diff --git a/LICENSE.rtf b/LICENSE.rtf old mode 100644 new mode 100755 diff --git a/LICENSE.txt b/LICENSE.txt old mode 100644 new mode 100755 diff --git a/README.md b/README.md old mode 100644 new mode 100755 index c376e82..584ab62 --- a/README.md +++ b/README.md @@ -93,6 +93,12 @@ escape vectors. ## Release History +**2019-06-03** + * Now using the latest 64-bit Chromium sandbox + * Recompiled against the latest version of Ghostscript (9.27) + * Compiled using Clang by leveraging Chromium's BUILD.gn system +* Rolled to version 1.3.9.27 + **2013-10-11** * Recompiled against latest version of Ghostscript (9.10) * Rolled to version 1.2.9.10 @@ -119,41 +125,101 @@ The following future refinements are planned: * Sandbox other executable in the GhostPDL project (e.g ```pcl6.exe```). * Support custom FONT and LIB paths defined on the command line (read only access). * Look at sandbox options on Linux. - * 64bit version when/if the Chromium sandbox supports it. ## Authors -![PaperCut Software Logo](http://www.papercut.com/images/logo_papercut.png) +## Building GhostTrap -*Ghost Trap* is open source software developed by Chris Dance with the support of -[PaperCut Software](http://www.papercut.com/). +### Requirements +* [GhostTrap Source Code](https://github.com/PaperCutSoftware/GhostTrap) +* [Chromium (source checkout and build instructions)](https://chromium.googlesource.com/chromium/src/+/master/docs/windows_build_instructions.md) +* [GhostPDL Source Code](https://www.ghostscript.com/download/gpdldnld.html) +* [Inno Setup](http://www.jrsoftware.org/isinfo.php) -## Developers +### Building -To build Ghost Trap from source, here is a brief flow: +##### Download the GhostTrap source code. You should have the following directory layout: - 1. Clone this git repo. +```bash +GhostTrap +├── build.bat +├── images +│   ├── ghostbusters-ghost-trap.jpg +│   └── ghostbusters-ghost-trap-sized.jpg +├── installer +│   └── win +│   ├── ghost-trap.iss +│   ├── installer-logo-large.bmp +│   └── install-info.rtf +├── LICENSE.rtf +├── LICENSE.txt +├── README.md +├── src +│   ├── gstrapped.cpp +│   ├── sandbox_procmgmt.cpp +│   └── sandbox_procmgmt.h +├── tests +└── third-party + └── README.txt +``` - 2. Download Google Chromium source into the third-party directory as documented in ```[ghost-trap]/third-party/README.txt``` +##### Fetch the Chromium source code and setup the build environtment. +_Follow the instructions carefully!_ - 3. Download GhostPDL source into the third-party directory as documented in ```[ghost-trap]/third-party/README.txt``` +Note: Build your chromium directory inside the GhostTrap\third-party folder. - 4. Perform a ```32bit Release``` compile on each dependency (follow the project's documentation). - Note: Building Chromium is very involved! Follow the directions carefully. You will not need to compile whole - Chromium source. Just the "sandbox" sub project will be enough to generate the required dependencies. +```bash +GhostTrap +├── build.bat +├── * +├── src +├── tests +└── third-party + └── chromium ⬅ ⬅ ⬅ +``` - 5. Install [INNO setup](http://www.jrsoftware.org/isinfo.php). +Before the next step, make sure you're able to run the following command: +```bash +GhostTrap\third-party\chromium\src> gn gen out\Default +``` - 6. Run ```build.bat``` +##### Download the GhostPDL source code and copy the whole folder inside third-party as ghostpdl. + +Compile 64-bit exe's of Ghostscript, GhostPCL and GhostXPS + +```bash +GhostTrap +├── build.bat +├── * +├── src +├── tests +└── third-party + ├── chromium + └── ghostpdl ⬅ ⬅ ⬅ +``` + +##### Install Inno Setup + +##### Run the build script +```bash +GhostTrap> build.bat +``` + +##### The installer will be built in GhostTrap\target\ghost-trap-installer-1.2.9.27 + +### _Successfully built with the following versions:_ +##### _Ghostscript source code: 9.27_ +##### _Chromium source code commit: 2d57e5b8afc6d01b344a8d95d3470d46b35845c5_ +>>>>>>> Updated to Ghostscript 9.27 and latest 64-bit Chromium Sandbox. ## License *Ghost Trap* is open source software licensed under the Affero GPL: - Copyright (c) 2012-2014 PaperCut Software Int. Pty. Ltd. http://www.papercut.com/ + Copyright (c) 2012-2019 PaperCut Software Int. Pty. Ltd. http://www.papercut.com/ This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as @@ -168,3 +234,5 @@ To build Ghost Trap from source, here is a brief flow: You should have received a copy of the GNU Affero General Public License along with this program. If not, see . + + diff --git a/build.bat b/build.bat old mode 100644 new mode 100755 index 83261e7..6629741 --- a/build.bat +++ b/build.bat @@ -1,74 +1,133 @@ @echo off - -set GHOST_TRAP_VERSION=1.2 - -set INNO_COMPILER=%programfiles(x86)%\Inno Setup 5\ISCC.exe +set GHOST_TRAP_VERSION=1.3 +set INNO_COMPILER=%programfiles(x86)%\Inno Setup 6\ISCC.exe SETLOCAL ENABLEDELAYEDEXPANSION set starttime=%time% set startdir=%cd% +set gsversion=9.27 + +echo .-. ___ _ _ _____ +echo (o o) / _ \ ^|__ ___ ___^| ^|/__ \_ __ __ _ _ __ +echo ^| O \ / /_\/ '_ \ / _ \/ __^| __^|/ /\/ '__/ _` ^| '_ \ +echo \ \ / /_\\^| ^| ^| ^| (_) \__ \ ^|_/ / ^| ^| ^| (_^| ^| ^|_) ^| +echo `~~~'\____/^|_^| ^|_^|\___/^|___/\__\/ ^|_^| \__,_^| .