| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/src/registry_dispatcher.h" | 5 #include "sandbox/src/registry_dispatcher.h" |
| 6 | 6 |
| 7 #include "base/scoped_handle_win.h" | 7 #include "base/scoped_handle_win.h" |
| 8 #include "base/win_util.h" | 8 #include "base/win_util.h" |
| 9 #include "sandbox/src/crosscall_client.h" | 9 #include "sandbox/src/crosscall_client.h" |
| 10 #include "sandbox/src/interception.h" | 10 #include "sandbox/src/interception.h" |
| (...skipping 24 matching lines...) Expand all Loading... |
| 35 return true; | 35 return true; |
| 36 } | 36 } |
| 37 | 37 |
| 38 } | 38 } |
| 39 | 39 |
| 40 namespace sandbox { | 40 namespace sandbox { |
| 41 | 41 |
| 42 RegistryDispatcher::RegistryDispatcher(PolicyBase* policy_base) | 42 RegistryDispatcher::RegistryDispatcher(PolicyBase* policy_base) |
| 43 : policy_base_(policy_base) { | 43 : policy_base_(policy_base) { |
| 44 static const IPCCall create_params = { | 44 static const IPCCall create_params = { |
| 45 {IPC_NTCREATEKEY_TAG, WCHAR_TYPE, ULONG_TYPE, ULONG_TYPE, ULONG_TYPE, | 45 {IPC_NTCREATEKEY_TAG, WCHAR_TYPE, ULONG_TYPE, VOIDPTR_TYPE, ULONG_TYPE, |
| 46 ULONG_TYPE, ULONG_TYPE}, | 46 ULONG_TYPE, ULONG_TYPE}, |
| 47 reinterpret_cast<CallbackGeneric>(&RegistryDispatcher::NtCreateKey) | 47 reinterpret_cast<CallbackGeneric>(&RegistryDispatcher::NtCreateKey) |
| 48 }; | 48 }; |
| 49 | 49 |
| 50 static const IPCCall open_params = { | 50 static const IPCCall open_params = { |
| 51 {IPC_NTOPENKEY_TAG, WCHAR_TYPE, ULONG_TYPE, ULONG_TYPE, ULONG_TYPE}, | 51 {IPC_NTOPENKEY_TAG, WCHAR_TYPE, ULONG_TYPE, VOIDPTR_TYPE, ULONG_TYPE}, |
| 52 reinterpret_cast<CallbackGeneric>(&RegistryDispatcher::NtOpenKey) | 52 reinterpret_cast<CallbackGeneric>(&RegistryDispatcher::NtOpenKey) |
| 53 }; | 53 }; |
| 54 | 54 |
| 55 ipc_calls_.push_back(create_params); | 55 ipc_calls_.push_back(create_params); |
| 56 ipc_calls_.push_back(open_params); | 56 ipc_calls_.push_back(open_params); |
| 57 } | 57 } |
| 58 | 58 |
| 59 bool RegistryDispatcher::SetupService(InterceptionManager* manager, | 59 bool RegistryDispatcher::SetupService(InterceptionManager* manager, |
| 60 int service) { | 60 int service) { |
| 61 if (IPC_NTCREATEKEY_TAG == service) | 61 if (IPC_NTCREATEKEY_TAG == service) |
| 62 return INTERCEPT_NT(manager, NtCreateKey, CREATE_KEY_ID, 32); | 62 return INTERCEPT_NT(manager, NtCreateKey, CREATE_KEY_ID, 32); |
| 63 | 63 |
| 64 if (IPC_NTOPENKEY_TAG == service) { | 64 if (IPC_NTOPENKEY_TAG == service) { |
| 65 bool result = INTERCEPT_NT(manager, NtOpenKey, OPEN_KEY_ID, 16); | 65 bool result = INTERCEPT_NT(manager, NtOpenKey, OPEN_KEY_ID, 16); |
| 66 if (win_util::GetWinVersion() >= win_util::WINVERSION_WIN7) | 66 if (win_util::GetWinVersion() >= win_util::WINVERSION_WIN7) |
| 67 result &= INTERCEPT_NT(manager, NtOpenKeyEx, OPEN_KEY_EX_ID, 20); | 67 result &= INTERCEPT_NT(manager, NtOpenKeyEx, OPEN_KEY_EX_ID, 20); |
| 68 return result; | 68 return result; |
| 69 } | 69 } |
| 70 | 70 |
| 71 return false; | 71 return false; |
| 72 } | 72 } |
| 73 | 73 |
| 74 bool RegistryDispatcher::NtCreateKey( | 74 bool RegistryDispatcher::NtCreateKey( |
| 75 IPCInfo* ipc, std::wstring* name, DWORD attributes, DWORD root_directory, | 75 IPCInfo* ipc, std::wstring* name, DWORD attributes, HANDLE root, |
| 76 DWORD desired_access, DWORD title_index, DWORD create_options) { | 76 DWORD desired_access, DWORD title_index, DWORD create_options) { |
