OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome_elf/blacklist/blacklist.h" | 5 #include "chrome_elf/blacklist/blacklist.h" |
6 | 6 |
7 #include <assert.h> | 7 #include <assert.h> |
8 #include <string.h> | 8 #include <string.h> |
9 | 9 |
10 #include <vector> | |
11 | |
10 #include "base/basictypes.h" | 12 #include "base/basictypes.h" |
11 #include "chrome_elf/blacklist/blacklist_interceptions.h" | 13 #include "chrome_elf/blacklist/blacklist_interceptions.h" |
12 #include "chrome_elf/chrome_elf_constants.h" | 14 #include "chrome_elf/chrome_elf_constants.h" |
13 #include "chrome_elf/chrome_elf_util.h" | 15 #include "chrome_elf/chrome_elf_util.h" |
14 #include "chrome_elf/thunk_getter.h" | 16 #include "chrome_elf/thunk_getter.h" |
15 #include "sandbox/win/src/interception_internal.h" | 17 #include "sandbox/win/src/interception_internal.h" |
16 #include "sandbox/win/src/internal_types.h" | 18 #include "sandbox/win/src/internal_types.h" |
17 #include "sandbox/win/src/service_resolver.h" | 19 #include "sandbox/win/src/service_resolver.h" |
18 | 20 |
19 // http://blogs.msdn.com/oldnewthing/archive/2004/10/25/247180.aspx | 21 // http://blogs.msdn.com/oldnewthing/archive/2004/10/25/247180.aspx |
(...skipping 315 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
335 g_blacklist_initialized = NT_SUCCESS(ret); | 337 g_blacklist_initialized = NT_SUCCESS(ret); |
336 | 338 |
337 // Mark the thunk storage as executable and prevent any future writes to it. | 339 // Mark the thunk storage as executable and prevent any future writes to it. |
338 page_executable = page_executable && VirtualProtect(&g_thunk_storage, | 340 page_executable = page_executable && VirtualProtect(&g_thunk_storage, |
339 sizeof(g_thunk_storage), | 341 sizeof(g_thunk_storage), |
340 PAGE_EXECUTE_READ, | 342 PAGE_EXECUTE_READ, |
341 &old_protect); | 343 &old_protect); |
342 | 344 |
343 RecordSuccessfulThunkSetup(&key); | 345 RecordSuccessfulThunkSetup(&key); |
344 | 346 |
347 AddDllsFromRegistryToBlacklist(); | |
348 | |
345 return NT_SUCCESS(ret) && page_executable; | 349 return NT_SUCCESS(ret) && page_executable; |
346 } | 350 } |
347 | 351 |
352 bool AddDllsFromRegistryToBlacklist() { | |
353 HKEY key = NULL; | |
354 LONG result = ::RegOpenKeyEx(HKEY_CURRENT_USER, | |
355 kRegistryFinchListPath, | |
356 0, | |
357 KEY_QUERY_VALUE | KEY_SET_VALUE, | |
358 &key); | |
359 | |
360 if (result != ERROR_SUCCESS) | |
361 return false; | |
362 | |
363 int num_dlls; | |
robertshield
2014/05/30 21:07:08
= 0
krstnmnlsn
2014/06/02 14:00:37
Done.
| |
364 int longest_name; | |
robertshield
2014/05/30 21:07:08
= 0
krstnmnlsn
2014/06/02 14:00:37
Done.
| |
365 ::RegQueryInfoKey(key, | |
366 NULL, NULL, NULL, NULL, NULL, NULL, | |
367 reinterpret_cast<DWORD*>(&num_dlls), | |
368 reinterpret_cast<DWORD*>(&longest_name), | |
369 NULL, NULL, NULL); | |
370 | |
371 // Collect dlls so that we can delete them after the enumeration. | |
372 std::vector<wchar_t*> dll_names(num_dlls); | |
robertshield
2014/05/30 21:07:08
using a std::vector<std::wstring> would save a bun
krstnmnlsn
2014/06/02 14:00:37
Done.
| |
373 | |
374 for (int i = 0; i < num_dlls; ++i) { | |
375 DWORD name_len(longest_name + 1); | |
robertshield
2014/05/30 21:07:08
prefer = syntax for POD types
krstnmnlsn
2014/06/02 14:00:37
Done.
| |
376 DWORD value_len; | |
robertshield
2014/05/30 21:07:08
= 0
krstnmnlsn
2014/06/02 14:00:37
Done.
| |
377 wchar_t* name_buffer = new wchar_t[name_len]; | |
robertshield
2014/05/30 21:07:08
it looks like name_buffer is leaked on every itera
krstnmnlsn
2014/06/02 14:00:37
In my defense, I don't actually think this was lea
robertshield
2014/06/03 03:03:00
Indeed, not leaking! Sorry for misreading :( still
| |
378 result = ::RegEnumValue( | |
379 key, i, name_buffer, &name_len, NULL, NULL, NULL, &value_len); | |
380 name_len = name_len + 1; | |
381 wchar_t* value_buffer = new wchar_t[value_len + 1]; | |
382 result = ::RegEnumValue(key, i, name_buffer, &name_len, NULL, NULL, | |
383 reinterpret_cast<BYTE*>(value_buffer), &value_len); | |
384 value_buffer[value_len] = L'\0'; | |
385 | |
386 if (result == ERROR_SUCCESS) { | |
387 AddDllToBlacklist(value_buffer); | |
388 } | |
389 | |
390 dll_names[i] = name_buffer; | |
robertshield
2014/05/30 21:07:08
use push_back() instead
krstnmnlsn
2014/06/02 14:00:37
Done.
| |
391 | |
392 delete[] value_buffer; | |
393 } | |
394 | |
395 for (int i = 0; i < num_dlls; ++i) { | |
396 ::RegDeleteValue(key, dll_names[i]); | |
robertshield
2014/05/30 21:07:08
Why do we delete the values from the registry here
krstnmnlsn
2014/06/02 14:00:37
I thought that deleting values from the registry w
robertshield
2014/06/03 03:03:00
I actually meant, why do we delete them at all? Do
| |
397 delete[] dll_names[i]; | |
398 } | |
399 | |
400 ::RegCloseKey(key); | |
401 return true; | |
402 } | |
403 | |
348 } // namespace blacklist | 404 } // namespace blacklist |
OLD | NEW |