__/ +echo ^|_^| +echo. rem Make the current dir the script dir cd %~dp0 +if %errorlevel% NEQ 0 goto builderror REM # -REM # Verify that our 3rd party dependencies exist and are built. +REM # Verify that our required dependencies exists REM # -if exist third-party\chromium\src\sandbox goto chromesrcok +if exist "%~dp0third-party\ghostpdl\bin\gsdll64.dll" goto gsinsok +echo Error: Unable to locate the GhostPDL files +echo Please ensure its at: +echo %~dp0third-party\ghostpdl\bin\gsdll64.dll +goto builderror +:gsinsok + +if exist %~dp0third-party\chromium\src\sandbox goto chromesrcok echo Error: Unable to locate the chromium source. echo Please ensure the chromium source is located at: echo %~dp0third-party\chromium\src goto builderror :chromesrcok -if exist third-party\chromium\src\build\Release\lib\sandbox*.lib goto chromelibok -echo Error: Unable to locate the chromium sandbox.lib files. -echo Please ensure the chromium sandbox project has been built. -echo The sandbox.lib file should exist at: -echo %~dp0third-party\chromium\build\Release\lib\sandbox.lib +if exist %~dp0src goto ghosttrapsrcok +echo Error: Unable to locate the GhostTrap project source. +echo Please ensure the GhostTrap source is located at: +echo %~dp0src goto builderror -:chromelibok +:ghosttrapsrcok -if exist third-party\ghostpdl\win32 goto ghostpdlsrcok +if exist %~dp0third-party\ghostpdl\psi\ goto ghostscriptsrcok echo Error: Unable to locate the GhostPDL project source. echo Please ensure the GhostPDL source is located at: echo %~dp0third-party\ghostpdl goto builderror -:ghostpdlsrcok - -if exist third-party\ghostpdl\gs\bin\gswin32c.exe goto ghostpdllibok -echo Error: Unable to locate Ghostscript binaries. -echo Please ensure that the GhostPDL solution has been built. -echo The gswin32c.exe file should exist at: -echo %~dp0third-party\ghostpdl\gs\bin\gswin32c.exe -goto builderror -:ghostpdllibok +:ghostscriptsrcok REM # REM # Get Ghostscript version info REM # -for /f "usebackq delims=" %%x in (`findstr /B /C:GS_VERSION_M third-party\ghostpdl\gs\base\version.mak`) do (set "%%x") +for /f "usebackq delims=" %%x in (`findstr /B /C:GS_VERSION_M %~dp0third-party\ghostpdl\base\version.mak`) do (set "%%x") echo Ghostscript version is %GS_VERSION_MAJOR%.%GS_VERSION_MINOR% +echo. REM # REM # Build Ghost Trap REM # -@if "%VSINSTALLDIR%"=="" call "%VS100COMNTOOLS%\vsvars32.bat" -echo. +echo ==== Compiling 64-bit ==== -REM Build 32 bit -echo ==== Compiling 32-bit ==== -devenv src\ghost-trap.sln /rebuild "release|Win32" +REM Append extra build info to the BUILD.gn +>nul find "gswin64c" %~dp0third-party\chromium\src\sandbox\win\BUILD.gn && ( + goto buildinfoexists +) || ( + goto buildinfomissing +) + +:buildinfomissing +echo.>>%~dp0chromium\src\sandbox\win\BUILD.gn +echo executable("gswin64c-trapped") {>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +echo sources = [>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +echo "ghosttrap/gstrapped.cpp",>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +echo "ghosttrap/sandbox_procmgmt.cpp",>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +echo "ghosttrap/sandbox_procmgmt.h",>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +echo ]>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +echo.>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +echo include_dirs = [>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +echo "ghosttrap/ghostscript/psi",>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +echo "ghosttrap/ghostscript/base",>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +echo ]>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +echo.>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +echo deps = [>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +echo ":sandbox",>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +echo ]>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +echo }>>%~dp0third-party\chromium\src\sandbox\win\BUILD.gn +:buildinfoexists + +REM Copy the ghosttrap source code to the Chromium project +call mkdir %~dp0third-party\chromium\src\sandbox\win\ghosttrap > NUL +call xcopy %~dp0src %~dp0third-party\chromium\src\sandbox\win\ghosttrap\ /Y /E /s > NUL + +REM Copy the ghosttrap source code to the Chromium project +call mkdir %~dp0third-party\chromium\src\sandbox\win\ghosttrap\ghostscript > NUL +call xcopy %~dp0third-party\ghostpdl %~dp0third-party\chromium\src\sandbox\win\ghosttrap\ghostscript\ /Y /E /s > NUL + +REM # +REM # REM Start the build +REM # + +call cd third-party\chromium\src\ > NUL +if %errorlevel% NEQ 0 goto builderror + +call gn gen out\Default --args="is_debug=false" > NUL +if %errorlevel% NEQ 0 goto builderror + +call autoninja -C out\Default sandbox/win:gswin64c-trapped > NUL +if %errorlevel% NEQ 0 goto builderror + +REM # +REM # Test GhostTrap +REM # +call cd out\Default\ > NUL +echo Testing GhostTrap... +call gswin64c-trapped.exe --test-sandbox -sOutputFile="C:\output\outputtest.txt" "C:\input\inputtest.txt" +if %errorlevel% NEQ 0 goto builderror + +call cd %startdir% > NUL if %errorlevel% NEQ 0 goto builderror REM # REM # Create target dir mirroring Ghostscript standard install. REM # - rmdir /s /q "target" > NUL REM # Small sleep so we don't hit locked files. @@ -80,43 +139,63 @@ mkdir target > NUL mkdir target\installfiles > NUL mkdir target\installfiles\bin > NUL mkdir target\installfiles\doc > NUL +mkdir target\installfiles\doc\images > NUL +mkdir target\installfiles\doc\pclxps > NUL mkdir target\installfiles\examples > NUL +mkdir target\installfiles\examples\cjk > NUL +mkdir target\installfiles\iccprofiles > NUL mkdir target\installfiles\lib > NUL -mkdir target\installfiles\zlib > NUL -mkdir target\installfiles\zlib\doc > NUL +mkdir target\installfiles\Resource > NUL +mkdir target\installfiles\Resource\CIDFont > NUL +mkdir target\installfiles\Resource\CIDFSubst > NUL +mkdir target\installfiles\Resource\CMap > NUL +mkdir target\installfiles\Resource\ColorSpace > NUL +mkdir target\installfiles\Resource\Decoding > NUL +mkdir target\installfiles\Resource\Encoding > NUL +mkdir target\installfiles\Resource\Font > NUL +mkdir target\installfiles\Resource\IdiomSet > NUL +mkdir target\installfiles\Resource\Init > NUL +mkdir target\installfiles\Resource\SubstCID > NUL REM # Ghost Trap exe, README and LICENSE files -copy src\Release\gswin32c-trapped.exe target\installfiles\bin /Y > NUL - -REM # Chrome sandbox wow helper -copy third-party\chromium\src\build\Release\wow_helper.exe target\installfiles\bin /Y > NUL +copy "third-party\chromium\src\out\Default\gswin64c-trapped.exe" target\installfiles\bin\gsc-trapped.exe /Y > NUL +copy "third-party\chromium\src\out\Default\gswin64c-trapped.exe" target\installfiles\bin\gswin32c-trapped.exe /Y > NUL copy LICENSE* target\installfiles /Y > NUL copy README* target\installfiles /Y > NUL REM # Ghostscript files (mirroring standard install structure) -copy third-party\ghostpdl\gs\bin\gswin32*.exe target\installfiles\bin /Y > NUL -copy third-party\ghostpdl\gs\bin\gsdll32*.dll target\installfiles\bin /Y > NUL - -copy third-party\ghostpdl\gs\doc\*.* target\installfiles\doc /Y > NUL - -copy third-party\ghostpdl\gs\examples\*.* target\installfiles\examples /Y > NUL - -copy third-party\ghostpdl\gs\lib\*.* target\installfiles\lib /Y > NUL - -copy third-party\ghostpdl\gs\zlib\doc\*.* target\installfiles\zlib\doc /Y > NUL - -REM # Also include pcl6.exe (PCL support) and gxps.exe (XPS support) for convenience. -REM # Note: These do not (yet) have trapped varients. - -copy third-party\ghostpdl\main\obj\pcl6.exe target\installfiles\bin /Y > NUL -copy third-party\ghostpdl\xps\obj\gxps.exe target\installfiles\bin /Y > NUL +copy "third-party\ghostpdl\bin\gswin64.exe" target\installfiles\bin /Y > NUL +copy "third-party\ghostpdl\bin\gswin64.exe" target\installfiles\bin\gswin32.exe /Y > NUL +copy "third-party\ghostpdl\bin\gswin64c.exe" target\installfiles\bin /Y > NUL +copy "third-party\ghostpdl\bin\gswin64c.exe" target\installfiles\bin\gswin32c.exe /Y > NUL +copy "third-party\ghostpdl\bin\gsdll64.dll" target\installfiles\bin /Y > NUL +copy "third-party\ghostpdl\bin\gpcl6win64.exe" target\installfiles\bin\pcl6.exe /Y > NUL +copy "third-party\ghostpdl\bin\gpcl6dll64.dll" target\installfiles\bin /Y > NUL +copy "third-party\ghostpdl\bin\gxpswin64.exe" target\installfiles\bin\gxps.exe /Y > NUL +copy "third-party\ghostpdl\bin\gxpsdll64.dll" target\installfiles\bin /Y > NUL +copy "third-party\ghostpdl\doc\*.*" target\installfiles\doc /Y > NUL +copy "third-party\ghostpdl\doc\images\*.*" target\installfiles\doc\images /Y > NUL +copy "third-party\ghostpdl\doc\pclxps\*.*" target\installfiles\doc\pclxps /Y > NUL +copy "third-party\ghostpdl\examples\*.*" target\installfiles\examples /Y > NUL +copy "third-party\ghostpdl\examples\cjk\*.*" target\installfiles\examples\cjk /Y > NUL +copy "third-party\ghostpdl\iccprofiles\*.*" target\installfiles\iccprofiles /Y > NUL +copy "third-party\ghostpdl\lib\*.*" target\installfiles\lib /Y > NUL +copy "third-party\ghostpdl\Resource\CIDFont\*.*" target\installfiles\Resource\CIDFont /Y > NUL +copy "third-party\ghostpdl\Resource\CIDFSubst\*.*" target\installfiles\Resource\CIDFSubst /Y > NUL +copy "third-party\ghostpdl\Resource\CMap\*.*" target\installfiles\Resource\CMap /Y > NUL +copy "third-party\ghostpdl\Resource\ColorSpace\*.*" target\installfiles\Resource\ColorSpace /Y > NUL +copy "third-party\ghostpdl\Resource\Decoding\*.*" target\installfiles\Resource\Decoding /Y > NUL +copy "third-party\ghostpdl\Resource\Encoding\*.*" target\installfiles\Resource\Encoding /Y > NUL +copy "third-party\ghostpdl\Resource\Font\*.*" target\installfiles\Resource\Font /Y > NUL +copy "third-party\ghostpdl\Resource\IdiomSet\*.*" target\installfiles\Resource\IdiomSet /Y > NUL +copy "third-party\ghostpdl\Resource\Init\*.*" target\installfiles\Resource\Init /Y > NUL +copy "third-party\ghostpdl\Resource\SubstCID\*.*" target\installfiles\Resource\SubstCID /Y > NUL REM # REM # Run Inno install script to build the installer REM # echo Building installer... - "%INNO_COMPILER%" "/dapp_version=%GHOST_TRAP_VERSION%" "/dgs_version=%GS_VERSION_MAJOR%.%GS_VERSION_MINOR%" installer\win\ghost-trap.iss /q if %errorlevel% NEQ 0 goto builderror @@ -138,4 +217,4 @@ cd %startdir% echo Build complete. echo started at: %starttime% -echo now it is : %time% +echo now it is : %time% \ No newline at end of file diff --git a/installer/win/ghost-trap.iss b/installer/win/ghost-trap.iss old mode 100644 new mode 100755 index 6a90b99..fe7237f --- a/installer/win/ghost-trap.iss +++ b/installer/win/ghost-trap.iss @@ -1,4 +1,4 @@ -; Copyright (c) 2012-2014 PaperCut Software International Pty. Ltd. +; Copyright (c) 2012-2019 PaperCut Software International Pty. Ltd. ; Author: Chris Dance ; ; License: GNU Affero GPL v3 - See project LICENSE file. @@ -6,6 +6,7 @@ ; Ghost Trap Inno Setup based installer script. ; +[Setup] #define app_name "Ghost Trap" #define app_name_no_space "GhostTrap" @@ -16,23 +17,21 @@ #define gs_name "GPL Ghostscript" #ifndef gs_version - #define gs_version "9.06" + #define gs_version "9.27" #endif -#define gs_c_exe "gswin32c.exe" -#define gs_dll "gsdll32.dll" +#define gs_c_exe "gswin64c.exe" +#define gs_dll "gsdll64.dll" - -[Setup] AppName={#app_name} AppVerName="{#app_name} {#app_version}.{#gs_version}" AppPublisher="PaperCut Software Int. Pty. Ltd." AppPublisherURL=https://github.com/PaperCutSoftware/GhostTrap AppSupportURL=https://github.com/PaperCutSoftware/GhostTrap/issues AppUpdatesURL=https://github.com/PaperCutSoftware/GhostTrap -DefaultDirName={pf}\{#app_name_no_space} - -VersionInfoVersion={#app_version}.