Skip to content

Instantly share code, notes, and snippets.

@valenting

valenting/bug1320458-log-file-sandboxing.patch

Created January 4, 2017 20:02
Show Gist options
  • Save valenting/3e30ffd7fb686467bb38d15e8ce42b89 to your computer and use it in GitHub Desktop.
Save valenting/3e30ffd7fb686467bb38d15e8ce42b89 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
bug1320458-log-file-sandboxing.patch
# HG changeset patch
# User Valentin Gosu <[email protected]>
# Parent 3119a9a0b5dee60ac77b7596ae5dbe0658f598ad
[mq]: bug1320458-log-file-sandboxing.patch
MozReview-Commit-ID: 5ypsTycC0Qi
diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp
--- a/dom/ipc/ContentParent.cpp
+++ b/dom/ipc/ContentParent.cpp
@@ -11,16 +11,18 @@
#include "ContentParent.h"
#include "TabParent.h"
#if defined(ANDROID) || defined(LINUX)
# include <sys/time.h>
# include <sys/resource.h>
#endif
+#include <stdio.h>
+
#ifdef MOZ_WIDGET_GONK
#include <sys/types.h>
#include <sys/wait.h>
#endif
#include "chrome/common/process_watcher.h"
#include "mozilla/a11y/PDocAccessible.h"
@@ -2585,16 +2587,29 @@ ContentParent::RecvGetXPCOMProcessAttrib
SerializeURI(ucs->GetSheetURI(), *aUserContentCSSURL);
} else {
SerializeURI(nullptr, *aUserContentCSSURL);
}
return IPC_OK();
}
+mozilla::ipc::IPCResult
+ContentParent::RecvOpenLogFile(const nsCString& aPath, const nsCString& aMode, MaybeFileDesc *aLogFile)
+{
+ MaybeFileDesc maybeLogFile = void_t();
+ FILE * logFile = fopen(aPath.BeginReading(), aMode.BeginReading());
+ if (logFile) {
+ maybeLogFile = FILEToFileDescriptor(logFile);
+ }
+
+ *aLogFile = maybeLogFile;
+ return IPC_OK();
+}
+
mozilla::jsipc::PJavaScriptParent *
ContentParent::AllocPJavaScriptParent()
{
MOZ_ASSERT(ManagedPJavaScriptParent().IsEmpty());
return nsIContentParent::AllocPJavaScriptParent();
}
bool
diff --git a/dom/ipc/ContentParent.h b/dom/ipc/ContentParent.h
--- a/dom/ipc/ContentParent.h
+++ b/dom/ipc/ContentParent.h
@@ -726,16 +726,19 @@ private:
InfallibleTArray<nsString>* dictionaries,
ClipboardCapabilities* clipboardCaps,
DomainPolicyClone* domainPolicy,
StructuredCloneData* initialData,
InfallibleTArray<FontFamilyListEntry>* fontFamilies,
OptionalURIParams* aUserContentSheetURL,
nsTArray<LookAndFeelInt>* aLookAndFeelIntCache) override;
+ virtual mozilla::ipc::IPCResult
+ RecvOpenLogFile(const nsCString& aPath, const nsCString& aMode, MaybeFileDesc *aLogFile) override;
+
virtual bool
DeallocPJavaScriptParent(mozilla::jsipc::PJavaScriptParent*) override;
virtual bool
DeallocPRemoteSpellcheckEngineParent(PRemoteSpellcheckEngineParent*) override;
virtual PBrowserParent* AllocPBrowserParent(const TabId& aTabId,
const IPCTabContext& aContext,
diff --git a/dom/ipc/LogFileOpener.cpp b/dom/ipc/LogFileOpener.cpp
new file mode 100644
--- /dev/null
+++ b/dom/ipc/LogFileOpener.cpp
@@ -0,0 +1,28 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "mozilla/dom/ipc/LogFileOpener.h"
+#include "mozilla/dom/ContentChild.h"
+
+namespace mozilla {
+namespace dom {
+namespace ipc {
+
+void SyncOpenLogFile(const char * aLogPath, const char * aMode, FILE ** aOutLogFile)
+{
+ ContentChild* cc = ContentChild::GetSingleton();
+ MaybeFileDesc maybeDesc;
+ nsAutoCString logPath(aLogPath);
+ nsAutoCString mode(aMode);
+ cc->SendOpenLogFile(logPath, mode, &maybeDesc);
+ if (maybeDesc.type() == MaybeFileDesc::TFileDescriptor) {
+ *aOutLogFile = FileDescriptorToFILE(maybeDesc.get_FileDescriptor(), "wt");
+ }
+}
+
+} // namespace ipc
+} // namespace dom
+} // namespace mozilla
diff --git a/dom/ipc/LogFileOpener.h b/dom/ipc/LogFileOpener.h
new file mode 100644
--- /dev/null
+++ b/dom/ipc/LogFileOpener.h
