sandbox/win/src/process_thread_interception.cc - Issue 1225183003: CreateThread interception, to use CreateRemoteThread

Side by Side Diff: sandbox/win/src/process_thread_interception.cc

Issue 1225183003: CreateThread interception, to use CreateRemoteThread (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: remove thread_attributes from IPC call, use nullptr Created 4 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "sandbox/win/src/process_thread_interception.h"	5 #include "sandbox/win/src/process_thread_interception.h"

6	6

	7 #include "base/win/windows_version.h"

7 #include <stdint.h>	8 #include <stdint.h>

8

9 #include "sandbox/win/src/crosscall_client.h"	9 #include "sandbox/win/src/crosscall_client.h"

10 #include "sandbox/win/src/ipc_tags.h"	10 #include "sandbox/win/src/ipc_tags.h"

11 #include "sandbox/win/src/policy_params.h"	11 #include "sandbox/win/src/policy_params.h"

12 #include "sandbox/win/src/policy_target.h"	12 #include "sandbox/win/src/policy_target.h"

13 #include "sandbox/win/src/sandbox_factory.h"	13 #include "sandbox/win/src/sandbox_factory.h"

14 #include "sandbox/win/src/sandbox_nt_util.h"	14 #include "sandbox/win/src/sandbox_nt_util.h"

15 #include "sandbox/win/src/sharedmem_ipc_client.h"	15 #include "sandbox/win/src/sharedmem_ipc_client.h"

16 #include "sandbox/win/src/target_services.h"	16 #include "sandbox/win/src/target_services.h"

17	17

18 namespace sandbox {	18 namespace sandbox {

(...skipping 382 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
401 if (ERROR_SUCCESS != answer.win32_result)	401 if (ERROR_SUCCESS != answer.win32_result)

402 return FALSE;	402 return FALSE;

403	403

404 return TRUE;	404 return TRUE;

405 } while (false);	405 } while (false);

406	406

407 ::SetLastError(original_error);	407 ::SetLastError(original_error);

408 return FALSE;	408 return FALSE;

409 }	409 }

410	410

	411 // GetThreadId is not available on WINXP. So we'll
	Will Harris 2016/02/02 05:45:33 no need for XP code any more! no need for XP code any more! liamjm (20p) 2016/02/02 20:43:45 Done. Show quoted text On 2016/02/02 05:45:33, Will Harris wrote: > no need for XP code any more! Done.
	412 // load it on-the-fly.

	413 const wchar_t kKernel32DllName[] = L"Kernel32.dll";

	414 typedef decltype(GetThreadId)* GetThreadIdFunc;

	415

	416 HANDLE WINAPI TargetCreateThread(CreateThreadFunction orig_CreateThread,

	417 LPSECURITY_ATTRIBUTES thread_attributes,

	418 SIZE_T stack_size,

	419 LPTHREAD_START_ROUTINE start_address,

	420 LPVOID parameter,

	421 DWORD creation_flags,

	422 LPDWORD thread_id) {

	423 HANDLE hThread = NULL;

	424

	425 TargetServices* target_services = SandboxFactory::GetTargetServices();

	426 if (NULL == target_services \|\|

	427 target_services->GetState()->IsCsrssConnected()) {

	428 hThread = orig_CreateThread(thread_attributes, stack_size, start_address,

	429 parameter, creation_flags, thread_id);

	430 if (hThread) {

	431 return hThread;

	432 }

	433 }

	434 static GetThreadIdFunc GetThreadId_func = NULL;

	435

	436 if (NULL == target_services)

	437 return NULL;

	438

	439 // We don't trust that the IPC can work this early.

	440 if (!target_services->GetState()->InitCalled())

	441 return NULL;

	442

	443 DWORD original_error = ::GetLastError();

	444

	445 do {

	446 if (NULL != thread_id &&

	447 !ValidParameter(thread_id, sizeof(*thread_id), WRITE))

	448 break;

	449

	450 void* memory = GetGlobalIPCMemory();

	451 if (NULL == memory)

	452 break;

	453

	454 SharedMemIPCClient ipc(memory);

	455 CrossCallReturn answer = {0};

	456

	457 // NOTE: we don't pass the thread_attributes through. This matches the

	458 // approach in CreateProcess and in CreateThreadInternal().

	459 ResultCode code = CrossCall(ipc, IPC_CREATETHREAD_TAG,

	460 reinterpret_cast<LPVOID>(stack_size),

	461 reinterpret_cast<LPVOID>(start_address),

	462 parameter, creation_flags, &answer);

	463 if (SBOX_ALL_OK != code)

	464 break;

	465

	466 ::SetLastError(answer.win32_result);

	467 if (ERROR_SUCCESS != answer.win32_result) {

	468 return NULL;

	469 }

	470

	471 if (thread_id != NULL) {

	472 // GetThreadId is not available on WINXP. Set thread_id to 0, as this is
	Will Harris 2016/02/02 05:45:33 same here, XP is dead. same here, XP is dead. liamjm (20p) 2016/02/02 20:43:45 Done. Show quoted text On 2016/02/02 05:45:33, Will Harris wrote: > same here, XP is dead. Done.
	473 // what is returned in the event of a failure.

	474 *thread_id = 0;

	475 if (base::win::GetVersion() >= base::win::VERSION_VISTA) {

	476 if (!GetThreadId_func) {

	477 HMODULE kernel32_dll = ::GetModuleHandle(kKernel32DllName);

	478 if (!kernel32_dll)

	479 break;

	480 GetThreadId_func = reinterpret_cast<GetThreadIdFunc>(

	481 GetProcAddress(kernel32_dll, "GetThreadId"));

	482 if (!GetThreadId_func)

	483 break;

	484 }

	485 *thread_id = GetThreadId_func(answer.handle);

	486 }

	487 }

	488 return answer.handle;

	489 } while (false);

	490

	491 ::SetLastError(original_error);

	492 return NULL;

	493 }

	494

411 } // namespace sandbox	495 } // namespace sandbox

OLD	NEW

« no previous file with comments | « sandbox/win/src/process_thread_interception.h ('k') | sandbox/win/src/process_thread_policy.h » ('j') | sandbox/win/src/process_thread_policy.cc » ('J')