The Tor Browser / annotate

security/sandbox/win/src/eat_resolver.cc@6474c204b198 (annotated)

security/sandbox/win/src/eat_resolver.cc

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

michael@0 1 // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved.
michael@0 2 // Use of this source code is governed by a BSD-style license that can be
michael@0 3 // found in the LICENSE file.
michael@0 4
michael@0 5 #include "sandbox/win/src/eat_resolver.h"
michael@0 6
michael@0 7 #include "base/win/pe_image.h"
michael@0 8 #include "sandbox/win/src/sandbox_nt_util.h"
michael@0 9
michael@0 10 namespace sandbox {
michael@0 11
michael@0 12 NTSTATUS EatResolverThunk::Setup(const void* target_module,
michael@0 13 const void* interceptor_module,
michael@0 14 const char* target_name,
michael@0 15 const char* interceptor_name,
michael@0 16 const void* interceptor_entry_point,
michael@0 17 void* thunk_storage,
michael@0 18 size_t storage_bytes,
michael@0 19 size_t* storage_used) {
michael@0 20 NTSTATUS ret = Init(target_module, interceptor_module, target_name,
michael@0 21 interceptor_name, interceptor_entry_point,
michael@0 22 thunk_storage, storage_bytes);
michael@0 23 if (!NT_SUCCESS(ret))
michael@0 24 return ret;
michael@0 25
michael@0 26 if (!eat_entry_)
michael@0 27 return STATUS_INVALID_PARAMETER;
michael@0 28
michael@0 29 size_t thunk_bytes = GetInternalThunkSize();
michael@0 30
michael@0 31 #if defined(_WIN64)
michael@0 32 // We have two thunks, in order: the return path and the forward path.
michael@0 33 if (!SetInternalThunk(thunk_storage, storage_bytes, NULL, target_))
michael@0 34 return STATUS_BUFFER_TOO_SMALL;
michael@0 35
michael@0 36 storage_bytes -= thunk_bytes;
michael@0 37 thunk_storage = reinterpret_cast<char*>(thunk_storage) + thunk_bytes;
michael@0 38 #endif
michael@0 39
michael@0 40 if (!SetInternalThunk(thunk_storage, storage_bytes, target_, interceptor_))
michael@0 41 return STATUS_BUFFER_TOO_SMALL;
michael@0 42
michael@0 43 AutoProtectMemory memory;
michael@0 44 ret = memory.ChangeProtection(eat_entry_, sizeof(DWORD), PAGE_READWRITE);
michael@0 45 if (!NT_SUCCESS(ret))
michael@0 46 return ret;
michael@0 47
michael@0 48 // Perform the patch.
michael@0 49 #pragma warning(push)
michael@0 50 #pragma warning(disable: 4311)
michael@0 51 // These casts generate warnings because they are 32 bit specific.
michael@0 52 *eat_entry_ = reinterpret_cast<DWORD>(thunk_storage) -
michael@0 53 reinterpret_cast<DWORD>(target_module);
michael@0 54 #pragma warning(pop)
michael@0 55
michael@0 56 if (NULL != storage_used)
michael@0 57 *storage_used = GetThunkSize();
michael@0 58
michael@0 59 return ret;
michael@0 60 }
michael@0 61
michael@0 62 NTSTATUS EatResolverThunk::ResolveTarget(const void* module,
michael@0 63 const char* function_name,
michael@0 64 void** address) {
michael@0 65 DCHECK_NT(address);
michael@0 66 if (!module)
michael@0 67 return STATUS_INVALID_PARAMETER;
michael@0 68
michael@0 69 base::win::PEImage pe(module);
michael@0 70 if (!pe.VerifyMagic())
michael@0 71 return STATUS_INVALID_IMAGE_FORMAT;
michael@0 72
michael@0 73 eat_entry_ = pe.GetExportEntry(function_name);
michael@0 74
michael@0 75 if (!eat_entry_)
michael@0 76 return STATUS_PROCEDURE_NOT_FOUND;
michael@0 77
michael@0 78 *address = pe.RVAToAddr(*eat_entry_);
michael@0 79
michael@0 80 return STATUS_SUCCESS;
michael@0 81 }
michael@0 82
michael@0 83 size_t EatResolverThunk::GetThunkSize() const {
michael@0 84 #if defined(_WIN64)
michael@0 85 return GetInternalThunkSize() * 2;
michael@0 86 #else
michael@0 87 return GetInternalThunkSize();
michael@0 88 #endif
michael@0 89 }
michael@0 90
michael@0 91 } // namespace sandbox

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial