

+ acSid = (TOKEN_APPCONTAINER_INFORMATION*)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, dwLength);

Wladimir Palant 2013/09/16 13:45:07 Why are we using HeapAlloc() rather than "new" her

Felix Dahlke 2013/09/16 16:30:12 Nit: Space before HeapAlloc?

Oleksandr 2013/09/17 03:11:37 "new" isn't good here since in the specific exampl

Wladimir Palant 2013/09/17 07:53:48 What I actually meant: std::unique_ptr<char[]> si

+ if (acSid != NULL)

Felix Dahlke 2013/09/16 16:30:12 What if the allocation failed? Isn't that worth an

+ {

+ GetTokenInformation(token, TokenAppContainerSid, (LPVOID) acSid, dwLength, &dwLength);

+ }

+ BOOL createProcRes = 0;

+ // Running inside AppContainer?

+ if ((acSid != NULL) && (acSid->TokenAppContainer != NULL))

Wladimir Palant 2013/09/16 13:45:07 Nit: the extra parentheses are unnecessary.

+ {

+ // Launch with default security. Registry entry will eat the user prompt

+ // See http://msdn.microsoft.com/en-us/library/bb250462(v=vs.85).aspx#wpm_elebp

+ LPWSTR stringSid;

+ ConvertSidToStringSidW(acSid->TokenAppContainer, &stringSid);

+ params.Append(L" ");

+ params.Append(stringSid);

+ LocalFree(stringSid);

+ createProcRes = CreateProcess(engineExecutablePath.c_str(), params.GetBuffer(params.GetLength() + 1),

+ 0, 0, false, 0, 0, 0, (STARTUPINFOW*)&startupInfo, &processInformation);

+ }

+ else

+ {

+ // Launch with the same security token (Low Integrity) explicitly

+ HANDLE newToken;

+ DuplicateTokenEx(token, 0, 0, SecurityImpersonation, TokenPrimary, &newToken);

+ createProcRes = CreateProcessAsUser(newToken, engineExecutablePath.c_str(), params.GetBuffer(params.GetLength() + 1),

+ 0, 0, false, 0, 0, 0, (STARTUPINFOW*)&startupInfo, &processInformation);

+ }

+ if (!createProcRes)

+ {

throw std::runtime_error("Failed to start Adblock Plus Engine");

}

@@ -62,6 +98,10 @@

}

throw std::runtime_error("Unable to open Adblock Plus Engine pipe");

}

+ catch(...)

Wladimir Palant 2013/09/16 13:45:07 I don't really like seeing "catch all", what kind

+ {

+ SpawnAdblockPlusEngine();

+ }

}

std::vector<std::wstring> ReadStrings(Communication::InputBuffer& message)

« src/engine/Main.cpp ('K') | « src/plugin/AdblockPlus.rgs ('k') | src/plugin/PluginClass.cpp » ('j') | src/plugin/PluginClass.cpp » ('J')