cef/patch/patches/win_sandbox_policy.patch

89 lines
3.8 KiB
Diff
Raw Normal View History

diff --git sandbox/win/src/sandbox_policy.h sandbox/win/src/sandbox_policy.h
index 17699e60e60be..53658b54f4fa7 100644
--- sandbox/win/src/sandbox_policy.h
+++ sandbox/win/src/sandbox_policy.h
@@ -282,7 +282,7 @@ class [[clang::lto_visibility_public]] TargetPolicy {
// Adds a blob of data that will be made available in the child early in
// startup via sandbox::GetDelegateData(). The contents of this data should
// not vary between children with the same TargetConfig().
- virtual void AddDelegateData(base::span<const uint8_t> data) = 0;
+ virtual void AddDelegateData(base::span<uint8_t> data) = 0;
};
} // namespace sandbox
diff --git sandbox/win/src/sandbox_policy_base.cc sandbox/win/src/sandbox_policy_base.cc
index bb144af1a7e12..2a05c5a62c941 100644
--- sandbox/win/src/sandbox_policy_base.cc
+++ sandbox/win/src/sandbox_policy_base.cc
@@ -194,12 +194,12 @@ PolicyGlobal* ConfigBase::policy() {
return policy_;
}
-std::optional<base::span<const uint8_t>> ConfigBase::policy_span() {
+std::optional<base::span<uint8_t>> ConfigBase::policy_span() {
if (policy_) {
// Note: this is not policy().data_size as that relates to internal data,
// not the entire allocated policy area.
- return base::span<const uint8_t>(reinterpret_cast<uint8_t*>(policy_.get()),
- kPolMemSize);
+ return base::span<uint8_t>(reinterpret_cast<uint8_t*>(policy_.get()),
+ kPolMemSize);
}
return std::nullopt;
}
@@ -785,14 +785,14 @@ bool PolicyBase::SetupHandleCloser(TargetProcess& target) {
return (SBOX_ALL_OK == rc);
}
-std::optional<base::span<const uint8_t>> PolicyBase::delegate_data_span() {
+std::optional<base::span<uint8_t>> PolicyBase::delegate_data_span() {
if (delegate_data_) {
return base::make_span(*delegate_data_);
}
return std::nullopt;
}
-void PolicyBase::AddDelegateData(base::span<const uint8_t> data) {
+void PolicyBase::AddDelegateData(base::span<uint8_t> data) {
CHECK(data.size() > 0u);
// Can only set this once - as there is only one region sent to the child.
CHECK(!delegate_data_);
diff --git sandbox/win/src/sandbox_policy_base.h sandbox/win/src/sandbox_policy_base.h
index af905fba23ac1..cba2426b098a8 100644
--- sandbox/win/src/sandbox_policy_base.h
+++ sandbox/win/src/sandbox_policy_base.h
@@ -117,7 +117,7 @@ class ConfigBase final : public TargetConfig {
// Should only be called once the object is configured.
PolicyGlobal* policy();
- std::optional<base::span<const uint8_t>> policy_span();
+ std::optional<base::span<uint8_t>> policy_span();
std::vector<std::wstring>& blocklisted_dlls();
AppContainerBase* app_container();
IntegrityLevel integrity_level() { return integrity_level_; }
@@ -172,7 +172,7 @@ class PolicyBase final : public TargetPolicy {
ResultCode SetStdoutHandle(HANDLE handle) override;
ResultCode SetStderrHandle(HANDLE handle) override;
void AddHandleToShare(HANDLE handle) override;
- void AddDelegateData(base::span<const uint8_t> data) override;
+ void AddDelegateData(base::span<uint8_t> data) override;
// Creates a Job object with the level specified in a previous call to
// SetJobLevel().
@@ -236,13 +236,13 @@ class PolicyBase final : public TargetPolicy {
// time.
// Returns nullopt if no data has been set, or a view into the data.
- std::optional<base::span<const uint8_t>> delegate_data_span();
+ std::optional<base::span<uint8_t>> delegate_data_span();
// The user-defined global policy settings.
HANDLE stdout_handle_;
HANDLE stderr_handle_;
// An opaque blob of data the delegate uses to prime any pre-sandbox hooks.
- std::unique_ptr<const std::vector<uint8_t>> delegate_data_;
+ std::unique_ptr<std::vector<uint8_t>> delegate_data_;
std::unique_ptr<Dispatcher> dispatcher_;