| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/process_mitigations.h" | 5 #include "sandbox/win/src/process_mitigations.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/win/windows_version.h" | 9 #include "base/win/windows_version.h" |
| 10 #include "sandbox/win/src/nt_internals.h" | 10 #include "sandbox/win/src/nt_internals.h" |
| (...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 72 reinterpret_cast<SetProcessDEPPolicyFunction>( | 72 reinterpret_cast<SetProcessDEPPolicyFunction>( |
| 73 ::GetProcAddress(module, "SetProcessDEPPolicy")); | 73 ::GetProcAddress(module, "SetProcessDEPPolicy")); |
| 74 if (set_process_dep_policy) { | 74 if (set_process_dep_policy) { |
| 75 if (!set_process_dep_policy(dep_flags) && | 75 if (!set_process_dep_policy(dep_flags) && |
| 76 ERROR_ACCESS_DENIED != ::GetLastError() && return_on_fail) { | 76 ERROR_ACCESS_DENIED != ::GetLastError() && return_on_fail) { |
| 77 return false; | 77 return false; |
| 78 } | 78 } |
| 79 } else { | 79 } else { |
| 80 // We're on XP sp2, so use the less standard approach. | 80 // We're on XP sp2, so use the less standard approach. |
| 81 // For reference: http://www.uninformed.org/?v=2&a=4 | 81 // For reference: http://www.uninformed.org/?v=2&a=4 |
| 82 const int MEM_EXECUTE_OPTION_ENABLE = 1; | 82 static const int MEM_EXECUTE_OPTION_ENABLE = 1; |
| 83 const int MEM_EXECUTE_OPTION_DISABLE = 2; | 83 static const int MEM_EXECUTE_OPTION_DISABLE = 2; |
| 84 const int MEM_EXECUTE_OPTION_ATL7_THUNK_EMULATION = 4; | 84 static const int MEM_EXECUTE_OPTION_ATL7_THUNK_EMULATION = 4; |
| 85 const int MEM_EXECUTE_OPTION_PERMANENT = 8; | 85 static const int MEM_EXECUTE_OPTION_PERMANENT = 8; |
| 86 | 86 |
| 87 NtSetInformationProcessFunction set_information_process = NULL; | 87 NtSetInformationProcessFunction set_information_process = NULL; |
| 88 ResolveNTFunctionPtr("NtSetInformationProcess", | 88 ResolveNTFunctionPtr("NtSetInformationProcess", |
| 89 &set_information_process); | 89 &set_information_process); |
| 90 if (!set_information_process) | 90 if (!set_information_process) |
| 91 return false; | 91 return false; |
| 92 ULONG dep = MEM_EXECUTE_OPTION_DISABLE | MEM_EXECUTE_OPTION_PERMANENT; | 92 ULONG dep = MEM_EXECUTE_OPTION_DISABLE | MEM_EXECUTE_OPTION_PERMANENT; |
| 93 if (!(dep_flags & PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION)) | 93 if (!(dep_flags & PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION)) |
| 94 dep |= MEM_EXECUTE_OPTION_ATL7_THUNK_EMULATION; | 94 dep |= MEM_EXECUTE_OPTION_ATL7_THUNK_EMULATION; |
| 95 if (!SUCCEEDED(set_information_process(GetCurrentProcess(), | 95 if (!SUCCEEDED(set_information_process(GetCurrentProcess(), |
| (...skipping 217 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 313 } | 313 } |
| 314 | 314 |
| 315 bool CanSetProcessMitigationsPreStartup(MitigationFlags flags) { | 315 bool CanSetProcessMitigationsPreStartup(MitigationFlags flags) { |
| 316 // These mitigations cannot be enabled prior to startup. | 316 // These mitigations cannot be enabled prior to startup. |
| 317 return !(flags & (MITIGATION_STRICT_HANDLE_CHECKS | | 317 return !(flags & (MITIGATION_STRICT_HANDLE_CHECKS | |
| 318 MITIGATION_DLL_SEARCH_ORDER)); | 318 MITIGATION_DLL_SEARCH_ORDER)); |
| 319 } | 319 } |
| 320 | 320 |
| 321 } // namespace sandbox | 321 } // namespace sandbox |
| 322 | 322 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 614813002:
Cleanup sandbox/ in advance of re-enabling some MSVC warnings. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master