Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(944)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: sandbox/win/src/process_thread_policy.cc

Issue 1225183003: CreateThread interception, to use CreateRemoteThread (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: fix missing variable from cleanup Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« sandbox/win/src/process_thread_dispatcher.cc ('K') | « sandbox/win/src/process_thread_policy.h ('k') | sandbox/win/src/sandbox_policy_base.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: sandbox/win/src/process_thread_policy.cc
diff --git a/sandbox/win/src/process_thread_policy.cc b/sandbox/win/src/process_thread_policy.cc
index b58a287ed2d5937917b480fd30bbfe4c7acc5d97..dd97ae47307e3b5f068a26d95655a2e434864654 100644
--- a/sandbox/win/src/process_thread_policy.cc
+++ b/sandbox/win/src/process_thread_policy.cc
@@ -97,6 +97,9 @@ bool ProcessPolicy::GenerateRules(const wchar_t* name,
if (!policy->AddRule(IPC_CREATEPROCESSW_TAG, process.get())) {
return false;
}
+ if (!policy->AddRule(IPC_CREATETHREAD_TAG, process.get())) {
+ return false;
+ }
return true;
}
@@ -236,4 +239,38 @@ DWORD ProcessPolicy::CreateProcessWAction(EvalResult eval_result,
return ERROR_SUCCESS;
}
+DWORD ProcessPolicy::CreateThreadAction(EvalResult eval_result,
+ const ClientInfo& client_info,
+ const LPSECURITY_ATTRIBUTES thread_attributes,
+ const SIZE_T stack_size,
+ const LPTHREAD_START_ROUTINE start_address,
+ const PVOID parameter,
+ const DWORD creation_flags,
+ LPDWORD thread_id,
+ HANDLE *handle) {
+
+ // The only action supported is ASK_BROKER which means create the process.
+ if (GIVE_ALLACCESS != eval_result && GIVE_READONLY != eval_result) {
Will Harris 2015/09/04 02:41:01 eval_result will always be GIVE_ALLACCESS I wonde
liamjm (20p) 2015/09/04 21:30:39 As discussed, this is more of a stylistic thing -
+ return ERROR_ACCESS_DENIED;
+ }
+ HANDLE local_handle = CreateRemoteThread(
+ client_info.process,
+ thread_attributes,
+ stack_size,
+ start_address,
+ parameter,
+ creation_flags,
+ thread_id);
+ if (!local_handle) {
+ return ERROR_ACCESS_DENIED;
+ }
+ if (!::DuplicateHandle(::GetCurrentProcess(), local_handle,
+ client_info.process, handle, 0, FALSE,
+ DUPLICATE_CLOSE_SOURCE | DUPLICATE_SAME_ACCESS)) {
+ // TODO(liamjm): what do we do on error with original handle??
Will Harris 2015/09/04 02:41:01 I don't know but we probably need a DCHECK here
liamjm (20p) 2015/09/04 21:30:39 Added a DCHECK()
+ return ERROR_ACCESS_DENIED;
+ }
+ return ERROR_SUCCESS;
+}
+
} // namespace sandbox
« sandbox/win/src/process_thread_dispatcher.cc ('K') | « sandbox/win/src/process_thread_policy.h ('k') | sandbox/win/src/sandbox_policy_base.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698