| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // Implementation of NtMapViewOfSection intercept for 32 bit builds. | 5 // Implementation of NtMapViewOfSection intercept for 32 bit builds. |
| 6 // | 6 // |
| 7 // TODO(robertshield): Implement the 64 bit intercept. | 7 // TODO(robertshield): Implement the 64 bit intercept. |
| 8 | 8 |
| 9 #include "chrome_elf/blacklist/blacklist_interceptions.h" | 9 #include "chrome_elf/blacklist/blacklist_interceptions.h" |
| 10 | 10 |
| (...skipping 16 matching lines...) Expand all Loading... |
| 27 NtQuerySectionFunction g_nt_query_section_func = NULL; | 27 NtQuerySectionFunction g_nt_query_section_func = NULL; |
| 28 NtQueryVirtualMemoryFunction g_nt_query_virtual_memory_func = NULL; | 28 NtQueryVirtualMemoryFunction g_nt_query_virtual_memory_func = NULL; |
| 29 NtUnmapViewOfSectionFunction g_nt_unmap_view_of_section_func = NULL; | 29 NtUnmapViewOfSectionFunction g_nt_unmap_view_of_section_func = NULL; |
| 30 | 30 |
| 31 // TODO(robertshield): Merge with ntdll exports cache. | 31 // TODO(robertshield): Merge with ntdll exports cache. |
| 32 FARPROC GetNtDllExportByName(const char* export_name) { | 32 FARPROC GetNtDllExportByName(const char* export_name) { |
| 33 HMODULE ntdll = ::GetModuleHandle(sandbox::kNtdllName); | 33 HMODULE ntdll = ::GetModuleHandle(sandbox::kNtdllName); |
| 34 return ::GetProcAddress(ntdll, export_name); | 34 return ::GetProcAddress(ntdll, export_name); |
| 35 } | 35 } |
| 36 | 36 |
| 37 bool DllMatch(const base::string16& module_name) { | 37 int DllMatch(const base::string16& module_name) { |
| 38 for (int i = 0; blacklist::g_troublesome_dlls[i] != NULL; ++i) { | 38 for (int i = 0; blacklist::g_troublesome_dlls[i] != NULL; ++i) { |
| 39 if (_wcsicmp(module_name.c_str(), blacklist::g_troublesome_dlls[i]) == 0) | 39 if (_wcsicmp(module_name.c_str(), blacklist::g_troublesome_dlls[i]) == 0) |
| 40 return true; | 40 return i; |
| 41 } | 41 } |
| 42 return false; | 42 return -1; |
| 43 } | 43 } |
| 44 | 44 |
| 45 // TODO(robertshield): Some of the helper functions below overlap somewhat with | 45 // TODO(robertshield): Some of the helper functions below overlap somewhat with |
| 46 // code in sandbox_nt_util.cc. See if they can be unified. | 46 // code in sandbox_nt_util.cc. See if they can be unified. |
| 47 | 47 |
| 48 // Native reimplementation of PSAPIs GetMappedFileName. | 48 // Native reimplementation of PSAPIs GetMappedFileName. |
| 49 base::string16 GetBackingModuleFilePath(PVOID address) { | 49 base::string16 GetBackingModuleFilePath(PVOID address) { |
| 50 DCHECK_NT(g_nt_query_virtual_memory_func); | 50 DCHECK_NT(g_nt_query_virtual_memory_func); |
| 51 | 51 |
| 52 // We'll start with something close to max_path characters for the name. | 52 // We'll start with something close to max_path characters for the name. |
| (...skipping 160 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 213 base::string16 module_name(GetImageInfoFromLoadedModule( | 213 base::string16 module_name(GetImageInfoFromLoadedModule( |
| 214 reinterpret_cast<HMODULE>(*base), &image_flags)); | 214 reinterpret_cast<HMODULE>(*base), &image_flags)); |
| 215 base::string16 file_name(GetBackingModuleFilePath(*base)); | 215 base::string16 file_name(GetBackingModuleFilePath(*base)); |
| 216 | 216 |
| 217 if (module_name.empty() && (image_flags & sandbox::MODULE_HAS_CODE)) { | 217 if (module_name.empty() && (image_flags & sandbox::MODULE_HAS_CODE)) { |
| 218 // If the module has no exports we retrieve the module name from the | 218 // If the module has no exports we retrieve the module name from the |
| 219 // full path of the mapped section. | 219 // full path of the mapped section. |
| 220 module_name = ExtractLoadedModuleName(file_name); | 220 module_name = ExtractLoadedModuleName(file_name); |
| 221 } | 221 } |
| 222 | 222 |
| 223 if (!module_name.empty() && DllMatch(module_name)) { | 223 if (!module_name.empty()) { |
| 224 DCHECK_NT(g_nt_unmap_view_of_section_func); | 224 int blocked_index = DllMatch(module_name); |
| 225 g_nt_unmap_view_of_section_func(process, *base); | 225 if (blocked_index != -1) { |
| 226 ret = STATUS_UNSUCCESSFUL; | 226 DCHECK_NT(g_nt_unmap_view_of_section_func); |
| 227 g_nt_unmap_view_of_section_func(process, *base); |
| 228 ret = STATUS_UNSUCCESSFUL; |
| 229 |
| 230 BlockedDll(blocked_index); |
| 231 } |
| 227 } | 232 } |
| 228 } | 233 } |
| 229 | 234 |
| 230 return ret; | 235 return ret; |
| 231 } | 236 } |
| 232 | 237 |
| 233 #if defined(_WIN64) | 238 #if defined(_WIN64) |
| 234 NTSTATUS WINAPI BlNtMapViewOfSection64( | 239 NTSTATUS WINAPI BlNtMapViewOfSection64( |
| 235 HANDLE section, HANDLE process, PVOID *base, ULONG_PTR zero_bits, | 240 HANDLE section, HANDLE process, PVOID *base, ULONG_PTR zero_bits, |
| 236 SIZE_T commit_size, PLARGE_INTEGER offset, PSIZE_T view_size, | 241 SIZE_T commit_size, PLARGE_INTEGER offset, PSIZE_T view_size, |
| 237 SECTION_INHERIT inherit, ULONG allocation_type, ULONG protect) { | 242 SECTION_INHERIT inherit, ULONG allocation_type, ULONG protect) { |
| 238 return BlNtMapViewOfSection(g_nt_map_view_of_section_func, section, process, | 243 return BlNtMapViewOfSection(g_nt_map_view_of_section_func, section, process, |
| 239 base, zero_bits, commit_size, offset, view_size, | 244 base, zero_bits, commit_size, offset, view_size, |
| 240 inherit, allocation_type, protect); | 245 inherit, allocation_type, protect); |
| 241 } | 246 } |
| 242 #endif | 247 #endif |
| 243 } // namespace blacklist | 248 } // namespace blacklist |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 174013007:
Add UMA stats to record when DLLs are successfully blocked in the Browser. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master