1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/sandbox/win/src/resolver.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,105 @@
1.4 +// Copyright (c) 2010 The Chromium Authors. All rights reserved.
1.5 +// Use of this source code is governed by a BSD-style license that can be
1.6 +// found in the LICENSE file.
1.7 +
1.8 +// Defines ResolverThunk, the interface for classes that perform interceptions.
1.9 +// For more details see
1.10 +// http://dev.chromium.org/developers/design-documents/sandbox .
1.11 +
1.12 +#include "base/basictypes.h"
1.13 +#include "sandbox/win/src/nt_internals.h"
1.14 +
1.15 +#ifndef SANDBOX_SRC_RESOLVER_H__
1.16 +#define SANDBOX_SRC_RESOLVER_H__
1.17 +
1.18 +namespace sandbox {
1.19 +
1.20 +// A resolver is the object in charge of performing the actual interception of
1.21 +// a function. There should be a concrete implementation of a resolver roughly
1.22 +// per type of interception.
1.23 +class ResolverThunk {
1.24 + public:
1.25 + ResolverThunk() {}
1.26 + virtual ~ResolverThunk() {}
1.27 +
1.28 + // Performs the actual interception of a function.
1.29 + // target_name is an exported function from the module loaded at
1.30 + // target_module, and must be replaced by interceptor_name, exported from
1.31 + // interceptor_module. interceptor_entry_point can be provided instead of
1.32 + // interceptor_name / interceptor_module.
1.33 + // thunk_storage must point to a buffer on the child's address space, to hold
1.34 + // the patch thunk, and related data. If provided, storage_used will receive
1.35 + // the number of bytes used from thunk_storage.
1.36 + //
1.37 + // Example: (without error checking)
1.38 + //
1.39 + // size_t size = resolver.GetThunkSize();
1.40 + // char* buffer = ::VirtualAllocEx(child_process, NULL, size,
1.41 + // MEM_COMMIT, PAGE_READWRITE);
1.42 + // resolver.Setup(ntdll_module, NULL, L"NtCreateFile", NULL,
1.43 + // &MyReplacementFunction, buffer, size, NULL);
1.44 + //
1.45 + // In general, the idea is to allocate a single big buffer for all
1.46 + // interceptions on the same dll, and call Setup n times.
1.47 + // WARNING: This means that any data member that is specific to a single
1.48 + // interception must be reset within this method.
1.49 + virtual NTSTATUS Setup(const void* target_module,
1.50 + const void* interceptor_module,
1.51 + const char* target_name,
1.52 + const char* interceptor_name,
1.53 + const void* interceptor_entry_point,
1.54 + void* thunk_storage,
1.55 + size_t storage_bytes,
1.56 + size_t* storage_used) = 0;
1.57 +
1.58 + // Gets the address of function_name inside module (main exe).
1.59 + virtual NTSTATUS ResolveInterceptor(const void* module,
1.60 + const char* function_name,
1.61 + const void** address);
1.62 +
1.63 + // Gets the address of an exported function_name inside module.
1.64 + virtual NTSTATUS ResolveTarget(const void* module,
1.65 + const char* function_name,
1.66 + void** address);
1.67 +
1.68 + // Gets the required buffer size for this type of thunk.
1.69 + virtual size_t GetThunkSize() const = 0;
1.70 +
1.71 + protected:
1.72 + // Performs basic initialization on behalf of a concrete instance of a
1.73 + // resolver. That is, parameter validation and resolution of the target
1.74 + // and the interceptor into the member variables.
1.75 + //
1.76 + // target_name is an exported function from the module loaded at
1.77 + // target_module, and must be replaced by interceptor_name, exported from
1.78 + // interceptor_module. interceptor_entry_point can be provided instead of
1.79 + // interceptor_name / interceptor_module.
1.80 + // thunk_storage must point to a buffer on the child's address space, to hold
1.81 + // the patch thunk, and related data.
1.82 + virtual NTSTATUS Init(const void* target_module,
1.83 + const void* interceptor_module,
1.84 + const char* target_name,
1.85 + const char* interceptor_name,
1.86 + const void* interceptor_entry_point,
1.87 + void* thunk_storage,
1.88 + size_t storage_bytes);
1.89 +
1.90 + // Gets the required buffer size for the internal part of the thunk.
1.91 + size_t GetInternalThunkSize() const;
1.92 +
1.93 + // Initializes the internal part of the thunk.
1.94 + // interceptor is the function to be called instead of original_function.
1.95 + bool SetInternalThunk(void* storage, size_t storage_bytes,
1.96 + const void* original_function, const void* interceptor);
1.97 +
1.98 + // Holds the resolved interception target.
1.99 + void* target_;
1.100 + // Holds the resolved interception interceptor.
1.101 + const void* interceptor_;
1.102 +
1.103 + DISALLOW_COPY_AND_ASSIGN(ResolverThunk);
1.104 +};
1.105 +
1.106 +} // namespace sandbox
1.107 +
1.108 +#endif // SANDBOX_SRC_RESOLVER_H__