@@ -0,0 +1,20 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef mozilla_dom_LogFileOpener_h
+#define mozilla_dom_LogFileOpener_h
+
+namespace mozilla {
+namespace dom {
+namespace ipc {
+
+void SyncOpenLogFile(const char * aLogPath, const char * aMode, FILE ** aOutLogFile);
+
+} // namespace ipc
+} // namespace dom
+} // namespace mozilla
+
+#endif // mozilla_dom_LogFileOpener_h
diff --git a/dom/ipc/PContent.ipdl b/dom/ipc/PContent.ipdl
--- a/dom/ipc/PContent.ipdl
+++ b/dom/ipc/PContent.ipdl
@@ -671,16 +671,23 @@ parent:
LookAndFeelInt[] lookAndFeelIntCache);
sync CreateChildProcess(IPCTabContext context,
ProcessPriority priority,
TabId openerTabId)
returns (ContentParentId cpId, bool isForBrowser, TabId tabId);
sync BridgeToChildProcess(ContentParentId cpId);
+ /**
+ * Because of sandboxing, the child process may not be able to open files
+ * for logging purposes, so the parent process has to that instead.
+ */
+ sync OpenLogFile(nsCString aPath, nsCString aMode)
+ returns (MaybeFileDesc aFile);
+
async CreateGMPService();
/**
* This call connects the content process to a plugin process. While this
* call runs, a new PluginModuleParent will be created in the ContentChild
* via bridging. The corresponding PluginModuleChild will live in the plugin
* process.
*/
diff --git a/dom/ipc/moz.build b/dom/ipc/moz.build
--- a/dom/ipc/moz.build
+++ b/dom/ipc/moz.build
@@ -7,16 +7,17 @@
XPIDL_SOURCES += [
'nsIHangReport.idl',
]
XPIDL_MODULE = 'dom'
EXPORTS.mozilla.dom.ipc += [
'IdType.h',
+ 'LogFileOpener.h',
'StructuredCloneData.h',
]
EXPORTS.mozilla.dom += [
'ContentBridgeChild.h',
'ContentBridgeParent.h',
'ContentChild.h',
'ContentParent.h',
@@ -48,16 +49,17 @@ UNIFIED_SOURCES += [
'ContentBridgeChild.cpp',
'ContentBridgeParent.cpp',
'ContentParent.cpp',
'ContentProcess.cpp',
'ContentProcessManager.cpp',
'CrashReporterParent.cpp',
'DatePickerParent.cpp',
'FilePickerParent.cpp',
+ 'LogFileOpener.cpp',
'nsIContentChild.cpp',
'nsIContentParent.cpp',
'PermissionMessageUtils.cpp',
'ProcessPriorityManager.cpp',
'ScreenManagerParent.cpp',
'StructuredCloneData.cpp',
'TabChild.cpp',
'TabContext.cpp',
diff --git a/xpcom/base/Logging.cpp b/xpcom/base/Logging.cpp
--- a/xpcom/base/Logging.cpp
+++ b/xpcom/base/Logging.cpp
@@ -13,16 +13,17 @@
#include "mozilla/Mutex.h"
#include "mozilla/StaticPtr.h"
#include "mozilla/Sprintf.h"
#include "mozilla/Atomics.h"
#include "mozilla/UniquePtrExtensions.h"
#include "nsClassHashtable.h"
#include "nsDebug.h"
#include "NSPRLogModulesParser.h"
+#include "mozilla/dom/ipc/LogFileOpener.h"
#include "prenv.h"
#include "prprf.h"
#ifdef XP_WIN
#include <process.h>
#else
#include <sys/types.h>
#include <unistd.h>
@@ -150,16 +151,27 @@ ExpandPIDMarker(const char* aFilename, c
namespace {
// Helper method that initializes an empty va_list to be empty.
void empty_va(va_list *va, ...)
{
va_start(*va, va);
va_end(*va);
}
+
+ FILE * OpenLogFile(const char * path, const char * mode)
+ {
+ if (XRE_IsParentProcess()) {
+ return fopen(path, mode);
+ } else {
+ FILE * f;
+ mozilla::dom::ipc::SyncOpenLogFile(path, mode, &f);
+ return f;
+ }
+ }
}
class LogModuleManager
{
public:
LogModuleManager()
: mModulesLock("logmodules")
, mModules(kInitialModuleCount)
@@ -318,19 +330,19 @@ public:
{
FILE* file;
if (mRotate > 0) {
char buf[2048];
SprintfLiteral(buf, "%s.%d", mOutFilePath.get(), aFileNum);
// rotate doesn't support append.
- file = fopen(buf, "w");
+ file = OpenLogFile(buf, "w");
} else {
- file = fopen(mOutFilePath.get(), aShouldAppend ? "a" : "w");
+ file = OpenLogFile(mOutFilePath.get(), aShouldAppend ? "a" : "w");
}
if (!file) {
return nullptr;
}
return new detail::LogFile(file, aFileNum);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment