Exit early on invalid process type flag (see #3824)

This avoids crashes later during Chromium initialization.
2025-06-05 21:39:12 +02:00 · 2025-05-20 11:38:53 -04:00
parent ce365d4987
commit 9a115ea48f
3 changed files with 23 additions and 5 deletions
--- a/include/internal/cef_types.h
+++ b/include/internal/cef_types.h
@@ -1061,6 +1061,11 @@ typedef enum {

  CEF_RESULT_CODE_CHROME_FIRST,

+#if CEF_API_ADDED(CEF_NEXT)
+  /// The process is of an unknown type.
+  CEF_RESULT_CODE_BAD_PROCESS_TYPE = 6,
+#endif
+
  /// A critical chrome file is missing.
  CEF_RESULT_CODE_MISSING_DATA = 7,

--- a/libcef/browser/main_runner.cc
+++ b/libcef/browser/main_runner.cc
@@ -224,10 +224,15 @@ int CefMainRunner::RunAsHelperProcess(const CefMainArgs& args,

  // If no process type is specified then it represents the browser process and
  // we do nothing.
+  if (!command_line.HasSwitch(switches::kProcessType)) {
+    return -1;
+  }
+
  const std::string& process_type =
      command_line.GetSwitchValueASCII(switches::kProcessType);
  if (process_type.empty()) {
-    return -1;
+    // Early exit on invalid process type.
+    return CEF_RESULT_CODE_BAD_PROCESS_TYPE;
  }

  auto main_delegate = std::make_unique<ChromeMainDelegateCef>(
--- a/libcef_dll/bootstrap/bootstrap_win.cc
+++ b/libcef_dll/bootstrap/bootstrap_win.cc
@@ -13,6 +13,7 @@
 #include "base/strings/string_util.h"
 #include "base/strings/utf_string_conversions.h"
 #include "cef/include/cef_sandbox_win.h"
+#include "cef/include/internal/cef_types.h"
 #include "cef/libcef/browser/preferred_stack_size_win.inc"
 #include "cef/libcef_dll/bootstrap/bootstrap_util_win.h"
 #include "cef/libcef_dll/bootstrap/certificate_util_win.h"
@@ -89,10 +90,17 @@ int APIENTRY wWinMain(HINSTANCE hInstance,
  const base::CommandLine command_line =
      base::CommandLine::FromString(::GetCommandLineW());

+  constexpr char kProcessType[] = "type";
+  const bool is_subprocess = command_line.HasSwitch(kProcessType);
+  if (is_subprocess && command_line.GetSwitchValueASCII(kProcessType).empty()) {
+    // Early exit on invalid process type.
+    return CEF_RESULT_CODE_BAD_PROCESS_TYPE;
+  }
+
  // True if this is a sandboxed sub-process. Uses similar logic to
  // Sandbox::IsProcessSandboxed.
  const bool is_sandboxed =
-      command_line.HasSwitch("type") &&
+      is_subprocess &&
      base::GetCurrentProcessIntegrityLevel() < base::MEDIUM_INTEGRITY;

  std::wstring dll_name;
@@ -124,7 +132,7 @@ int APIENTRY wWinMain(HINSTANCE hInstance,

    if (bootstrap_util::IsDefaultExeName(dll_name)) {
      ShowError(LoadString(IDS_ERROR_NO_MODULE_NAME));
-      return 1;
+      return CEF_RESULT_CODE_KILLED;
    }

    certificate_util::GetClientThumbprints(
@@ -137,7 +145,7 @@ int APIENTRY wWinMain(HINSTANCE hInstance,
          {base::WideToUTF16(exe_path.BaseName().value()),
           base::WideToUTF16(exe_thumbprints.errors)});
      ShowError(FormatErrorString(IDS_ERROR_INVALID_CERT, subst));
-      return 1;
+      return CEF_RESULT_CODE_KILLED;
    }
  }

@@ -212,5 +220,5 @@ int APIENTRY wWinMain(HINSTANCE hInstance,
    ShowError(error);
  }

-  return 1;
+  return CEF_RESULT_CODE_KILLED;
 }