Finch Blacklist is now added to the Hardcoded blacklist.

chrome_elf/blacklist/blacklist.cc

Index: chrome_elf/blacklist/blacklist.cc
diff --git a/chrome_elf/blacklist/blacklist.cc b/chrome_elf/blacklist/blacklist.cc
index a168c9a044c4ff0a5a54efa57eeeb6556ddcab3b..9383058c91b71eaca14ad64d5992f1d8fd42e96c 100644
--- a/chrome_elf/blacklist/blacklist.cc
+++ b/chrome_elf/blacklist/blacklist.cc
@@ -7,6 +7,8 @@
 #include <assert.h>
 #include <string.h>
 
+#include <vector>
+
 #include "base/basictypes.h"
 #include "chrome_elf/blacklist/blacklist_interceptions.h"
 #include "chrome_elf/chrome_elf_constants.h"
@@ -342,7 +344,53 @@ bool Initialize(bool force) {
 
   RecordSuccessfulThunkSetup(&key);
 
+  AddDllsFromRegistryToBlacklist();
+
   return NT_SUCCESS(ret) && page_executable;
 }
 
+bool AddDllsFromRegistryToBlacklist() {
+  HKEY key = NULL;
+  LONG result = ::RegOpenKeyEx(HKEY_CURRENT_USER,
+                               kRegistryFinchListPath,
+                               0,
+                               KEY_QUERY_VALUE | KEY_SET_VALUE,
+                               &key);
+
+  if (result != ERROR_SUCCESS)
+    return false;
+
+  // We add dlls from the registry to the blacklist, and then clear registry
+  // in the next loop.
+  std::vector<std::wstring> dll_names;
+  for (int i = 0; result == ERROR_SUCCESS; ++i) {
+    DWORD name_len = MAX_PATH;
+    DWORD value_len = 0;
+    assert(name_len > 0);

[csharp, 2014/06/03 21:11:36]

This assert doesn't seem to useful, so you can probably remove it

[krstnmnlsn, 2014/06/04 16:55:44]

Done.

+    std::vector<wchar_t> name_buffer(name_len);

[csharp, 2014/06/03 21:11:36]

Since you are always initializing it to the same size, you can pull it out of
the loop

[krstnmnlsn, 2014/06/04 16:55:44]

Done.

+    result = ::RegEnumValue(
+        key, i, &name_buffer[0], &name_len, NULL, NULL, NULL, &value_len);
+    name_len = name_len + 1;
+    value_len = value_len + 1;
+    assert(value_len > 0);

[csharp, 2014/06/03 21:11:36]

I'm not sure if this assert is useful, I don't think value_len could ever be
less than 1 here.

[krstnmnlsn, 2014/06/04 16:55:44]

Yeah the only case I could think of involved someone coming along and changing
my DWORDS to signed ints ... 

+    std::vector<wchar_t> value_buffer(value_len);
+    result = ::RegEnumValue(key, i, &name_buffer[0], &name_len, NULL, NULL,
+                            reinterpret_cast<BYTE*>(&value_buffer[0]),
+                            &value_len);
+    value_buffer[value_len-1] = L'\0';
+
+    if (result == ERROR_SUCCESS) {
+      AddDllToBlacklist(&value_buffer[0]);
+      dll_names.push_back(std::wstring(name_buffer.begin(), name_buffer.end()));
+    }
+  }
+
+  for (size_t i = 0; i < dll_names.size(); ++i) {

[csharp, 2014/06/03 21:11:36]

Can RegDeleteKey replace this loop?

[krstnmnlsn, 2014/06/04 16:55:44]

It seems to work yes :)

+    ::RegDeleteValue(key, dll_names[i].c_str());
+  }
+
+  ::RegCloseKey(key);
+  return true;
+}
+
 }  // namespace blacklist