Chromium Code Reviews Chromium Code Reviews
Issue 101203010:
Add 64-bit support to browser blacklisting (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/service_resolver.h" | 5 #include "sandbox/win/src/service_resolver.h" |
| 6 | 6 |
| 7 #include "base/memory/scoped_ptr.h" | 7 #include "base/memory/scoped_ptr.h" |
| 8 #include "sandbox/win/src/sandbox_nt_util.h" | 8 #include "sandbox/win/src/sandbox_nt_util.h" |
| 9 #include "sandbox/win/src/win_utils.h" | 9 #include "sandbox/win/src/win_utils.h" |
| 10 | 10 |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 49 // 1c 0f05 syscall | 49 // 1c 0f05 syscall |
| 50 // 1e c3 ret | 50 // 1e c3 ret |
| 51 // 1f 90 nop | 51 // 1f 90 nop |
| 52 | 52 |
| 53 ULONG64 mov_1; // = 48 89 4C 24 08 48 89 54 | 53 ULONG64 mov_1; // = 48 89 4C 24 08 48 89 54 |
| 54 ULONG64 mov_2; // = 24 10 4C 89 44 24 18 4C | 54 ULONG64 mov_2; // = 24 10 4C 89 44 24 18 4C |
| 55 ULONG mov_3; // = 89 4C 24 20 | 55 ULONG mov_3; // = 89 4C 24 20 |
| 56 ULONG mov_r10_rcx_mov_eax; // = 4C 8B D1 B8 | 56 ULONG mov_r10_rcx_mov_eax; // = 4C 8B D1 B8 |
| 57 ULONG service_id; | 57 ULONG service_id; |
| 58 USHORT syscall; // = 0F 05 | 58 USHORT syscall; // = 0F 05 |
| 59 BYTE ret; // = C2 | 59 BYTE ret; // = C3 |
| 60 BYTE nop; // = 90 | 60 BYTE nop; // = 90 |
| 61 }; | 61 }; |
| 62 | 62 |
| 63 // We don't have an internal thunk for x64. | 63 // We don't have an internal thunk for x64. |
| 64 struct ServiceFullThunk { | 64 struct ServiceFullThunk { |
| 65 union { | 65 union { |
| 66 ServiceEntry original; | 66 ServiceEntry original; |
| 67 ServiceEntryW8 original_w8; | 67 ServiceEntryW8 original_w8; |
| 68 }; | 68 }; |
| 69 }; | 69 }; |
| (...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 183 bool Wow64ResolverThunk::IsFunctionAService(void* local_thunk) const { | 183 bool Wow64ResolverThunk::IsFunctionAService(void* local_thunk) const { |
| 184 NOTREACHED_NT(); | 184 NOTREACHED_NT(); |
| 185 return false; | 185 return false; |
| 186 } | 186 } |
| 187 | 187 |
| 188 bool Win2kResolverThunk::IsFunctionAService(void* local_thunk) const { | 188 bool Win2kResolverThunk::IsFunctionAService(void* local_thunk) const { |
| 189 NOTREACHED_NT(); | 189 NOTREACHED_NT(); |
| 190 return false; | 190 return false; |
| 191 } | 191 } |
| 192 | 192 |
| 193 bool Win8ResolverThunk::IsFunctionAService(void* local_thunk) const { | |
|
robertshield
2014/01/07 18:30:47
The ServiceResolverThunk::IsFunctionAService metho
csharp
2014/01/07 20:43:07
Yes it does. I've removed the win8 specific code f
| |
| 194 ServiceEntryW8 function_code; | |
| 195 SIZE_T read; | |
| 196 if (!::ReadProcessMemory(process_, target_, &function_code, | |
| 197 sizeof(function_code), &read)) | |
| 198 return false; | |
| 199 | |
| 200 if (sizeof(function_code) != read) | |
| 201 return false; | |
| 202 | |
| 203 if (kMov1 != function_code.mov_1 || kMov2 != function_code.mov_2 || | |
| 204 kMov3 != function_code.mov_3 || | |
| 205 kMmovR10EcxMovEax != function_code.mov_r10_rcx_mov_eax || | |
| 206 kSyscall != function_code.syscall || | |
| 207 kRetNp != function_code.ret) { | |
| 208 return false; | |
| 209 } | |
| 210 | |
| 211 // Save the verified code | |
| 212 memcpy(local_thunk, &function_code, sizeof(function_code)); | |
| 213 | |
| 214 return true; | |
| 215 } | |
| 216 | |
| 193 } // namespace sandbox | 217 } // namespace sandbox |
| OLD | NEW |