{#gs_version} +DefaultDirName={commonpf}\{#app_name_no_space} +ArchitecturesAllowed=x64 +ArchitecturesInstallIn64BitMode=x64 LicenseFile=..\..\LICENSE.rtf InfoBeforeFile=..\..\installer\win\install-info.rtf @@ -51,7 +50,6 @@ PrivilegesRequired=admin WizardImageFile=..\..\installer\win\installer-logo-large.bmp -;WizardSmallImageFile=setup-logo.bmp [Messages] BeveledLabel={#app_name} {#app_version} @@ -60,7 +58,6 @@ BeveledLabel={#app_name} {#app_version} [Files] Source: *; DestDir: {app}; Flags: ignoreversion recursesubdirs createallsubdirs - [Registry] ; Add some keys that might help us in the future Root: HKLM; Subkey: "Software\{#app_name_no_space}"; Flags: uninsdeletekey @@ -78,11 +75,9 @@ Root: HKLM; Subkey: "Software\{#gs_name}\{#gs_version}"; ValueType: string; Valu ; Generate Windows font map (mirror Ghostscript installer) Filename: {app}\bin\{#gs_c_exe}; Parameters: "-q -dBATCH ""-sFONTDIR={code:FontsDirWithForwardSlashes}"" ""-sCIDFMAP={app}\lib\cidfmap"" ""{app}\lib\mkcidfm.ps"""; Description: "Generating font map for Windows TrueType fonts..."; Flags: runhidden; - [UninstallDelete] Type: filesandordirs; Name: {app}\lib\cidfmap; - [Code] function FontsDirWithForwardSlashes(Param: String): String; begin @@ -91,8 +86,28 @@ begin StringChangeEx(Result, '\', '/', True); end; +function GetUninstallString: string; +var + sUnInstPath: string; + sUnInstallString: String; +begin + Result := ''; + sUnInstPath := ExpandConstant('Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ghost Trap_is1'); + sUnInstallString := ''; + if not RegQueryStringValue(HKLM, sUnInstPath, 'UninstallString', sUnInstallString) then + RegQueryStringValue(HKCU, sUnInstPath, 'UninstallString', sUnInstallString); + Result := sUnInstallString; +end; - - - - +function PrepareToInstall(var NeedsRestart: Boolean): String; +var + iResultCode: Integer; + sUnInstallString: string; +begin + if RegValueExists(HKEY_LOCAL_MACHINE,'Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ghost Trap_is1', 'UninstallString') then { Your App GUID/ID } + begin + sUnInstallString := GetUninstallString(); + sUnInstallString := RemoveQuotes(sUnInstallString); + Exec(ExpandConstant(sUnInstallString), '/VERYSILENT', '', SW_SHOW, ewWaitUntilTerminated, iResultCode); + end; +end; \ No newline at end of file diff --git a/installer/win/install-info.rtf b/installer/win/install-info.rtf old mode 100644 new mode 100755 index 982871f..3e0f589 --- a/installer/win/install-info.rtf +++ b/installer/win/install-info.rtf @@ -21,7 +21,7 @@ For more information about Ghostscript, visit: \uc0\u8232 {\field{\*\fldinst{HY For more information about Google Chromium sandbox, visit:\uc0\u8232 {\field{\*\fldinst{HYPERLINK "http://dev.chromium.org/developers/design-documents/sandbox"}}{\fldrslt \cf2 \ul \ulc2 http://dev.chromium.org/developers/design-documents/sandbox}}\ \ \pard\pardeftab720\sl276\slmult1\sa200 -\cf0 Ghost Trap is distributed under the GNU Affero General Public License Version 3 and Copyright (c) 2012-2014 PaperCut Software International Pty. Ltd. Ghost Trap source code distribution, and the Ghost Trap executable code, include the following libraries obtained from other parties:\ +\cf0 Ghost Trap is distributed under the GNU Affero General Public License Version 3 and Copyright (c) 2012-2019 PaperCut Software International Pty. Ltd. Ghost Trap source code distribution, and the Ghost Trap executable code, include the following libraries obtained from other parties:\ \pard\pardeftab720 \fs16 \cf0 Ghostscript created by Aladdin Enterprises. For more information, please see {\field{\*\fldinst{HYPERLINK "http://www.ghostscript.com/"}}{\fldrslt \cf2 \ul \ulc2 http://www.ghostscript.com/}} and the LICENSE file in the GhostPDL project.\ diff --git a/src/ghost-trap.sln b/src/ghost-trap.sln deleted file mode 100644 index 3d79c89..0000000 --- a/src/ghost-trap.sln +++ /dev/null @@ -1,34 +0,0 @@ - -Microsoft Visual Studio Solution File, Format Version 11.00 -# Visual Studio 2010 -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ghost-trap", "ghost-trap.vcxproj", "{E1E8773D-0B39-4BEE-8670-D60B0CEB7E99}" -EndProject -Global - GlobalSection(SolutionConfigurationPlatforms) = preSolution - Debug|Win32 = Debug|Win32 - Debug|x64 = Debug|x64 - Memento|Win32 = Memento|Win32 - Memento|x64 = Memento|x64 - Profile|Win32 = Profile|Win32 - Profile|x64 = Profile|x64 - Release|Win32 = Release|Win32 - Release|x64 = Release|x64 - EndGlobalSection - GlobalSection(ProjectConfigurationPlatforms) = postSolution - {E1E8773D-0B39-4BEE-8670-D60B0CEB7E99}.Debug|Win32.ActiveCfg = Debug|Win32 - {E1E8773D-0B39-4BEE-8670-D60B0CEB7E99}.Debug|Win32.Build.0 = Debug|Win32 - {E1E8773D-0B39-4BEE-8670-D60B0CEB7E99}.Debug|x64.ActiveCfg = Debug|Win32 - {E1E8773D-0B39-4BEE-8670-D60B0CEB7E99}.Memento|Win32.ActiveCfg = Release|Win32 - {E1E8773D-0B39-4BEE-8670-D60B0CEB7E99}.Memento|Win32.Build.0 = Release|Win32 - {E1E8773D-0B39-4BEE-8670-D60B0CEB7E99}.Memento|x64.ActiveCfg = Release|Win32 - {E1E8773D-0B39-4BEE-8670-D60B0CEB7E99}.Profile|Win32.ActiveCfg = Release|Win32 - {E1E8773D-0B39-4BEE-8670-D60B0CEB7E99}.Profile|Win32.Build.0 = Release|Win32 - {E1E8773D-0B39-4BEE-8670-D60B0CEB7E99}.Profile|x64.ActiveCfg = Release|Win32 - {E1E8773D-0B39-4BEE-8670-D60B0CEB7E99}.Release|Win32.ActiveCfg = Release|Win32 - {E1E8773D-0B39-4BEE-8670-D60B0CEB7E99}.Release|Win32.Build.0 = Release|Win32 - {E1E8773D-0B39-4BEE-8670-D60B0CEB7E99}.Release|x64.ActiveCfg = Release|Win32 - EndGlobalSection - GlobalSection(SolutionProperties) = preSolution - HideSolutionNode = FALSE - EndGlobalSection -EndGlobal diff --git a/src/ghost-trap.vcxproj b/src/ghost-trap.vcxproj deleted file mode 100644 index 5135c0b..0000000 --- a/src/ghost-trap.vcxproj +++ /dev/null @@ -1,96 +0,0 @@ - - - - - Debug - Win32 - - - Release - Win32 - - - - {E1E8773D-0B39-4BEE-8670-D60B0CEB7E99} - Win32Proj - ghosttrap - - - - Application - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - true - gswin32c-trapped - - - false - gswin32c-trapped - - - - - - Level3 - Disabled - WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) - ..