security/sandbox/win/src/resolver_64.cc@6474c204b198 (annotated)
security/sandbox/win/src/resolver_64.cc
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
| michael@0 | 1 | // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. |
| michael@0 | 2 | // Use of this source code is governed by a BSD-style license that can be |
| michael@0 | 3 | // found in the LICENSE file. |
| michael@0 | 4 | |
| michael@0 | 5 | #include "sandbox/win/src/resolver.h" |
| michael@0 | 6 | |
| michael@0 | 7 | #include "sandbox/win/src/sandbox_nt_util.h" |
| michael@0 | 8 | |
| michael@0 | 9 | namespace { |
| michael@0 | 10 | |
| michael@0 | 11 | const BYTE kPushRax = 0x50; |
| michael@0 | 12 | const USHORT kMovRax = 0xB848; |
| michael@0 | 13 | const ULONG kMovRspRax = 0x24048948; |
| michael@0 | 14 | const BYTE kRetNp = 0xC3; |
| michael@0 | 15 | |
| michael@0 | 16 | #pragma pack(push, 1) |
| michael@0 | 17 | struct InternalThunk { |
| michael@0 | 18 | // This struct contains roughly the following code: |
| michael@0 | 19 | // 00 50 push rax |
| michael@0 | 20 | // 01 48b8f0debc9a78563412 mov rax,123456789ABCDEF0h |
| michael@0 | 21 | // 0b 48890424 mov qword ptr [rsp],rax |
| michael@0 | 22 | // 0f c3 ret |
| michael@0 | 23 | // |
| michael@0 | 24 | // The code modifies rax, but that should not be an issue for the common |
| michael@0 | 25 | // calling conventions. |
| michael@0 | 26 | |
| michael@0 | 27 | InternalThunk() { |
| michael@0 | 28 | push_rax = kPushRax; |
| michael@0 | 29 | mov_rax = kMovRax; |
| michael@0 | 30 | interceptor_function = 0; |
| michael@0 | 31 | mov_rsp_rax = kMovRspRax; |
| michael@0 | 32 | ret = kRetNp; |
| michael@0 | 33 | }; |
| michael@0 | 34 | BYTE push_rax; // = 50 |
| michael@0 | 35 | USHORT mov_rax; // = 48 B8 |
| michael@0 | 36 | ULONG_PTR interceptor_function; |
| michael@0 | 37 | ULONG mov_rsp_rax; // = 48 89 04 24 |
| michael@0 | 38 | BYTE ret; // = C3 |
| michael@0 | 39 | }; |
| michael@0 | 40 | #pragma pack(pop) |
| michael@0 | 41 | |
| michael@0 | 42 | } // namespace. |
| michael@0 | 43 | |
| michael@0 | 44 | namespace sandbox { |
| michael@0 | 45 | |
| michael@0 | 46 | size_t ResolverThunk::GetInternalThunkSize() const { |
| michael@0 | 47 | return sizeof(InternalThunk); |
| michael@0 | 48 | } |
| michael@0 | 49 | |
| michael@0 | 50 | bool ResolverThunk::SetInternalThunk(void* storage, size_t storage_bytes, |
| michael@0 | 51 | const void* original_function, |
| michael@0 | 52 | const void* interceptor) { |
| michael@0 | 53 | if (storage_bytes < sizeof(InternalThunk)) |
| michael@0 | 54 | return false; |
| michael@0 | 55 | |
| michael@0 | 56 | InternalThunk* thunk = new(storage, NT_PLACE) InternalThunk; |
| michael@0 | 57 | thunk->interceptor_function = reinterpret_cast<ULONG_PTR>(interceptor); |
| michael@0 | 58 | |
| michael@0 | 59 | return true; |
| michael@0 | 60 | } |
| michael@0 | 61 | |
| michael@0 | 62 | NTSTATUS ResolverThunk::ResolveTarget(const void* module, |
| michael@0 | 63 | const char* function_name, |
| michael@0 | 64 | void** address) { |
| michael@0 | 65 | // We don't support sidestep & co. |
| michael@0 | 66 | return STATUS_NOT_IMPLEMENTED; |
| michael@0 | 67 | } |
| michael@0 | 68 | |
| michael@0 | 69 | } // namespace sandbox |