| 77 ScopedHandle root_handle; | 77 ScopedHandle root_handle; |
| 78 std::wstring real_path = *name; | 78 std::wstring real_path = *name; |
| 79 | 79 |
| 80 HANDLE root = reinterpret_cast<HANDLE>( | |
| 81 static_cast<ULONG_PTR>(root_directory)); | |
| 82 | |
| 83 // If there is a root directory, we need to duplicate the handle to make | 80 // If there is a root directory, we need to duplicate the handle to make |
| 84 // it valid in this process. | 81 // it valid in this process. |
| 85 if (root) { | 82 if (root) { |
| 86 if (!::DuplicateHandle(ipc->client_info->process, root, | 83 if (!::DuplicateHandle(ipc->client_info->process, root, |
| 87 ::GetCurrentProcess(), &root, 0, FALSE, | 84 ::GetCurrentProcess(), &root, 0, FALSE, |
| 88 DUPLICATE_SAME_ACCESS)) | 85 DUPLICATE_SAME_ACCESS)) |
| 89 return false; | 86 return false; |
| 90 | 87 |
| 91 root_handle.Set(root); | 88 root_handle.Set(root); |
| 92 } | 89 } |
| (...skipping 21 matching lines...) Expand all Loading... |
| 114 } | 111 } |
| 115 | 112 |
| 116 // Return operation status on the IPC. | 113 // Return operation status on the IPC. |
| 117 ipc->return_info.extended[0].unsigned_int = disposition; | 114 ipc->return_info.extended[0].unsigned_int = disposition; |
| 118 ipc->return_info.nt_status = nt_status; | 115 ipc->return_info.nt_status = nt_status; |
| 119 ipc->return_info.handle = handle; | 116 ipc->return_info.handle = handle; |
| 120 return true; | 117 return true; |
| 121 } | 118 } |
| 122 | 119 |
| 123 bool RegistryDispatcher::NtOpenKey(IPCInfo* ipc, std::wstring* name, | 120 bool RegistryDispatcher::NtOpenKey(IPCInfo* ipc, std::wstring* name, |
| 124 DWORD attributes, DWORD root_directory, | 121 DWORD attributes, HANDLE root, |
| 125 DWORD desired_access) { | 122 DWORD desired_access) { |
| 126 ScopedHandle root_handle; | 123 ScopedHandle root_handle; |
| 127 std::wstring real_path = *name; | 124 std::wstring real_path = *name; |
| 128 | 125 |
| 129 HANDLE root = reinterpret_cast<HANDLE>( | |
| 130 static_cast<ULONG_PTR>(root_directory)); | |
| 131 | |
| 132 // If there is a root directory, we need to duplicate the handle to make | 126 // If there is a root directory, we need to duplicate the handle to make |
| 133 // it valid in this process. | 127 // it valid in this process. |
| 134 if (root) { | 128 if (root) { |
| 135 if (!::DuplicateHandle(ipc->client_info->process, root, | 129 if (!::DuplicateHandle(ipc->client_info->process, root, |
| 136 ::GetCurrentProcess(), &root, 0, FALSE, | 130 ::GetCurrentProcess(), &root, 0, FALSE, |
| 137 DUPLICATE_SAME_ACCESS)) | 131 DUPLICATE_SAME_ACCESS)) |
| 138 return false; | 132 return false; |
| 139 root_handle.Set(root); | 133 root_handle.Set(root); |
| 140 } | 134 } |
| 141 | 135 |
| (...skipping 16 matching lines...) Expand all Loading... |
| 158 return true; | 152 return true; |
| 159 } | 153 } |
| 160 | 154 |
| 161 // Return operation status on the IPC. | 155 // Return operation status on the IPC. |
| 162 ipc->return_info.nt_status = nt_status; | 156 ipc->return_info.nt_status = nt_status; |
| 163 ipc->return_info.handle = handle; | 157 ipc->return_info.handle = handle; |
| 164 return true; | 158 return true; |
| 165 } | 159 } |
| 166 | 160 |
| 167 } // namespace sandbox | 161 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 873006:
Re-land second sandbox round of changes... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/