Finch Blacklist is now added to the Hardcoded blacklist.

chrome_elf/blacklist/blacklist.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome_elf/blacklist/blacklist.h"
 
 #include <assert.h>
 #include <string.h>
 
+#include <vector>
+
 #include "base/basictypes.h"
 #include "chrome_elf/blacklist/blacklist_interceptions.h"
 #include "chrome_elf/chrome_elf_constants.h"
 #include "chrome_elf/chrome_elf_util.h"
 #include "chrome_elf/thunk_getter.h"
 #include "sandbox/win/src/interception_internal.h"
 #include "sandbox/win/src/internal_types.h"
 #include "sandbox/win/src/service_resolver.h"
 
 // http://blogs.msdn.com/oldnewthing/archive/2004/10/25/247180.aspx
@@ skipping 315 matching lines @@
   g_blacklist_initialized = NT_SUCCESS(ret);
 
   // Mark the thunk storage as executable and prevent any future writes to it.
   page_executable = page_executable && VirtualProtect(&g_thunk_storage,
                                                       sizeof(g_thunk_storage),
                                                       PAGE_EXECUTE_READ,
                                                       &old_protect);
 
   RecordSuccessfulThunkSetup(&key);
 
+  AddDllsFromRegistryToBlacklist();
+
   return NT_SUCCESS(ret) && page_executable;
 }
 
+bool AddDllsFromRegistryToBlacklist() {
+  HKEY key = NULL;
+  LONG result = ::RegOpenKeyEx(HKEY_CURRENT_USER,
+                               kRegistryFinchListPath,
+                               0,
+                               KEY_QUERY_VALUE | KEY_SET_VALUE,
+                               &key);
+
+  if (result != ERROR_SUCCESS)
+    return false;
+
+  // We add dlls from the registry to the blacklist, and then clear registry
+  // in the next loop.
+  std::vector<std::wstring> dll_names;
+  for (int i = 0; result == ERROR_SUCCESS; ++i) {
+    DWORD name_len = MAX_PATH;
+    DWORD value_len = 0;
+    assert(name_len > 0);

[csharp, 2014/06/03 21:11:36]

This assert doesn't seem to useful, so you can probably remove it

[krstnmnlsn, 2014/06/04 16:55:44]

Done.

+    std::vector<wchar_t> name_buffer(name_len);

[csharp, 2014/06/03 21:11:36]

Since you are always initializing it to the same size, you can pull it out of
the loop

[krstnmnlsn, 2014/06/04 16:55:44]

Done.

+    result = ::RegEnumValue(
+        key, i, &name_buffer[0], &name_len, NULL, NULL, NULL, &value_len);
+    name_len = name_len + 1;
+    value_len = value_len + 1;
+    assert(value_len > 0);

[csharp, 2014/06/03 21:11:36]

I'm not sure if this assert is useful, I don't think value_len could ever be
less than 1 here.

[krstnmnlsn, 2014/06/04 16:55:44]

Yeah the only case I could think of involved someone coming along and changing
my DWORDS to signed ints ... 

+    std::vector<wchar_t> value_buffer(value_len);
+    result = ::RegEnumValue(key, i, &name_buffer[0], &name_len, NULL, NULL,
+                            reinterpret_cast<BYTE*>(&value_buffer[0]),
+                            &value_len);
+    value_buffer[value_len-1] = L'\0';
+
+    if (result == ERROR_SUCCESS) {
+      AddDllToBlacklist(&value_buffer[0]);
+      dll_names.push_back(std::wstring(name_buffer.begin(), name_buffer.end()));
+    }
+  }
+
+  for (size_t i = 0; i < dll_names.size(); ++i) {

[csharp, 2014/06/03 21:11:36]

Can RegDeleteKey replace this loop?

[krstnmnlsn, 2014/06/04 16:55:44]

It seems to work yes :)

+    ::RegDeleteValue(key, dll_names[i].c_str());
+  }
+
+  ::RegCloseKey(key);
+  return true;
+}
+
 }  // namespace blacklist