Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3381)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome_elf/chrome_elf_main.cc

Issue 85403005: Cache ntdll exports in ELF (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Add types file Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome_elf/chrome_elf_main.h ('K') | « chrome_elf/chrome_elf_main.h ('k') | chrome_elf/chrome_elf_types.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome_elf/chrome_elf_main.cc
diff --git a/chrome_elf/chrome_elf_main.cc b/chrome_elf/chrome_elf_main.cc
index c6715ba3763b4acb450a946d0ccf0f6871641f2e..a94109e72c8272f6d9c6d1a68e5abd6928a8f79a 100644
--- a/chrome_elf/chrome_elf_main.cc
+++ b/chrome_elf/chrome_elf_main.cc
@@ -6,11 +6,53 @@
#include "chrome_elf/chrome_elf_main.h"
+FunctionLookupTable g_ntdll_lookup = FunctionLookupTable();
+
void InitChromeElf() {
// This method is a no-op which may be called to force a load-time dependency
// on chrome_elf.dll.
}
BOOL APIENTRY DllMain(HMODULE module, DWORD reason, LPVOID reserved) {
+if (reason == DLL_PROCESS_ATTACH)
robertshield 2013/11/28 13:57:46 nit: indent
Cait (Slow) 2013/12/03 03:06:14 Done.
+ Init();
return TRUE;
}
+
+void Init() {
+ HMODULE ntdll_handle = ::GetModuleHandle(L"ntdll.dll");
+
+ // To find the Export Address Table address, we start from the DOS header.
+ // The module handle is actually the base address where the header is.
+ IMAGE_DOS_HEADER* dos_header =
+ reinterpret_cast<IMAGE_DOS_HEADER*>(ntdll_handle);
+ // The e_lfanew is an offset from the DOS header to the NT header. It should
+ // never be 0.
+ IMAGE_NT_HEADERS* nt_headers = reinterpret_cast<IMAGE_NT_HEADERS*>(
+ ntdll_handle + dos_header->e_lfanew / sizeof(uintptr_t));
+ // For modules that have an import address table, its offset from the
+ // DOS header is stored in the second data directory's VirtualAddress.
+ if (!nt_headers->OptionalHeader.DataDirectory[0].VirtualAddress)
+ return;
+
+ PBYTE base_addr = (PBYTE) ntdll_handle;
+
+ IMAGE_DATA_DIRECTORY* exports_data_dir =
robertshield 2013/11/28 13:57:46 nit: extra space
Cait (Slow) 2013/12/03 03:06:14 Done.
+ &nt_headers->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT];
+
+ IMAGE_EXPORT_DIRECTORY* exports =
robertshield 2013/11/28 13:57:46 nit: extra space
Cait (Slow) 2013/12/03 03:06:14 Done.
+ (IMAGE_EXPORT_DIRECTORY*) (base_addr + exports_data_dir->VirtualAddress);
+
+ WORD* ordinals = (WORD*)(base_addr + exports->AddressOfNameOrdinals);
robertshield 2013/11/28 13:57:46 use C++ style casts (reinterpret_cast) here and be
Cait (Slow) 2013/12/03 03:06:14 Done.
+ DWORD* names = (DWORD*)(base_addr + exports->AddressOfNames);
+ DWORD* funcs = (DWORD*)(base_addr + exports->AddressOfFunctions);
+ int num_entries = exports->NumberOfNames;
+
+ for (int i = 0; i < num_entries; i++) {
+ char* name = (char*) (base_addr + names[i]);
+ WORD ord = ordinals[i];
+ DWORD func = funcs[ord];
+ FARPROC func_addr = (FARPROC) (func + base_addr);
robertshield 2013/11/28 13:57:46 nit: extra spaces after = and func, also use a C++
Cait (Slow) 2013/12/03 03:06:14 Done.
+ g_ntdll_lookup[std::string(name)] = func_addr;
+ }
+}
« chrome_elf/chrome_elf_main.h ('K') | « chrome_elf/chrome_elf_main.h ('k') | chrome_elf/chrome_elf_types.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698