\third-party\ghostpdl\pl;..\third-party\ghostpdl\gs\psi;..\third-party\chromium\src;%(AdditionalIncludeDirectories) - MultiThreadedDebug - - - Console - true - ..\third-party\chromium\src\build\Debug\lib;%(AdditionalLibraryDirectories) - base.lib;base_static.lib;dynamic_annotations.lib;dbghelp.lib;sandbox.lib;wininet.lib;psapi.lib;%(AdditionalDependencies) - - - - - Level3 - - - MaxSpeed - true - true - WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions) - ..\third-party\ghostpdl\gs\psi;..\third-party\chromium\src;%(AdditionalIncludeDirectories) - MultiThreaded - - - Console - true - true - true - base.lib;base_static.lib;dbghelp.lib;sandbox.lib;wininet.lib;psapi.lib;%(AdditionalDependencies) - ..\third-party\chromium\src\build\Release\lib;%(AdditionalLibraryDirectories) - - - - - - - - - - - - - \ No newline at end of file diff --git a/src/ghost-trap.vcxproj.filters b/src/ghost-trap.vcxproj.filters deleted file mode 100644 index 1a72a75..0000000 --- a/src/ghost-trap.vcxproj.filters +++ /dev/null @@ -1,30 +0,0 @@ - - - - - {4FC737F1-C7A5-4376-A066-2A32D752A2FF} - cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx - - - {93995380-89BD-4b04-88EB-625FBE52EBFB} - h;hpp;hxx;hm;inl;inc;xsd - - - {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} - rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms - - - - - Header Files - - - - - Source Files - - - Source Files - - - \ No newline at end of file diff --git a/src/gstrapped.cpp b/src/gstrapped.cpp old mode 100644 new mode 100755 index 7b391a3..2c8f263 --- a/src/gstrapped.cpp +++ b/src/gstrapped.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2013 PaperCut Software International Pty. Ltd. + * Copyright (c) 2012-2019 PaperCut Software International Pty. Ltd. * http://www.papercut.com/ * * Author: Chris Dance @@ -31,6 +31,7 @@ #include #include #include +#include // Ghostscript DLL Header files #include @@ -42,8 +43,8 @@ * Ghost Trap version number starts at 1 and suffixes the Ghostscript version we've * tested/written against. */ -#define GHOST_TRAP_VERSION "1.0.9.06" -#define GHOST_TRAP_COPYRIGHT "Copyright (c) 2012-2013 PaperCut Software International Pty. Ltd." +#define GHOST_TRAP_VERSION "1.3.9.27" +#define GHOST_TRAP_COPYRIGHT "Copyright (c) 2012-2019 PaperCut Software International Pty. Ltd." // Definitions typedef struct GSDLL_S { @@ -57,7 +58,6 @@ typedef struct GSDLL_S { PFN_gsapi_init_with_args init_with_args; PFN_gsapi_run_string run_string; PFN_gsapi_exit exit; - PFN_gsapi_set_visual_tracer set_visual_tracer; } GSDLL; // Globals @@ -66,6 +66,7 @@ void *global_gsinstance; + /* * Load the Ghostscript Windows DLL and store implementation in GSDLL instances. * Any errors are printed on STDOUT. @@ -170,8 +171,7 @@ static bool LoadGSDLL(GSDLL *gsdll) { /* * A convenience wrapper to read a registry keys using wstrings. */ -static LONG GetStringRegKey(HKEY hKey, const std::wstring &strValueName, std::wstring &strValue, const std::wstring &strDefaultValue) -{ +static LONG GetStringRegKey(HKEY hKey, const std::wstring &strValueName, std::wstring &strValue, const std::wstring &strDefaultValue) { strValue = strDefaultValue; WCHAR szBuffer[512]; DWORD dwBufferSize = sizeof(szBuffer); @@ -190,7 +190,8 @@ static LONG GetStringRegKey(HKEY hKey, const std::wstring &strValueName, std::ws * parent directory (all files) is allowed. Passing a relative file path will raise an error * and no white listing will occure. */ -static void AllowAccessToFile(sandbox::TargetPolicy* policy, wchar_t *file, BOOL parent_dir) { +static void AllowAccessToFile(scoped_refptr policy, wchar_t *file, BOOL parent_dir) { + wchar_t drive[8]; wchar_t dir[512]; wchar_t filename[512]; @@ -219,7 +220,7 @@ static void AllowAccessToFile(sandbox::TargetPolicy* policy, wchar_t *file, BOOL fprintf(stderr, "Ghost Trap: Invalid resource. Please use absolute paths on a local drive.\n"); return; } - + if (parent_dir) { _snwprintf_s(path_rule, MAX_PATH - 1, L"%s%s*", drive, @@ -231,31 +232,29 @@ static void AllowAccessToFile(sandbox::TargetPolicy* policy, wchar_t *file, BOOL filename, ext); } - + policy->AddRule( sandbox::TargetPolicy::SUBSYS_FILES, sandbox::TargetPolicy::FILES_ALLOW_ANY, path_rule ); } - } /* * Look through the standard Ghostscript cmd-line arguments looking for paths. * Expand relative and normalize all paths. This is required as at the time of - * writing any open file request in the Google Chrome sandbox must be an absolute + * writing, any open file request in the Google Chrome sandbox must be an absolute * path. This function will pass back a new **argv instance any any expanded * paths will be malloced buffers. * * TODO: The input file argument is assumed to be the last argument. This is not - * necasserially so via the -f option. + * necessarily so via the -f option. * * FIXME: What about other paths such as defining a custom libary files or fonts? */ static