OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome_elf/blacklist/blacklist.h" | 5 #include "chrome_elf/blacklist/blacklist.h" |
6 | 6 |
7 #include <assert.h> | 7 #include <assert.h> |
8 #include <string.h> | 8 #include <string.h> |
9 | 9 |
10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
11 #include "chrome_elf/blacklist/blacklist_interceptions.h" | 11 #include "chrome_elf/blacklist/blacklist_interceptions.h" |
12 #include "chrome_elf/chrome_elf_constants.h" | 12 #include "chrome_elf/chrome_elf_constants.h" |
13 #include "chrome_elf/chrome_elf_util.h" | 13 #include "chrome_elf/chrome_elf_util.h" |
14 #include "sandbox/win/src/interception_internal.h" | 14 #include "sandbox/win/src/interception_internal.h" |
15 #include "sandbox/win/src/internal_types.h" | 15 #include "sandbox/win/src/internal_types.h" |
16 #include "sandbox/win/src/sandbox_utils.h" | 16 #include "sandbox/win/src/sandbox_utils.h" |
17 #include "sandbox/win/src/service_resolver.h" | 17 #include "sandbox/win/src/service_resolver.h" |
18 #include "version.h" // NOLINT | |
19 | 18 |
20 // http://blogs.msdn.com/oldnewthing/archive/2004/10/25/247180.aspx | 19 // http://blogs.msdn.com/oldnewthing/archive/2004/10/25/247180.aspx |
21 extern "C" IMAGE_DOS_HEADER __ImageBase; | 20 extern "C" IMAGE_DOS_HEADER __ImageBase; |
22 | 21 |
23 namespace blacklist{ | 22 namespace blacklist{ |
24 | 23 |
25 const wchar_t* g_troublesome_dlls[kTroublesomeDllsMaxCount] = { | 24 const wchar_t* g_troublesome_dlls[kTroublesomeDllsMaxCount] = { |
26 L"datamngr.dll", // Unknown (suspected adware). | 25 L"datamngr.dll", // Unknown (suspected adware). |
27 L"hk.dll", // Unknown (keystroke logger). | 26 L"hk.dll", // Unknown (keystroke logger). |
28 L"libsvn_tsvn32.dll", // TortoiseSVN. | 27 L"libsvn_tsvn32.dll", // TortoiseSVN. |
(...skipping 169 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
198 &type, | 197 &type, |
199 reinterpret_cast<LPBYTE>(&blacklist_state), | 198 reinterpret_cast<LPBYTE>(&blacklist_state), |
200 &blacklist_state_size); | 199 &blacklist_state_size); |
201 | 200 |
202 if (blacklist_state != BLACKLIST_ENABLED || | 201 if (blacklist_state != BLACKLIST_ENABLED || |
203 result != ERROR_SUCCESS || type != REG_DWORD) { | 202 result != ERROR_SUCCESS || type != REG_DWORD) { |
204 ::RegCloseKey(key); | 203 ::RegCloseKey(key); |
205 return false; | 204 return false; |
206 } | 205 } |
207 | 206 |
208 // If the blacklist wasn't set as enabled for this version, don't | |
209 // use it. | |
210 wchar_t key_data[255] = {}; | |
211 DWORD key_data_size = sizeof(key_data); | |
212 result = ::RegQueryValueEx(key, | |
213 blacklist::kBeaconVersion, | |
214 0, | |
215 &type, | |
216 reinterpret_cast<LPBYTE>(key_data), | |
217 &key_data_size); | |
218 | |
219 if (wcscmp(key_data, TEXT(CHROME_VERSION_STRING)) != 0 || | |
220 result != ERROR_SUCCESS || type != REG_SZ) { | |
221 ::RegCloseKey(key); | |
222 return false; | |
223 } | |
224 | |
225 // Mark the blacklist setup code as running so if it crashes the blacklist | 207 // Mark the blacklist setup code as running so if it crashes the blacklist |
226 // won't be enabled for the next run. | 208 // won't be enabled for the next run. |
227 blacklist_state = BLACKLIST_SETUP_RUNNING; | 209 blacklist_state = BLACKLIST_SETUP_RUNNING; |
228 result = ::RegSetValueEx(key, | 210 result = ::RegSetValueEx(key, |
229 kBeaconState, | 211 kBeaconState, |
230 0, | 212 0, |
231 REG_DWORD, | 213 REG_DWORD, |
232 reinterpret_cast<LPBYTE>(&blacklist_state), | 214 reinterpret_cast<LPBYTE>(&blacklist_state), |
233 sizeof(blacklist_state)); | 215 sizeof(blacklist_state)); |
234 ::RegCloseKey(key); | 216 ::RegCloseKey(key); |
(...skipping 241 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
476 sizeof(g_thunk_storage), | 458 sizeof(g_thunk_storage), |
477 PAGE_EXECUTE_READ, | 459 PAGE_EXECUTE_READ, |
478 &old_protect); | 460 &old_protect); |
479 | 461 |
480 RecordSuccessfulThunkSetup(&key); | 462 RecordSuccessfulThunkSetup(&key); |
481 | 463 |
482 return NT_SUCCESS(ret) && page_executable; | 464 return NT_SUCCESS(ret) && page_executable; |
483 } | 465 } |
484 | 466 |
485 } // namespace blacklist | 467 } // namespace blacklist |
OLD | NEW |