security/sandbox/win/src/service_resolver.h@6474c204b198
security/sandbox/win/src/service_resolver.h
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef SANDBOX_SRC_SERVICE_RESOLVER_H__
6 #define SANDBOX_SRC_SERVICE_RESOLVER_H__
8 #include "sandbox/win/src/nt_internals.h"
9 #include "sandbox/win/src/resolver.h"
11 namespace sandbox {
13 // This is the concrete resolver used to perform service-call type functions
14 // inside ntdll.dll.
15 class ServiceResolverThunk : public ResolverThunk {
16 public:
17 // The service resolver needs a child process to write to.
18 ServiceResolverThunk(HANDLE process, bool relaxed)
19 : process_(process), ntdll_base_(NULL), win2k_(false),
20 relaxed_(relaxed), relative_jump_(0) {}
21 virtual ~ServiceResolverThunk() {}
23 // Implementation of Resolver::Setup.
24 virtual NTSTATUS Setup(const void* target_module,
25 const void* interceptor_module,
26 const char* target_name,
27 const char* interceptor_name,
28 const void* interceptor_entry_point,
29 void* thunk_storage,
30 size_t storage_bytes,
31 size_t* storage_used);
33 // Implementation of Resolver::ResolveInterceptor.
34 virtual NTSTATUS ResolveInterceptor(const void* module,
35 const char* function_name,
36 const void** address);
38 // Implementation of Resolver::ResolveTarget.
39 virtual NTSTATUS ResolveTarget(const void* module,
40 const char* function_name,
41 void** address);
43 // Implementation of Resolver::GetThunkSize.
44 virtual size_t GetThunkSize() const;
46 protected:
47 // The unit test will use this member to allow local patch on a buffer.
48 HMODULE ntdll_base_;
50 // Handle of the child process.
51 HANDLE process_;
53 protected:
54 // Keeps track of a Windows 2000 resolver.
55 bool win2k_;
57 private:
58 // Returns true if the code pointer by target_ corresponds to the expected
59 // type of function. Saves that code on the first part of the thunk pointed
60 // by local_thunk (should be directly accessible from the parent).
61 virtual bool IsFunctionAService(void* local_thunk) const;
63 // Performs the actual patch of target_.
64 // local_thunk must be already fully initialized, and the first part must
65 // contain the original code. The real type of this buffer is ServiceFullThunk
66 // (yes, private). remote_thunk (real type ServiceFullThunk), must be
67 // allocated on the child, and will contain the thunk data, after this call.
68 // Returns the apropriate status code.
69 virtual NTSTATUS PerformPatch(void* local_thunk, void* remote_thunk);
71 // Provides basically the same functionality as IsFunctionAService but it
72 // continues even if it does not recognize the function code. remote_thunk
73 // is the address of our memory on the child.
74 bool SaveOriginalFunction(void* local_thunk, void* remote_thunk);
76 // true if we are allowed to patch already-patched functions.
77 bool relaxed_;
78 ULONG relative_jump_;
80 DISALLOW_COPY_AND_ASSIGN(ServiceResolverThunk);
81 };
83 // This is the concrete resolver used to perform service-call type functions
84 // inside ntdll.dll on WOW64 (32 bit ntdll on 64 bit Vista).
85 class Wow64ResolverThunk : public ServiceResolverThunk {
86 public:
87 // The service resolver needs a child process to write to.
88 Wow64ResolverThunk(HANDLE process, bool relaxed)
89 : ServiceResolverThunk(process, relaxed) {}
90 virtual ~Wow64ResolverThunk() {}
92 private:
93 virtual bool IsFunctionAService(void* local_thunk) const;
95 DISALLOW_COPY_AND_ASSIGN(Wow64ResolverThunk);
96 };
98 // This is the concrete resolver used to perform service-call type functions
99 // inside ntdll.dll on WOW64 for Windows 8.
100 class Wow64W8ResolverThunk : public ServiceResolverThunk {
101 public:
102 // The service resolver needs a child process to write to.
103 Wow64W8ResolverThunk(HANDLE process, bool relaxed)
104 : ServiceResolverThunk(process, relaxed) {}
105 virtual ~Wow64W8ResolverThunk() {}
107 private:
108 virtual bool IsFunctionAService(void* local_thunk) const;
110 DISALLOW_COPY_AND_ASSIGN(Wow64W8ResolverThunk);
111 };
113 // This is the concrete resolver used to perform service-call type functions
114 // inside ntdll.dll on Windows 2000 and XP pre SP2.
115 class Win2kResolverThunk : public ServiceResolverThunk {
116 public:
117 // The service resolver needs a child process to write to.
118 Win2kResolverThunk(HANDLE process, bool relaxed)
119 : ServiceResolverThunk(process, relaxed) {
120 win2k_ = true;
121 }
122 virtual ~Win2kResolverThunk() {}
124 private:
125 virtual bool IsFunctionAService(void* local_thunk) const;
127 DISALLOW_COPY_AND_ASSIGN(Win2kResolverThunk);
128 };
130 // This is the concrete resolver used to perform service-call type functions
131 // inside ntdll.dll on Windows 8.
132 class Win8ResolverThunk : public ServiceResolverThunk {
133 public:
134 // The service resolver needs a child process to write to.
135 Win8ResolverThunk(HANDLE process, bool relaxed)
136 : ServiceResolverThunk(process, relaxed) {}
137 virtual ~Win8ResolverThunk() {}
139 private:
140 virtual bool IsFunctionAService(void* local_thunk) const;
142 DISALLOW_COPY_AND_ASSIGN(Win8ResolverThunk);
143 };
145 } // namespace sandbox
148 #endif // SANDBOX_SRC_SERVICE_RESOLVER_H__
