OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome_elf/blacklist/blacklist.h" | 5 #include "chrome_elf/blacklist/blacklist.h" |
6 | 6 |
7 #include <assert.h> | 7 #include <assert.h> |
8 #include <string.h> | 8 #include <string.h> |
9 | 9 |
10 #include <vector> | |
11 | |
10 #include "base/basictypes.h" | 12 #include "base/basictypes.h" |
11 #include "chrome_elf/blacklist/blacklist_interceptions.h" | 13 #include "chrome_elf/blacklist/blacklist_interceptions.h" |
12 #include "chrome_elf/chrome_elf_constants.h" | 14 #include "chrome_elf/chrome_elf_constants.h" |
13 #include "chrome_elf/chrome_elf_util.h" | 15 #include "chrome_elf/chrome_elf_util.h" |
14 #include "chrome_elf/thunk_getter.h" | 16 #include "chrome_elf/thunk_getter.h" |
15 #include "sandbox/win/src/interception_internal.h" | 17 #include "sandbox/win/src/interception_internal.h" |
16 #include "sandbox/win/src/internal_types.h" | 18 #include "sandbox/win/src/internal_types.h" |
17 #include "sandbox/win/src/service_resolver.h" | 19 #include "sandbox/win/src/service_resolver.h" |
18 | 20 |
19 // http://blogs.msdn.com/oldnewthing/archive/2004/10/25/247180.aspx | 21 // http://blogs.msdn.com/oldnewthing/archive/2004/10/25/247180.aspx |
(...skipping 315 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
335 g_blacklist_initialized = NT_SUCCESS(ret); | 337 g_blacklist_initialized = NT_SUCCESS(ret); |
336 | 338 |
337 // Mark the thunk storage as executable and prevent any future writes to it. | 339 // Mark the thunk storage as executable and prevent any future writes to it. |
338 page_executable = page_executable && VirtualProtect(&g_thunk_storage, | 340 page_executable = page_executable && VirtualProtect(&g_thunk_storage, |
339 sizeof(g_thunk_storage), | 341 sizeof(g_thunk_storage), |
340 PAGE_EXECUTE_READ, | 342 PAGE_EXECUTE_READ, |
341 &old_protect); | 343 &old_protect); |
342 | 344 |
343 RecordSuccessfulThunkSetup(&key); | 345 RecordSuccessfulThunkSetup(&key); |
344 | 346 |
347 AddDllsFromRegistryToBlacklist(); | |
348 | |
345 return NT_SUCCESS(ret) && page_executable; | 349 return NT_SUCCESS(ret) && page_executable; |
346 } | 350 } |
347 | 351 |
352 bool AddDllsFromRegistryToBlacklist() { | |
353 HKEY key = NULL; | |
354 LONG result = ::RegOpenKeyEx(HKEY_CURRENT_USER, | |
355 kRegistryFinchListPath, | |
356 0, | |
357 KEY_QUERY_VALUE | KEY_SET_VALUE, | |
358 &key); | |
359 | |
360 if (result != ERROR_SUCCESS) | |
361 return false; | |
362 | |
363 int num_dlls = 0; | |
364 int longest_name = 0; | |
365 ::RegQueryInfoKey(key, NULL, NULL, NULL, NULL, NULL, NULL, | |
366 reinterpret_cast<DWORD*>(&num_dlls), | |
367 reinterpret_cast<DWORD*>(&longest_name), | |
368 NULL, NULL, NULL); | |
369 | |
370 // Collect dlls so that we can delete them after the enumeration. | |
371 std::vector<std::wstring> dll_names; | |
372 for (int i = 0; i < num_dlls; ++i) { | |
373 DWORD name_len = longest_name + 1; | |
374 DWORD value_len = 0; | |
375 assert(name_len > 0); | |
376 std::vector<wchar_t> name_buffer(name_len); | |
377 result = ::RegEnumValue( | |
378 key, i, &name_buffer[0], &name_len, NULL, NULL, NULL, &value_len); | |
379 name_len = name_len + 1; | |
380 value_len = value_len + 1; | |
381 assert(value_len > 0); | |
382 std::vector<wchar_t> value_buffer(value_len); | |
383 result = ::RegEnumValue(key, i, &name_buffer[0], &name_len, NULL, NULL, | |
robertshield
2014/06/03 03:03:00
name_len was increased by 1 on line 379, but I don
| |
384 reinterpret_cast<BYTE*>(&value_buffer[0]), | |
385 &value_len); | |
386 value_buffer[value_len] = L'\0'; | |
robertshield
2014/06/03 03:03:00
if value_buffer.size() is value_len, then the last
krstnmnlsn
2014/06/03 19:30:16
Done.
| |
387 | |
388 if (result == ERROR_SUCCESS) { | |
389 AddDllToBlacklist(&value_buffer[0]); | |
390 } | |
391 | |
392 std::wstring name_str(name_buffer.begin(), name_buffer.end()); | |
393 dll_names.push_back(name_str); | |
robertshield
2014/06/03 03:03:00
nit:
dll_names.push_back(std::wstring(name_buffer.
krstnmnlsn
2014/06/03 19:30:16
Done.
| |
394 } | |
395 | |
396 for (int i = 0; i < num_dlls; ++i) { | |
397 ::RegDeleteValue(key, dll_names[i].c_str()); | |
398 } | |
399 | |
400 ::RegCloseKey(key); | |
401 return true; | |
402 } | |
403 | |
348 } // namespace blacklist | 404 } // namespace blacklist |
OLD | NEW |