security/sandbox/win/src/named_pipe_interception.cc@6474c204b198 (annotated)
security/sandbox/win/src/named_pipe_interception.cc
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
| michael@0 | 1 | // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| michael@0 | 2 | // Use of this source code is governed by a BSD-style license that can be |
| michael@0 | 3 | // found in the LICENSE file. |
| michael@0 | 4 | |
| michael@0 | 5 | #include "sandbox/win/src/named_pipe_interception.h" |
| michael@0 | 6 | |
| michael@0 | 7 | #include "sandbox/win/src/crosscall_client.h" |
| michael@0 | 8 | #include "sandbox/win/src/ipc_tags.h" |
| michael@0 | 9 | #include "sandbox/win/src/policy_params.h" |
| michael@0 | 10 | #include "sandbox/win/src/policy_target.h" |
| michael@0 | 11 | #include "sandbox/win/src/sandbox_factory.h" |
| michael@0 | 12 | #include "sandbox/win/src/sandbox_nt_util.h" |
| michael@0 | 13 | #include "sandbox/win/src/sharedmem_ipc_client.h" |
| michael@0 | 14 | #include "sandbox/win/src/target_services.h" |
| michael@0 | 15 | |
| michael@0 | 16 | namespace sandbox { |
| michael@0 | 17 | |
| michael@0 | 18 | HANDLE WINAPI TargetCreateNamedPipeW( |
| michael@0 | 19 | CreateNamedPipeWFunction orig_CreateNamedPipeW, LPCWSTR pipe_name, |
| michael@0 | 20 | DWORD open_mode, DWORD pipe_mode, DWORD max_instance, DWORD out_buffer_size, |
| michael@0 | 21 | DWORD in_buffer_size, DWORD default_timeout, |
| michael@0 | 22 | LPSECURITY_ATTRIBUTES security_attributes) { |
| michael@0 | 23 | HANDLE pipe = orig_CreateNamedPipeW(pipe_name, open_mode, pipe_mode, |
| michael@0 | 24 | max_instance, out_buffer_size, |
| michael@0 | 25 | in_buffer_size, default_timeout, |
| michael@0 | 26 | security_attributes); |
| michael@0 | 27 | if (INVALID_HANDLE_VALUE != pipe) |
| michael@0 | 28 | return pipe; |
| michael@0 | 29 | |
| michael@0 | 30 | DWORD original_error = ::GetLastError(); |
| michael@0 | 31 | |
| michael@0 | 32 | // We don't trust that the IPC can work this early. |
| michael@0 | 33 | if (!SandboxFactory::GetTargetServices()->GetState()->InitCalled()) |
| michael@0 | 34 | return INVALID_HANDLE_VALUE; |
| michael@0 | 35 | |
| michael@0 | 36 | // We don't support specific Security Attributes. |
| michael@0 | 37 | if (security_attributes) |
| michael@0 | 38 | return INVALID_HANDLE_VALUE; |
| michael@0 | 39 | |
| michael@0 | 40 | do { |
| michael@0 | 41 | void* memory = GetGlobalIPCMemory(); |
| michael@0 | 42 | if (NULL == memory) |
| michael@0 | 43 | break; |
| michael@0 | 44 | |
| michael@0 | 45 | CountedParameterSet<NameBased> params; |
| michael@0 | 46 | params[NameBased::NAME] = ParamPickerMake(pipe_name); |
| michael@0 | 47 | |
| michael@0 | 48 | if (!QueryBroker(IPC_CREATENAMEDPIPEW_TAG, params.GetBase())) |
| michael@0 | 49 | break; |
| michael@0 | 50 | |
| michael@0 | 51 | SharedMemIPCClient ipc(memory); |
| michael@0 | 52 | CrossCallReturn answer = {0}; |
| michael@0 | 53 | ResultCode code = CrossCall(ipc, IPC_CREATENAMEDPIPEW_TAG, pipe_name, |
| michael@0 | 54 | open_mode, pipe_mode, max_instance, |
| michael@0 | 55 | out_buffer_size, in_buffer_size, |
| michael@0 | 56 | default_timeout, &answer); |
| michael@0 | 57 | if (SBOX_ALL_OK != code) |
| michael@0 | 58 | break; |
| michael@0 | 59 | |
| michael@0 | 60 | ::SetLastError(answer.win32_result); |
| michael@0 | 61 | |
| michael@0 | 62 | if (ERROR_SUCCESS != answer.win32_result) |
| michael@0 | 63 | return INVALID_HANDLE_VALUE; |
| michael@0 | 64 | |
| michael@0 | 65 | return answer.handle; |
| michael@0 | 66 | } while (false); |
| michael@0 | 67 | |
| michael@0 | 68 | ::SetLastError(original_error); |
| michael@0 | 69 | return INVALID_HANDLE_VALUE; |
| michael@0 | 70 | } |
| michael@0 | 71 | |
| michael@0 | 72 | } // namespace sandbox |