wchar_t ** ExpandPathsInArgs(int argc, wchar_t *argv[]) { - wchar_t **full_path_argv = (wchar_t **) calloc(argc, sizeof(full_path_argv[0])); if (full_path_argv == NULL) { @@ -309,8 +308,7 @@ static wchar_t ** ExpandPathsInArgs(int argc, wchar_t *argv[]) { * * IMPORTANT: This code does not run in the sandbox (runs in the parent process). Take care! */ -static void ApplyPolicy(sandbox::TargetPolicy* policy, int argc, wchar_t* argv[]) { - +static void ApplyPolicy(scoped_refptr policy, int argc, wchar_t* argv[]) { // Fix up and expand paths in the args wchar_t **nargv = ExpandPathsInArgs(argc, argv); @@ -336,11 +334,10 @@ static void ApplyPolicy(sandbox::TargetPolicy* policy, int argc, wchar_t* argv[] return; } - policy->AddRule( sandbox::TargetPolicy::SUBSYS_REGISTRY, sandbox::TargetPolicy::REG_ALLOW_READONLY, - L"HKEY_LOCAL_MACHINE" + L"HKEY_CURRENT_USER" ); // Allow READ access to OS keys (e.g. Locale lookup) @@ -369,7 +366,7 @@ static void ApplyPolicy(sandbox::TargetPolicy* policy, int argc, wchar_t* argv[] _snwprintf(gs_key, 256, L"SOFTWARE\\%hs\\%s", rv.product, dotversion); - + // Allow READ access to directory on lib path. Find this by looking // up the registry key HKLM/Software/GPL Ghostscript/9.02/GS_LIB. // The value is stored is a ";" seperated path. @@ -396,7 +393,7 @@ static void ApplyPolicy(sandbox::TargetPolicy* policy, int argc, wchar_t* argv[] RegCloseKey(hKey); } - + // Allow READ and WRITE access to default temp directory. { wchar_t temp_dir[MAX_PATH]; @@ -409,7 +406,7 @@ static void ApplyPolicy(sandbox::TargetPolicy* policy, int argc, wchar_t* argv[] dir_rule ); } - + // Allow READ access to C:\Windows\Fonts directory. { @@ -426,14 +423,67 @@ static void ApplyPolicy(sandbox::TargetPolicy* policy, int argc, wchar_t* argv[] // Allow WRITE access to OutputFile target directory BOOL has_outfile = FALSE; + BOOL test_enabled = FALSE; int i; for (i = 0; i < argc; ++i) { wchar_t *p; + if ((p = wcsstr(nargv[i], L"OutputFile=")) != NULL) { p += 11; AllowAccessToFile(policy, p, TRUE); has_outfile = TRUE; } + + if ((p = wcsstr(nargv[i], L"--test-sandbox")) != NULL) { + test_enabled = TRUE; + } + + // Sandbox Testing - whitelist test data + if ((p = wcsstr(nargv[i], L"--fail-test=")) != NULL) { + p += 9; + + /* Setup Test 1 for failure + * Allow write access to C:\Windows\Temp folder + */ + if(wcscmp(p, L"1") == 0 && test_enabled) { + wchar_t win_dir[MAX_PATH]; + GetWindowsDirectory(win_dir, MAX_PATH - 1); + wchar_t dir_rule[MAX_PATH]; + _snwprintf(dir_rule, MAX_PATH - 1, L"%s\\Temp\\*", win_dir); + policy->AddRule( + sandbox::TargetPolicy::SUBSYS_FILES, + sandbox::TargetPolicy::FILES_ALLOW_ANY, + dir_rule + ); + } + + /* Setup Test 2 for failure + * Allow read-only access to C:\Windows\notepad.exe + */ + if(wcscmp(p, L"2") == 0 && test_enabled) { + wchar_t win_dir[MAX_PATH]; + GetWindowsDirectory(win_dir, MAX_PATH - 1); + wchar_t dir_rule[MAX_PATH]; + _snwprintf(dir_rule, MAX_PATH - 1, L"%s\\notepad.exe", win_dir); + policy->AddRule( + sandbox::TargetPolicy::SUBSYS_FILES, + sandbox::TargetPolicy::FILES_ALLOW_READONLY, + dir_rule + ); + } + + /* Setup Test 3 for failure + * Allow read access to registry key HKCU\Environment + */ + if(wcscmp(p, L"3") == 0 && test_enabled) { + // + policy->AddRule( + sandbox::TargetPolicy::SUBSYS_REGISTRY, + sandbox::TargetPolicy::REG_ALLOW_READONLY, + L"HKEY_CURRENT_USER\\Environment" + ); + } + } } // If no OutputFile, add READ/WRITE access to current working directory? @@ -446,7 +496,6 @@ static void ApplyPolicy(sandbox::TargetPolicy* policy, int argc, wchar_t* argv[] if (*last_arg != L'-') { AllowAccessToFile(policy, last_arg, FALSE); } - } @@ -468,13 +517,12 @@ static int PreSandboxedInit(int argc, wchar_t* argv[]) { * Convert wchar to unicode. Similar to function in gp_wutf8.c in Ghostscript, * however without the buffer length calculation problem on generation. */ -static int wchar_to_utf8(char *out, const wchar_t *in) -{ +static int wchar_to_utf8(char *out, const wchar_t *in) { unsigned int i; unsigned int len = 1; if (out) { - while (i = (unsigned int)*in++) { + while ((i = (unsigned int)*in++)) { if (i < 0x80) { *out++ = (char)i; len++; @@ -491,7 +539,7 @@ static int wchar_to_utf8(char *out, const wchar_t *in) } *out = 0; } else { - while (i = (unsigned int)*in++) { + while ((i = (unsigned int)*in++)) { if (i < 0x80) { len++; } else if (i < 0x800) { @@ -504,13 +552,64 @@ static int wchar_to_utf8(char *out, const wchar_t *in) return len; } +/* + * This is an internal method to do a few simple checks to make sure our sandbox is working. + * The build script will use this to verify that everything is working as expected. + * A non-zero exit code indicates a possible error that should be looked at. + * + * For the moment our tests are: + * 1 - Check that we can't write a file we should not - i.e. file in c:\Windows\Temp + * 2 - Check that we can't read files from the general os filesystem (c:\Windows\notepad.exe) + * 3 - Check that we can't read general registry entries (HKEY_CURRENT_USER\\Environment) + * + * The tests can be setup to fail (whitelisted parameters) by adding the --fail-test flag. + * e.g. + * --fail-test=1 [will fail test 1] + * --fail-test=2 [will fail test 2] + */ +static int TestSandbox() { + /* + * If C:\Windows\Temp\test.txt is whitelisted via -sOutputFile or the last param + * then this will fail + */ + std::ofstream output("C:\\Windows\\Temp\\test.txt"); + if (output.is_open()) { + // We shouldn't be able to read this file + return 61; + } + + /* + * Test 2 + * If C:\Windows\\notepad.exe is the last parameter, this will succeed as we + * are whitelisting the input file. + */ + std::ifstream input("C:\\Windows\\notepad.exe", std::ios::binary); + if (input.is_open()) { + // Oh... we can read it! Oh no.... we can read something we were not expecting!!! + return 62; + } + + /* + * Test 3 + * Check that we can't read the registry + */ + HKEY hKey; + DWORD Ret; + wchar_t skey[256] = L"Environment"; + + Ret = RegOpenKeyEx(HKEY_CURRENT_USER, skey, 0, KEY_READ, &hKey); + if (Ret == ERROR_SUCCESS) { + return 63; + } + + return 0; +} /* * The main method (sandboxed). Here we do the heavy lifting in the sandbox. i.e. * We hand the hard work off to the Ghostscript DLL :-) */ static int SandboxedMain(int argc, wchar_t* argv[]) { - // If -h, print out Ghost Trap information as well. for (int i = 0; i < argc; ++i) { if (wcscmp(argv[i], L"-h") == 0) { @@ -520,8 +619,12 @@ static int SandboxedMain(int argc, wchar_t* argv[]) { printf("\n"); break; } + // Used for developer testing only (not documented in usage) + if (wcscmp(argv[i], L"--test-sandbox") == 0) { + return TestSandbox(); + } } - + wchar_t **full_path_argv = ExpandPathsInArgs(argc, argv); /* Duplicate wide args as utf8 */ @@ -566,7 +669,7 @@ static int SandboxedMain(int argc, wchar_t* argv[]) { code1 = global_gsdll.exit(global_gsinstance); - if ((code == 0) || (code == e_Quit)) { + if ((code == 0) || (code == gs_error_Quit)) { code = code1; } @@ -583,7 +686,7 @@ error: free(nargv); } - if (!((code == 0) || (code == e_Quit))) { + if (!((code == 0) || (code == gs_error_Quit))) { return abs(code); } return 0; diff --git a/src/sandbox_procmgmt.cpp b/src/sandbox_procmgmt.cpp old mode 100644 new mode 100755 index eeb191e..f412044 --- a/src/sandbox_procmgmt.cpp +++ b/src/sandbox_procmgmt.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2013 PaperCut Software International Pty. Ltd. + * Copyright (c) 2012-2019 PaperCut Software International Pty. Ltd. * http://www.papercut.com/ * * Author: Chris Dance @@ -163,7 +163,7 @@ static DWORD WINAPI ProvideStdIn(void *param) { /* * The parent (unsandboxed process). This function intializes the sandbox service broker, - * setups up the piples, applies the security policy, and exec's and monitors the child + * sets up the pipes, applies the security policy, and then executes and monitors the child * process. */ static int RunParent(int argc, wchar_t* argv[], @@ -171,17 +171,18 @@ static int RunParent(int argc, wchar_t* argv[], SandboxPolicyFn policy_provider) { DWORD process_id = GetCurrentProcessId(); - + sandbox::ResultCode result; + // Start setting up the sandbox. - if (0 != broker_service->Init()) { + if (0 != (result = broker_service->Init())) { fprintf(stderr, "Sandbox: Failed to initialize the sandbox - BrokerServices object\n"); return 50; } // Apply our policy - sandbox::TargetPolicy* targetPolicy = broker_service->CreatePolicy(); + scoped_refptr targetPolicy = broker_service->CreatePolicy(); - // By defult we'll apply full sandbox. Your own policy then applied over this. + // By default we'll apply full sandbox. Your own policy is then applied over this. targetPolicy->SetJobLevel(sandbox::JOB_LOCKDOWN, 0); targetPolicy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS, sandbox::USER_LOCKDOWN); targetPolicy->SetAlternateDesktop(true); @@ -193,8 +194,9 @@ static int RunParent(int argc, wchar_t* argv[], } PROCESS_INFORMATION pi; - - sandbox::ResultCode result; + sandbox::ResultCode warning_result = sandbox::SBOX_ALL_OK; + DWORD last_error = ERROR_SUCCESS; + { wchar_t *orig_args = GetCommandLineW(); int arg_max_len = wcslen(orig_args) + 50; @@ -202,12 +204,10 @@ static int RunParent(int argc, wchar_t* argv[], swprintf(args_plus_id, arg_max_len, L"%s %d", orig_args, process_id); args_plus_id[arg_max_len - 1] = L'\0'; - result = broker_service->SpawnTarget(argv[0], args_plus_id, targetPolicy, &pi); - + result = broker_service->SpawnTarget(argv[0], args_plus_id, targetPolicy, &warning_result, &last_error, &pi); delete[] args_plus_id; } - - targetPolicy->Release(); + targetPolicy = NULL; if (sandbox::SBOX_ALL_OK != result) { @@ -230,7 +230,9 @@ static int RunParent(int argc, wchar_t* argv[], NMPWAIT_USE_DEFAULT_WAIT, NULL); // Set the security on - if (!sandbox::AddKnownSidToKernelObject(stdout_pipe, WinCreatorOwnerSid, FILE_ALL_ACCESS)) { + if (!sandbox::AddKnownSidToObject(stdout_pipe, SE_KERNEL_OBJECT, + WinWorldSid, + GRANT_ACCESS, FILE_ALL_ACCESS)) { fprintf(stderr, "Sandbox: Failed to set security on stdout pipe.\n"); return 52; } @@ -259,7 +261,9 @@ static int RunParent(int argc, wchar_t* argv[], NMPWAIT_USE_DEFAULT_WAIT, NULL); - if (!sandbox::AddKnownSidToKernelObject(stderr_pipe, WinCreatorOwnerSid, FILE_ALL_ACCESS)) { + if (!sandbox::AddKnownSidToObject(stderr_pipe, SE_KERNEL_OBJECT, + WinCreatorOwnerSid, + GRANT_ACCESS, FILE_ALL_ACCESS)) { fprintf(stderr, "Sandbox: Failed to set security on stderr pipe.\n"); return 52; } @@ -285,31 +289,25 @@ static int RunParent(int argc, wchar_t* argv[], NMPWAIT_USE_DEFAULT_WAIT, NULL); - - if (!sandbox::AddKnownSidToKernelObject(stdin_pipe, WinCreatorOwnerSid, FILE_ALL_ACCESS)) { + if (!sandbox::AddKnownSidToObject(stdin_pipe, SE_KERNEL_OBJECT, + WinCreatorOwnerSid, + GRANT_ACCESS, FILE_ALL_ACCESS)) { fprintf(stderr, "Sandbox: Failed to set security on stdin pipe.