Bug 1202988 - Don't use GetTempPath for flash's mms.cfg hack for low integrity. r=aklotz

2015-09-09 17:30:57 +09:00 · 2015-09-09 17:30:57 +09:00 · 1ea93fa558
--- a/dom/plugins/ipc/PluginModuleChild.cpp
+++ b/dom/plugins/ipc/PluginModuleChild.cpp
@ -45,6 +45,8 @@
 #ifdef XP_WIN
 #include "nsWindowsDllInterceptor.h"
 #include "mozilla/widget/AudioSession.h"
+#include "WinUtils.h"
+#include <knownfolders.h>
 #endif

 #ifdef MOZ_WIDGET_COCOA
@ -56,6 +58,7 @@

 using namespace mozilla;
 using namespace mozilla::plugins;
+using namespace mozilla::widget;
 using mozilla::dom::CrashReporterChild;
 using mozilla::dom::PCrashReporterChild;

@ -1971,6 +1974,29 @@ CreateFileAHookFn(LPCSTR fname, DWORD access, DWORD share,
                            ftemplate);
 }

+static bool
+GetLocalLowTempPath(size_t aLen, LPWSTR aPath)
+{
+    NS_NAMED_LITERAL_STRING(tempname, "\\Temp");
+    LPWSTR path;
+    if (SUCCEEDED(WinUtils::SHGetKnownFolderPath(FOLDERID_LocalAppDataLow, 0,
+                                                 nullptr, &path))) {
+        if (wcslen(path) + tempname.Length() < aLen) {
+            wcscpy(aPath, path);
+            wcscat(aPath, tempname.get());
+            ::CoTaskMemFree(path);
+            return true;
+        }
+        ::CoTaskMemFree(path);
+    }
+
+    // XP doesn't support SHGetKnownFolderPath and LocalLow
+    if (!GetTempPathW(aLen, aPath)) {
+        return false;
+    }
+    return true;
+}
+
 HANDLE WINAPI
 CreateFileWHookFn(LPCWSTR fname, DWORD access, DWORD share,
                  LPSECURITY_ATTRIBUTES security, DWORD creation, DWORD flags,
@ -1990,7 +2016,7 @@ CreateFileWHookFn(LPCWSTR fname, DWORD access, DWORD share,

        // This is the config file we want to rewrite
        WCHAR tempPath[MAX_PATH+1];
-        if (GetTempPathW(MAX_PATH, tempPath) == 0) {
+        if (GetLocalLowTempPath(MAX_PATH, tempPath) == 0) {
            break;
        }
        WCHAR tempFile[MAX_PATH+1];
--- a/dom/plugins/ipc/PluginProcessParent.cpp
+++ b/dom/plugins/ipc/PluginProcessParent.cpp
@ -102,8 +102,8 @@ AddSandboxAllowedFiles(int32_t aSandboxLevel,
    AddSandboxAllowedFile(aAllowedFilesReadWrite, dirSvc, NS_WIN_APPDATA_DIR,
                          NS_LITERAL_STRING("\\Adobe\\Flash Player\\*"));

-    // Write access to the Temp directory is used to turn off protected mode
-    // and is needed in some mochitest crash tests.
+    // Write access to the Temp directory is needed in some mochitest crash
+    // tests.
    // Bug 1171393 tracks removing this requirement.
    AddSandboxAllowedFile(aAllowedFilesReadWrite, dirSvc, NS_OS_TEMP_DIR,
                          NS_LITERAL_STRING("\\*"));