security/sandbox/win/src/interceptors_64.cc@6474c204b198
security/sandbox/win/src/interceptors_64.cc
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "sandbox/win/src/interceptors_64.h"
7 #include "sandbox/win/src/interceptors.h"
8 #include "sandbox/win/src/filesystem_interception.h"
9 #include "sandbox/win/src/named_pipe_interception.h"
10 #include "sandbox/win/src/policy_target.h"
11 #include "sandbox/win/src/process_thread_interception.h"
12 #include "sandbox/win/src/registry_interception.h"
13 #include "sandbox/win/src/sandbox_nt_types.h"
14 #include "sandbox/win/src/sandbox_types.h"
15 #include "sandbox/win/src/sync_interception.h"
16 #include "sandbox/win/src/target_interceptions.h"
18 namespace sandbox {
20 SANDBOX_INTERCEPT NtExports g_nt;
21 SANDBOX_INTERCEPT OriginalFunctions g_originals;
23 NTSTATUS WINAPI TargetNtMapViewOfSection64(
24 HANDLE section, HANDLE process, PVOID *base, ULONG_PTR zero_bits,
25 SIZE_T commit_size, PLARGE_INTEGER offset, PSIZE_T view_size,
26 SECTION_INHERIT inherit, ULONG allocation_type, ULONG protect) {
27 NtMapViewOfSectionFunction orig_fn = reinterpret_cast<
28 NtMapViewOfSectionFunction>(g_originals[MAP_VIEW_OF_SECTION_ID]);
30 return TargetNtMapViewOfSection(orig_fn, section, process, base, zero_bits,
31 commit_size, offset, view_size, inherit,
32 allocation_type, protect);
33 }
35 NTSTATUS WINAPI TargetNtUnmapViewOfSection64(HANDLE process, PVOID base) {
36 NtUnmapViewOfSectionFunction orig_fn = reinterpret_cast<
37 NtUnmapViewOfSectionFunction>(g_originals[UNMAP_VIEW_OF_SECTION_ID]);
38 return TargetNtUnmapViewOfSection(orig_fn, process, base);
39 }
41 // -----------------------------------------------------------------------
43 NTSTATUS WINAPI TargetNtSetInformationThread64(
44 HANDLE thread, NT_THREAD_INFORMATION_CLASS thread_info_class,
45 PVOID thread_information, ULONG thread_information_bytes) {
46 NtSetInformationThreadFunction orig_fn = reinterpret_cast<
47 NtSetInformationThreadFunction>(g_originals[SET_INFORMATION_THREAD_ID]);
48 return TargetNtSetInformationThread(orig_fn, thread, thread_info_class,
49 thread_information,
50 thread_information_bytes);
51 }
53 NTSTATUS WINAPI TargetNtOpenThreadToken64(
54 HANDLE thread, ACCESS_MASK desired_access, BOOLEAN open_as_self,
55 PHANDLE token) {
56 NtOpenThreadTokenFunction orig_fn = reinterpret_cast<
57 NtOpenThreadTokenFunction>(g_originals[OPEN_THREAD_TOKEN_ID]);
58 return TargetNtOpenThreadToken(orig_fn, thread, desired_access, open_as_self,
59 token);
60 }
62 NTSTATUS WINAPI TargetNtOpenThreadTokenEx64(
63 HANDLE thread, ACCESS_MASK desired_access, BOOLEAN open_as_self,
64 ULONG handle_attributes, PHANDLE token) {
65 NtOpenThreadTokenExFunction orig_fn = reinterpret_cast<
66 NtOpenThreadTokenExFunction>(g_originals[OPEN_THREAD_TOKEN_EX_ID]);
67 return TargetNtOpenThreadTokenEx(orig_fn, thread, desired_access,
68 open_as_self, handle_attributes, token);
69 }
71 HANDLE WINAPI TargetCreateThread64(
72 LPSECURITY_ATTRIBUTES thread_attributes, SIZE_T stack_size,
73 LPTHREAD_START_ROUTINE start_address, PVOID parameter, DWORD creation_flags,
74 LPDWORD thread_id) {
75 CreateThreadFunction orig_fn = reinterpret_cast<
76 CreateThreadFunction>(g_originals[CREATE_THREAD_ID]);
77 return TargetCreateThread(orig_fn, thread_attributes, stack_size,
78 start_address, parameter, creation_flags,
79 thread_id);
80 }
82 LCID WINAPI TargetGetUserDefaultLCID64(void) {
83 GetUserDefaultLCIDFunction orig_fn = reinterpret_cast<
84 GetUserDefaultLCIDFunction>(g_originals[GET_USER_DEFAULT_LCID_ID]);
85 return TargetGetUserDefaultLCID(orig_fn);
86 }
88 // -----------------------------------------------------------------------
90 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtCreateFile64(
91 PHANDLE file, ACCESS_MASK desired_access,
92 POBJECT_ATTRIBUTES object_attributes, PIO_STATUS_BLOCK io_status,
93 PLARGE_INTEGER allocation_size, ULONG file_attributes, ULONG sharing,
