Mercurial > mozreview > gecko / changeset / 234a7d6b02734f975832d458721ff8232a96f9ae
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1399787 - Part 12. Put temporay PDF and EMF files into NS_APP_CONTENT_PROCESS_TEMP_DIR. draft
authorcku <cku@mozilla.com>
Tue, 31 Oct 2017 00:04:46 +0800
changeset 688811 234a7d6b02734f975832d458721ff8232a96f9ae
parent 688809 72cf0d365965f2ef36a200b4c0ad133a4f10abb3
child 738173 6d23925523b5005dceed6d721b86debbde193553
push id86859
push usercku@mozilla.com
push dateMon, 30 Oct 2017 18:19:26 +0000
bugs1399787
milestone58.0a1
Bug 1399787 - Part 12. Put temporay PDF and EMF files into NS_APP_CONTENT_PROCESS_TEMP_DIR. So that we make sure those intermidiate file will be removed by ClearOnShutdown when the chrome process been shutdown. MozReview-Commit-ID: 7xQH9KE8AGl
security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp file | annotate | diff | comparison | revisions
widget/windows/nsDeviceContextSpecWin.cpp file | annotate | diff | comparison | revisions 
--- a/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
+++ b/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
@@ -884,16 +884,20 @@ SandboxBroker::SetSecurityLevelForPDFium
   // in the \pipe\ namespace. We restrict it to pipes that start with
   // "chrome." so the sandboxed process cannot connect to system services.
   result = mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES,
                             sandbox::TargetPolicy::FILES_ALLOW_ANY,
                             L"\\??\\pipe\\chrome.*");
   SANDBOX_ENSURE_SUCCESS(result,
                          "With these static arguments AddRule should never fail, what happened?");
 
+  // Add rule to allow read / write access to content temp dir. 
+  AddCachedDirRule(mPolicy, sandbox::TargetPolicy::FILES_ALLOW_ANY,
+                   sContentTempDir, NS_LITERAL_STRING("\\*"));
+
   // Add this rule for loading pdfium.dll.
   AddCachedDirRule(mPolicy, sandbox::TargetPolicy::FILES_ALLOW_READONLY,
                    sBinDir, NS_LITERAL_STRING("\\*"));
 
   return true;
 }
 #endif
 
--- a/widget/windows/nsDeviceContextSpecWin.cpp
+++ b/widget/windows/nsDeviceContextSpecWin.cpp
@@ -39,16 +39,17 @@
 #include "nsIUUIDGenerator.h"
 #include "mozilla/widget/PDFViaEMFPrintHelper.h"
 #include "nsDirectoryServiceDefs.h"
 #include "nsPrintfCString.h"
 #include "nsThreadUtils.h"
 #include "PDFiumProcessParent.h"
 #include "PDFiumParent.h"
 #include "WindowsEMF.h"
+#include "nsAppDirectoryServiceDefs.h"
 #endif
 
 static mozilla::LazyLogModule kWidgetPrintingLogMod("printing-widget");
 #define PR_PL(_p1)  MOZ_LOG(kWidgetPrintingLogMod, mozilla::LogLevel::Debug, _p1)
 
 using namespace mozilla;
 using namespace mozilla::gfx;
 
@@ -245,17 +246,17 @@ already_AddRefed<PrintTarget> nsDeviceCo
 
     if (mDevMode) {
       // When printing to a printer via Skia PDF we open a temporary file that
       // we draw the print output into as PDF output, then once we reach
       // EndDcoument we'll convert that PDF file to EMF page by page to print
       // each page. Here we create the temporary file and wrap it in a
       // PrintTargetSkPDF that we return.
       nsresult rv =
-        NS_GetSpecialDirectory(NS_OS_TEMP_DIR, getter_AddRefs(mPDFTempFile));
+        NS_GetSpecialDirectory(NS_APP_CONTENT_PROCESS_TEMP_DIR, getter_AddRefs(mPDFTempFile));
       NS_ENSURE_SUCCESS(rv, nullptr);
 
       nsCOMPtr<nsIUUIDGenerator> uuidGenerator =
         do_GetService("@mozilla.org/uuid-generator;1", &rv);
       if (NS_WARN_IF(NS_FAILED(rv))) {
         return nullptr;
       }
       nsID uuid;
gecko
Deployed from 1769ae2b5feb at 2022-05-11T14:55:53Z.