Remove memory hole mitigation for Flash Windows plugin

Review URL: https://chromiumcodereview.appspot.com/10892045

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@157206 0039d316-1c4b-4281-b951-d872f2087c98

This commit is contained in:

jschuh@chromium.org

2012-09-17 21:48:19 +00:00

parent 1de0fc0a13

commit 3eae1bc38d

1 changed files with 0 additions and 40 deletions

									
										40

content/plugin/plugin_main.cc
									
				@ -89,41 +89,6 @@ void DestroyIMEForFlash() {

				  }

				}

				// VirtualAlloc doesn't randomize well, so we use these calls to poke a

				// random-sized hole in the address space and set an event to later remove it.

				void FreeRandomMemoryHole(void *hole) {

				  ::VirtualFree(hole, 0, MEM_RELEASE);

				}

				bool CreateRandomMemoryHole() {

				  const uint32_t kRandomValueMax = 8 * 1024;  // Yields a 512mb max hole.

				  const uint32_t kRandomValueDivisor = 8;

				  const uint32_t kMaxWaitSeconds = 18 * 60;  // 18 Minutes in seconds.

				  COMPILE_ASSERT((kMaxWaitSeconds > (kRandomValueMax / kRandomValueDivisor)),

				                 kMaxWaitSeconds_value_too_small);

				  uint32_t rand_val;

				  if (rand_s(&rand_val) != S_OK) {

				    DVLOG(ERROR) << "rand_s() failed";

				  }

				  rand_val %= kRandomValueMax;

				  // Reserve a (randomly selected) range of address space.

				  if (void* hole = ::VirtualAlloc(NULL, 65536 * (1 + rand_val),

				                                  MEM_RESERVE, PAGE_NOACCESS)) {

				    // Set up an event to remove the memory hole. Base the wait time on the

				    // inverse of the allocation size, meaning a bigger hole gets a shorter

				    // wait (ranging from 1-18 minutes).

				    const uint32_t wait = kMaxWaitSeconds - (rand_val / kRandomValueDivisor);

				    MessageLoop::current()->PostDelayedTask(FROM_HERE,

				        base::Bind(&FreeRandomMemoryHole, hole),

				        base::TimeDelta::FromSeconds(wait));

				    return true;

				  }

				  return false;

				}

				#endif

				// main() routine for running as the plugin process.

				@ -185,11 +150,6 @@ int PluginMain(const content::MainFunctionParams& parameters) {

				      if (IsPluginBuiltInFlash(parsed_command_line)) {

				        DVLOG(1) << "Sandboxing flash";

				        // Poke hole in the address space to improve randomization.

				        if (!CreateRandomMemoryHole()) {

				          DVLOG(ERROR) << "Failed to create random memory hole";

				        }

				        if (!PreloadIMEForFlash())

				          DVLOG(1) << "IME preload failed";

				        DelayedLowerToken(target_services);

Remove memory hole mitigation for Flash Windows plugin

40 content/plugin/plugin_main.cc

40

content/plugin/plugin_main.cc