94 ULONG disposition, ULONG options, PVOID ea_buffer, ULONG ea_length) {
95 NtCreateFileFunction orig_fn = reinterpret_cast<
96 NtCreateFileFunction>(g_originals[CREATE_FILE_ID]);
97 return TargetNtCreateFile(orig_fn, file, desired_access, object_attributes,
98 io_status, allocation_size, file_attributes,
99 sharing, disposition, options, ea_buffer,
100 ea_length);
101 }
103 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenFile64(
104 PHANDLE file, ACCESS_MASK desired_access,
105 POBJECT_ATTRIBUTES object_attributes, PIO_STATUS_BLOCK io_status,
106 ULONG sharing, ULONG options) {
107 NtOpenFileFunction orig_fn = reinterpret_cast<
108 NtOpenFileFunction>(g_originals[OPEN_FILE_ID]);
109 return TargetNtOpenFile(orig_fn, file, desired_access, object_attributes,
110 io_status, sharing, options);
111 }
113 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtQueryAttributesFile64(
114 POBJECT_ATTRIBUTES object_attributes,
115 PFILE_BASIC_INFORMATION file_attributes) {
116 NtQueryAttributesFileFunction orig_fn = reinterpret_cast<
117 NtQueryAttributesFileFunction>(g_originals[QUERY_ATTRIB_FILE_ID]);
118 return TargetNtQueryAttributesFile(orig_fn, object_attributes,
119 file_attributes);
120 }
122 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtQueryFullAttributesFile64(
123 POBJECT_ATTRIBUTES object_attributes,
124 PFILE_NETWORK_OPEN_INFORMATION file_attributes) {
125 NtQueryFullAttributesFileFunction orig_fn = reinterpret_cast<
126 NtQueryFullAttributesFileFunction>(
127 g_originals[QUERY_FULL_ATTRIB_FILE_ID]);
128 return TargetNtQueryFullAttributesFile(orig_fn, object_attributes,
129 file_attributes);
130 }
132 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtSetInformationFile64(
133 HANDLE file, PIO_STATUS_BLOCK io_status, PVOID file_information,
134 ULONG length, FILE_INFORMATION_CLASS file_information_class) {
135 NtSetInformationFileFunction orig_fn = reinterpret_cast<
136 NtSetInformationFileFunction>(g_originals[SET_INFO_FILE_ID]);
137 return TargetNtSetInformationFile(orig_fn, file, io_status, file_information,
138 length, file_information_class);
139 }
141 // -----------------------------------------------------------------------
143 SANDBOX_INTERCEPT HANDLE WINAPI TargetCreateNamedPipeW64(
144 LPCWSTR pipe_name, DWORD open_mode, DWORD pipe_mode, DWORD max_instance,
145 DWORD out_buffer_size, DWORD in_buffer_size, DWORD default_timeout,
146 LPSECURITY_ATTRIBUTES security_attributes) {
147 CreateNamedPipeWFunction orig_fn = reinterpret_cast<
148 CreateNamedPipeWFunction>(g_originals[CREATE_NAMED_PIPE_ID]);
149 return TargetCreateNamedPipeW(orig_fn, pipe_name, open_mode, pipe_mode,
150 max_instance, out_buffer_size, in_buffer_size,
151 default_timeout, security_attributes);
152 }
154 // -----------------------------------------------------------------------
156 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenThread64(
157 PHANDLE thread, ACCESS_MASK desired_access,
158 POBJECT_ATTRIBUTES object_attributes, PCLIENT_ID client_id) {
159 NtOpenThreadFunction orig_fn = reinterpret_cast<
160 NtOpenThreadFunction>(g_originals[OPEN_TREAD_ID]);
161 return TargetNtOpenThread(orig_fn, thread, desired_access, object_attributes,
162 client_id);
163 }
165 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcess64(
166 PHANDLE process, ACCESS_MASK desired_access,
167 POBJECT_ATTRIBUTES object_attributes, PCLIENT_ID client_id) {
168 NtOpenProcessFunction orig_fn = reinterpret_cast<
169 NtOpenProcessFunction>(g_originals[OPEN_PROCESS_ID]);
170 return TargetNtOpenProcess(orig_fn, process, desired_access,
171 object_attributes, client_id);
172 }
174 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcessToken64(
175 HANDLE process, ACCESS_MASK desired_access, PHANDLE token) {
176 NtOpenProcessTokenFunction orig_fn = reinterpret_cast<
177 NtOpenProcessTokenFunction>(g_originals[OPEN_PROCESS_TOKEN_ID]);
178 return TargetNtOpenProcessToken(orig_fn, process, desired_access, token);
