Index: sandbox/win/src/process_thread_policy.cc |
diff --git a/sandbox/win/src/process_thread_policy.cc b/sandbox/win/src/process_thread_policy.cc |
index b58a287ed2d5937917b480fd30bbfe4c7acc5d97..6068ce9a03268fbe67cee2ec7b18fb097b94b7c6 100644 |
--- a/sandbox/win/src/process_thread_policy.cc |
+++ b/sandbox/win/src/process_thread_policy.cc |
@@ -97,6 +97,9 @@ bool ProcessPolicy::GenerateRules(const wchar_t* name, |
if (!policy->AddRule(IPC_CREATEPROCESSW_TAG, process.get())) { |
return false; |
} |
+ if (!policy->AddRule(IPC_CREATETHREAD_TAG, process.get())) { |
+ return false; |
+ } |
return true; |
} |
@@ -236,4 +239,32 @@ DWORD ProcessPolicy::CreateProcessWAction(EvalResult eval_result, |
return ERROR_SUCCESS; |
} |
+DWORD ProcessPolicy::CreateThreadAction( |
+ EvalResult eval_result, |
+ const ClientInfo& client_info, |
+ const LPSECURITY_ATTRIBUTES thread_attributes, |
+ const SIZE_T stack_size, |
+ const LPTHREAD_START_ROUTINE start_address, |
+ const PVOID parameter, |
+ const DWORD creation_flags, |
+ LPDWORD thread_id, |
+ HANDLE* handle) { |
+ // The only action supported is ASK_BROKER which means create the process. |
+ if (GIVE_ALLACCESS != eval_result && GIVE_READONLY != eval_result) { |
+ return ERROR_ACCESS_DENIED; |
+ } |
+ HANDLE local_handle = |
+ CreateRemoteThread(client_info.process, thread_attributes, stack_size, |
+ start_address, parameter, creation_flags, thread_id); |
+ if (!local_handle) { |
+ return GetLastError(); |
Will Harris
2015/12/03 23:58:14
nit: use ::GetLastError() to be consistent.
|
+ } |
+ if (!::DuplicateHandle(::GetCurrentProcess(), local_handle, |
+ client_info.process, handle, 0, FALSE, |
+ DUPLICATE_CLOSE_SOURCE | DUPLICATE_SAME_ACCESS)) { |
+ return ERROR_ACCESS_DENIED; |
+ } |
+ return ERROR_SUCCESS; |
+} |
+ |
} // namespace sandbox |