\n"); return 52; } + // Push STDIN + DWORD thread_id; + ::CreateThread(NULL, // Default security attributes + NULL, // Default stack size + &ProvideStdIn, + stdin_pipe, + 0, // No flags + &thread_id); + // All pipes are ready. We can now resume the sandboxed child's execution. ::ResumeThread(pi.hThread); - // Wait for the child to connect to our STDIN pipe before we start pushing data. - BOOL fConnected = ConnectNamedPipe(stdin_pipe, NULL) ? TRUE : (GetLastError() == ERROR_PIPE_CONNECTED); - if (fConnected) { - // Client is connected so we can no push in STDIN - DWORD thread_id; - ::CreateThread(NULL, // Default security attributes - NULL, // Default stack size - &ProvideStdIn, - stdin_pipe, - 0, // No flags - &thread_id); - } else { - fprintf(stderr, "Sandbox: Client did not start\n"); - return 53; - } - ::WaitForSingleObject(pi.hProcess, INFINITE); DWORD exit_code = 0; @@ -325,6 +323,7 @@ static int RunParent(int argc, wchar_t* argv[], // Wait for BOTH our consuming std(out|err) threads to finish. WaitForSingleObject(stdout_thread, 1000); WaitForSingleObject(stderr_thread, 1000); + return exit_code; } @@ -333,7 +332,7 @@ static int RunParent(int argc, wchar_t* argv[], * Fix standard stream as outlined here: http://support.microsoft.com/kb/105305 */ static void ReattachStreamToPipe(FILE *stream, DWORD handle, char *mode) { - + int hCrt = _open_osfhandle( (long) GetStdHandle(handle), _O_BINARY @@ -408,14 +407,13 @@ int RunChild(ConsoleWMainFn pre_sandbox_init, ::SetStdHandle(STD_ERROR_HANDLE, stderr_pipe); // Fix up C runtime output to console as per: http://support.microsoft.com/kb/105305 - ReattachStreamToPipe(stdin, STD_INPUT_HANDLE, "r"); - ReattachStreamToPipe(stdout, STD_OUTPUT_HANDLE, "w"); - ReattachStreamToPipe(stderr, STD_ERROR_HANDLE, "w"); + ReattachStreamToPipe(stdin, STD_INPUT_HANDLE, (char*)"r"); + ReattachStreamToPipe(stdout, STD_OUTPUT_HANDLE, (char*)"w"); + ReattachStreamToPipe(stderr, STD_ERROR_HANDLE, (char*)"w"); // Init Sandbox sandbox::TargetServices* target_service = sandbox::SandboxFactory::GetTargetServices(); - if (NULL == target_service) { fprintf(stderr, "Sandbox: Unable to setup sandbox service - GetTargetServices()\n"); return 55; @@ -426,7 +424,7 @@ int RunChild(ConsoleWMainFn pre_sandbox_init, return 56; } - // The child has an extra arg passed in (to assist with uniq pipe names) - ignore moving forward. + // The child has an extra arg passed in (to assist with unique pipe names) - ignore moving forward. int argc_less_id = argc - 1; // If we have pre-sandbox initalization code, run now. @@ -447,7 +445,7 @@ int RunChild(ConsoleWMainFn pre_sandbox_init, return 50; } - // We're now in our standbox. Run our code. + // We're now in our sandbox, run our code. int exit_code = sandboxed_wmain(argc_less_id, argv); ::CloseHandle(stdin_pipe); diff --git a/src/sandbox_procmgmt.h b/src/sandbox_procmgmt.h old mode 100644 new mode 100755 index e4872e4..3916f26 --- a/src/sandbox_procmgmt.h +++ b/src/sandbox_procmgmt.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2013 PaperCut Software International Pty. Ltd. + * Copyright (c) 2012-2019 PaperCut Software International Pty. Ltd. * http://www.papercut.com/ * * Author: Chris Dance @@ -9,18 +9,18 @@ * Dual License: GPL or MIT * * ---- - * Library code to help wrap a Windows command-line (console) application is the - * Google Chromium Sandbox. This code was originally develop for the Ghost Trap + * Library code to help wrap a Windows command-line (console) application to the + * Google Chromium Sandbox. This code was originally developed for the Ghost Trap * open source project, however may also serve as a useful library for sandboxing * any console application. * * This sandboxing library wraps the Google Chromium Sandbox sub-project and * provides the required infastructure required to support most Windows console * applications. The sandbox works by applying a policy in a parent process, - * then exec'ing a child to run restricted code. Communication between the parent - * and child to facilitate the trasfer of STDIN/STDOUT/STDERR, is via named pipes. + * then executing a child to run restricted code. Communication between the parent + * and child to facilitate the transfer of STDIN/STDOUT/STDERR, is via named pipes. * - * The general approch for wrapping an console application would be as follows: + * The general approach for wrapping an console application would be as follows: * * 1) Rename your wmain method to sandboxed_wmain. * @@ -63,7 +63,7 @@ #include -typedef void (*SandboxPolicyFn)(sandbox::TargetPolicy *policy, int argc, wchar_t* argv[]); +typedef void (*SandboxPolicyFn)(scoped_refptr policy, int argc, wchar_t* argv[]); typedef int (*ConsoleWMainFn)(int argc, wchar_t* argv[]); int RunConsoleAppInSandbox(SandboxPolicyFn policy_provider, diff --git a/third-party/.gitkeep b/third-party/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/third-party/README.txt b/third-party/README.txt deleted file mode 100644 index 062f092..0000000 --- a/third-party/README.txt +++ /dev/null @@ -1,21 +0,0 @@ -Ghost Trap 3rd Party Dependencies - -* Google Chromium (sandbox sub project) -* GhostPDL - Ghostscript PDL project - -Instructions: - -1) Place the source code for Ghost Trap's 3rd party dependencies in this - directory. After this you should be able to find the following directories: - - [ghost-trap]/third-party/chromium/src/sandbox - [ghost-trap]/third-party/ghostpdl/win32 - - Note: You may need to remove the version number from the top level - directories. - -2) Perform a 32bit Release compile on each dependency. Take care following - the build instructions for Google Chromium. It's very involved! You will not - need to compile the whole Chromium source - just the "sandbox" sub project - will be enough to generate the required dependencies. -