The Tor Browser / file revision

security/sandbox/win/src/eat_resolver.cc@6474c204b198

security/sandbox/win/src/eat_resolver.cc

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

     1 // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved.

     2 // Use of this source code is governed by a BSD-style license that can be

     3 // found in the LICENSE file.

     4 

     5 #include "sandbox/win/src/eat_resolver.h"

     6 

     7 #include "base/win/pe_image.h"

     8 #include "sandbox/win/src/sandbox_nt_util.h"

     9 

    10 namespace sandbox {

    11 

    12 NTSTATUS EatResolverThunk::Setup(const void* target_module,

    13                                  const void* interceptor_module,

    14                                  const char* target_name,

    15                                  const char* interceptor_name,

    16                                  const void* interceptor_entry_point,

    17                                  void* thunk_storage,

    18                                  size_t storage_bytes,

    19                                  size_t* storage_used) {

    20   NTSTATUS ret = Init(target_module, interceptor_module, target_name,

    21                       interceptor_name, interceptor_entry_point,

    22                       thunk_storage, storage_bytes);

    23   if (!NT_SUCCESS(ret))

    24     return ret;

    25 

    26   if (!eat_entry_)

    27     return STATUS_INVALID_PARAMETER;

    28 

    29   size_t thunk_bytes = GetInternalThunkSize();

    30 

    31 #if defined(_WIN64)

    32   // We have two thunks, in order: the return path and the forward path.

    33   if (!SetInternalThunk(thunk_storage, storage_bytes, NULL, target_))

    34     return STATUS_BUFFER_TOO_SMALL;

    35 

    36   storage_bytes -= thunk_bytes;

    37   thunk_storage = reinterpret_cast<char*>(thunk_storage) + thunk_bytes;

    38 #endif

    39 

    40   if (!SetInternalThunk(thunk_storage, storage_bytes, target_, interceptor_))

    41     return STATUS_BUFFER_TOO_SMALL;

    42 

    43   AutoProtectMemory memory;

    44   ret = memory.ChangeProtection(eat_entry_, sizeof(DWORD), PAGE_READWRITE);

    45   if (!NT_SUCCESS(ret))

    46     return ret;

    47 

    48   // Perform the patch.

    49 #pragma warning(push)

    50 #pragma warning(disable: 4311)

    51   // These casts generate warnings because they are 32 bit specific.

    52   *eat_entry_ = reinterpret_cast<DWORD>(thunk_storage) -

    53                 reinterpret_cast<DWORD>(target_module);

    54 #pragma warning(pop)

    55 

    56   if (NULL != storage_used)

    57     *storage_used = GetThunkSize();

    58 

    59   return ret;

    60 }

    61 

    62 NTSTATUS EatResolverThunk::ResolveTarget(const void* module,

    63                                          const char* function_name,

    64                                          void** address) {

    65   DCHECK_NT(address);

    66   if (!module)

    67     return STATUS_INVALID_PARAMETER;

    68 

    69   base::win::PEImage pe(module);

    70   if (!pe.VerifyMagic())

    71     return STATUS_INVALID_IMAGE_FORMAT;

    72 

    73   eat_entry_ = pe.GetExportEntry(function_name);

    74 

    75   if (!eat_entry_)

    76     return STATUS_PROCEDURE_NOT_FOUND;

    77 

    78   *address = pe.RVAToAddr(*eat_entry_);

    79 

    80   return STATUS_SUCCESS;

    81 }

    82 

    83 size_t EatResolverThunk::GetThunkSize() const {

    84 #if defined(_WIN64)

    85   return GetInternalThunkSize() * 2;

    86 #else

    87   return GetInternalThunkSize();

    88 #endif

    89 }

    90 

    91 }  // namespace sandbox

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial