sandbox/win/src/process_thread_interception.cc - Issue 1225183003: CreateThread interception, to use CreateRemoteThread

Side by Side Diff: sandbox/win/src/process_thread_interception.cc

Issue 1225183003: CreateThread interception, to use CreateRemoteThread (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: tweaks from review Created 5 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« sandbox/win/src/process_thread_dispatcher.cc ('K') | « sandbox/win/src/process_thread_interception.h ('k') | sandbox/win/src/process_thread_policy.h » ('j') | sandbox/win/src/process_thread_policy.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "sandbox/win/src/process_thread_interception.h"	5 #include "sandbox/win/src/process_thread_interception.h"

6	6

	7 #include "base/win/windows_version.h"

7 #include "sandbox/win/src/crosscall_client.h"	8 #include "sandbox/win/src/crosscall_client.h"

8 #include "sandbox/win/src/ipc_tags.h"	9 #include "sandbox/win/src/ipc_tags.h"

9 #include "sandbox/win/src/policy_params.h"	10 #include "sandbox/win/src/policy_params.h"

10 #include "sandbox/win/src/policy_target.h"	11 #include "sandbox/win/src/policy_target.h"

11 #include "sandbox/win/src/sandbox_factory.h"	12 #include "sandbox/win/src/sandbox_factory.h"

12 #include "sandbox/win/src/sandbox_nt_util.h"	13 #include "sandbox/win/src/sandbox_nt_util.h"

13 #include "sandbox/win/src/sharedmem_ipc_client.h"	14 #include "sandbox/win/src/sharedmem_ipc_client.h"

14 #include "sandbox/win/src/target_services.h"	15 #include "sandbox/win/src/target_services.h"

15	16

16 namespace sandbox {	17 namespace sandbox {

(...skipping 381 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
398 if (ERROR_SUCCESS != answer.win32_result)	399 if (ERROR_SUCCESS != answer.win32_result)

399 return FALSE;	400 return FALSE;

400	401

401 return TRUE;	402 return TRUE;

402 } while (false);	403 } while (false);

403	404

404 ::SetLastError(original_error);	405 ::SetLastError(original_error);

405 return FALSE;	406 return FALSE;

406 }	407 }

407	408

	409 // GetThreadId is not available on WINXP. So we'll

	410 // load it on-the-fly.

	411 const wchar_t kKernel32DllName[] = L"Kernel32.dll";

	412 typedef decltype(GetThreadId)* GetThreadIdFunc;

	413

	414 HANDLE WINAPI TargetCreateThread(CreateThreadFunction orig_CreateThread,

	415 LPSECURITY_ATTRIBUTES thread_attributes,

	416 SIZE_T stack_size,

	417 LPTHREAD_START_ROUTINE start_address,

	418 PVOID parameter,

	419 DWORD creation_flags,

	420 LPDWORD thread_id) {

	421 HANDLE hThread = NULL;

	422

	423 TargetServices* target_services = SandboxFactory::GetTargetServices();

	424 if (NULL == target_services \|\|

	425 target_services->GetState()->IsCsrssConnected()) {

	426 hThread = orig_CreateThread(thread_attributes, stack_size, start_address,

	427 parameter, creation_flags, thread_id);

	428 if (hThread) {

	429 return hThread;

	430 }

	431 }

	432 static GetThreadIdFunc GetThreadId_func = NULL;

	433

	434 if (NULL == target_services)

	435 return NULL;

	436

	437 // We don't trust that the IPC can work this early.

	438 if (!target_services->GetState()->InitCalled())

	439 return NULL;

	440

	441 DWORD original_error = ::GetLastError();

	442

	443 do {

	444 if (NULL != thread_id &&

	445 !ValidParameter(thread_id, sizeof(*thread_id), WRITE))

	446 break;

	447

	448 void* memory = GetGlobalIPCMemory();

	449 if (NULL == memory)

	450 break;

	451

	452 SharedMemIPCClient ipc(memory);

	453 CrossCallReturn answer = {0};

	454

	455 ResultCode code = CrossCall(

	456 ipc, IPC_CREATETHREAD_TAG, reinterpret_cast<LPVOID>(thread_attributes),

	457 reinterpret_cast<LPVOID>(stack_size),

	458 reinterpret_cast<LPVOID>(start_address),
	Will Harris 2015/12/03 23:58:14 can you investigate why these casts are still need can you investigate why these casts are still needed? liamjm (20p) 2016/02/02 00:23:39 start_address is not an LPVOID it is a LPTHREAD_ST Show quoted text On 2015/12/03 23:58:14, Will Harris wrote: > can you investigate why these casts are still needed? start_address is not an LPVOID it is a LPTHREAD_START_ROUTINE: https://msdn.microsoft.com/en-us/library/aa964928(v=vs.110).aspx typedef DWORD (__stdcall *LPTHREAD_START_ROUTINE) ( [in] LPVOID lpThreadParameter );
	459 reinterpret_cast<LPVOID>(parameter), creation_flags, &answer);

	460 if (SBOX_ALL_OK != code)

	461 break;

	462

	463 ::SetLastError(answer.win32_result);

	464 if (ERROR_SUCCESS != answer.win32_result) {

	465 return NULL;

	466 }

	467

	468 if (thread_id != NULL) {

	469 // GetThreadId is not available on WINXP. Set thread_id to 0, as this is

	470 // what is returned in the event of a failure.

	471 *thread_id = 0;

	472 if (base::win::GetVersion() >= base::win::VERSION_VISTA) {

	473 if (!GetThreadId_func) {

	474 HMODULE kernel32_dll = ::GetModuleHandle(kKernel32DllName);

	475 if (!kernel32_dll)

	476 break;

	477 GetThreadId_func = reinterpret_cast<GetThreadIdFunc>(

	478 GetProcAddress(kernel32_dll, "GetThreadId"));

	479 if (!GetThreadId_func)

	480 break;

	481 }

	482 *thread_id = GetThreadId_func(answer.handle);

	483 }

	484 }

	485 return answer.handle;

	486 } while (false);

	487

	488 ::SetLastError(original_error);

	489 return NULL;

	490 }

	491

408 } // namespace sandbox	492 } // namespace sandbox

OLD	NEW