179 }
181 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcessTokenEx64(
182 HANDLE process, ACCESS_MASK desired_access, ULONG handle_attributes,
183 PHANDLE token) {
184 NtOpenProcessTokenExFunction orig_fn = reinterpret_cast<
185 NtOpenProcessTokenExFunction>(g_originals[OPEN_PROCESS_TOKEN_EX_ID]);
186 return TargetNtOpenProcessTokenEx(orig_fn, process, desired_access,
187 handle_attributes, token);
188 }
190 SANDBOX_INTERCEPT BOOL WINAPI TargetCreateProcessW64(
191 LPCWSTR application_name, LPWSTR command_line,
192 LPSECURITY_ATTRIBUTES process_attributes,
193 LPSECURITY_ATTRIBUTES thread_attributes, BOOL inherit_handles, DWORD flags,
194 LPVOID environment, LPCWSTR current_directory, LPSTARTUPINFOW startup_info,
195 LPPROCESS_INFORMATION process_information) {
196 CreateProcessWFunction orig_fn = reinterpret_cast<
197 CreateProcessWFunction>(g_originals[CREATE_PROCESSW_ID]);
198 return TargetCreateProcessW(orig_fn, application_name, command_line,
199 process_attributes, thread_attributes,
200 inherit_handles, flags, environment,
201 current_directory, startup_info,
202 process_information);
203 }
205 SANDBOX_INTERCEPT BOOL WINAPI TargetCreateProcessA64(
206 LPCSTR application_name, LPSTR command_line,
207 LPSECURITY_ATTRIBUTES process_attributes,
208 LPSECURITY_ATTRIBUTES thread_attributes, BOOL inherit_handles, DWORD flags,
209 LPVOID environment, LPCSTR current_directory, LPSTARTUPINFOA startup_info,
210 LPPROCESS_INFORMATION process_information) {
211 CreateProcessAFunction orig_fn = reinterpret_cast<
212 CreateProcessAFunction>(g_originals[CREATE_PROCESSA_ID]);
213 return TargetCreateProcessA(orig_fn, application_name, command_line,
214 process_attributes, thread_attributes,
215 inherit_handles, flags, environment,
216 current_directory, startup_info,
217 process_information);
218 }
220 // -----------------------------------------------------------------------
222 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtCreateKey64(
223 PHANDLE key, ACCESS_MASK desired_access,
224 POBJECT_ATTRIBUTES object_attributes, ULONG title_index,
225 PUNICODE_STRING class_name, ULONG create_options, PULONG disposition) {
226 NtCreateKeyFunction orig_fn = reinterpret_cast<
227 NtCreateKeyFunction>(g_originals[CREATE_KEY_ID]);
228 return TargetNtCreateKey(orig_fn, key, desired_access, object_attributes,
229 title_index, class_name, create_options,
230 disposition);
231 }
233 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenKey64(
234 PHANDLE key, ACCESS_MASK desired_access,
235 POBJECT_ATTRIBUTES object_attributes) {
236 NtOpenKeyFunction orig_fn = reinterpret_cast<
237 NtOpenKeyFunction>(g_originals[OPEN_KEY_ID]);
238 return TargetNtOpenKey(orig_fn, key, desired_access, object_attributes);
239 }
241 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenKeyEx64(
242 PHANDLE key, ACCESS_MASK desired_access,
243 POBJECT_ATTRIBUTES object_attributes, ULONG open_options) {
244 NtOpenKeyExFunction orig_fn = reinterpret_cast<
245 NtOpenKeyExFunction>(g_originals[OPEN_KEY_EX_ID]);
246 return TargetNtOpenKeyEx(orig_fn, key, desired_access, object_attributes,
247 open_options);
248 }
250 // -----------------------------------------------------------------------
252 SANDBOX_INTERCEPT HANDLE WINAPI TargetCreateEventW64(
253 LPSECURITY_ATTRIBUTES security_attributes, BOOL manual_reset,
254 BOOL initial_state, LPCWSTR name) {
255 CreateEventWFunction orig_fn = reinterpret_cast<
256 CreateEventWFunction>(g_originals[CREATE_EVENT_ID]);
257 return TargetCreateEventW(orig_fn, security_attributes, manual_reset,
258 initial_state, name);
259 }
261 SANDBOX_INTERCEPT HANDLE WINAPI TargetOpenEventW64(
262 ACCESS_MASK desired_access, BOOL inherit_handle, LPCWSTR name) {
263 OpenEventWFunction orig_fn = reinterpret_cast<
264 OpenEventWFunction>(g_originals[OPEN_EVENT_ID]);
265 return TargetOpenEventW(orig_fn, desired_access, inherit_handle, name);
266 }
268 } // namespace sandbox
