| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/sandbox_policy.h" | 5 #include "chrome/browser/sandbox_policy.h" |
| 6 | 6 |
| 7 #include "base/file_util.h" | 7 #include "base/file_util.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/path_service.h" | 9 #include "base/path_service.h" |
| 10 #include "base/registry.h" | 10 #include "base/registry.h" |
| 11 #include "base/string_util.h" | 11 #include "base/string_util.h" |
| 12 #include "base/win_util.h" | 12 #include "base/win_util.h" |
| 13 #include "chrome/common/chrome_constants.h" | 13 #include "chrome/common/chrome_constants.h" |
| 14 #include "chrome/common/chrome_paths.h" | 14 #include "chrome/common/chrome_paths.h" |
| 15 #include "chrome/common/ipc_logging.h" | 15 #include "chrome/common/ipc_logging.h" |
| 16 #include "chrome/common/win_util.h" | 16 #include "chrome/common/win_util.h" |
| 17 #include "webkit/glue/plugins/plugin_list.h" | 17 #include "webkit/glue/plugins/plugin_list.h" |
| 18 | 18 |
| 19 namespace { |
| 20 |
| 21 // The DLLs listed here are known (or under strong suspicion) of causing crashes |
| 22 // when they are loaded in the renderer. |
| 23 const wchar_t* const kTroublesomeDlls[] = { |
| 24 L"adialhk.dll", // Kaspersky Internet Security. |
| 25 L"acpiz.dll", |
| 26 L"avgrsstx.dll", // AVG 8. |
| 27 L"btkeyind.dll", // Widcomm Bluetooth. |
| 28 L"cmcsyshk.dll", // CMC Internet Security. |
| 29 L"dockshellhook.dll", // Stardock Objectdock. |
| 30 L"GoogleDesktopNetwork3.DLL", // Google Desktop Search v5. |
| 31 L"fwhook.dll", // PC Tools Firewall Plus. |
| 32 L"hookprocesscreation.dll", // Blumentals Program protector. |
| 33 L"hookterminateapis.dll", // Blumentals and Cyberprinter. |
| 34 L"hookprintapis.dll", // Cyberprinter. |
| 35 L"imon.dll", // NOD32 Antivirus. |
| 36 L"ioloHL.dll", // Iolo (System Mechanic). |
| 37 L"kloehk.dll", // Kaspersky Internet Security. |
| 38 L"lawenforcer.dll", // Spyware-Browser AntiSpyware (Spybro). |
| 39 L"libdivx.dll", // DivX. |
| 40 L"lvprcinj01.dll", // Logitech QuickCam. |
| 41 L"madchook.dll", // Madshi (generic hooking library). |
| 42 L"mdnsnsp.dll", // Bonjour. |
| 43 L"moonsysh.dll", // Moon Secure Antivirus. |
| 44 L"npdivx32.dll", // DivX. |
| 45 L"npggNT.des", // GameGuard 2008. |
| 46 L"npggNT.dll", // GameGuard (older). |
| 47 L"oawatch.dll", // Online Armor. |
| 48 L"pavhook.dll", // Panda Internet Security. |
| 49 L"pavshook.dll", // Panda Antivirus. |
| 50 L"pctavhook.dll", // PC Tools Antivirus. |
| 51 L"prntrack.dll", // Pharos Systems. |
| 52 L"radhslib.dll", // Radiant Naomi Internet Filter. |
| 53 L"radprlib.dll", // Radiant Naomi Internet Filter. |
| 54 L"rlhook.dll", // Trustware Bufferzone. |
| 55 L"r3hook.dll", // Kaspersky Internet Security. |
| 56 L"sahook.dll", // McAfee Site Advisor. |
| 57 L"sbrige.dll", |
| 58 L"sc2hook.dll", // Supercopier 2. |
| 59 L"sguard.dll", // Iolo (System Guard). |
| 60 L"smumhook.dll", // Spyware Doctor version 5 and above. |
| 61 L"ssldivx.dll", // DivX. |
| 62 L"syncor11.dll", // SynthCore Midi interface. |
| 63 L"systools.dll", // Panda Antivirus. |
| 64 L"tfwah.dll", // Threatfire (PC tools). |
| 65 L"wblind.dll", // Stardock Object desktop. |
| 66 L"wbhelp.dll", // Stardock Object desktop. |
| 67 L"winstylerthemehelper.dll" // Tuneup utilities 2006. |
| 68 }; |
| 69 |
| 70 } // namespace |
| 71 |
| 19 PluginPolicyCategory GetPolicyCategoryForPlugin( | 72 PluginPolicyCategory GetPolicyCategoryForPlugin( |
| 20 const std::wstring& dll, | 73 const std::wstring& dll, |
| 21 const std::wstring& clsid, | 74 const std::wstring& clsid, |
| 22 const std::wstring& list) { | 75 const std::wstring& list) { |
| 23 std::wstring filename = file_util::GetFilenameFromPath(dll); | 76 std::wstring filename = file_util::GetFilenameFromPath(dll); |
| 24 std::wstring plugin_dll = StringToLowerASCII(filename); | 77 std::wstring plugin_dll = StringToLowerASCII(filename); |
| 25 std::wstring trusted_plugins = StringToLowerASCII(list); | 78 std::wstring trusted_plugins = StringToLowerASCII(list); |
| 26 std::wstring activex_clsid = StringToLowerASCII(clsid); | 79 std::wstring activex_clsid = StringToLowerASCII(clsid); |
| 27 | 80 |
| 28 size_t pos = 0; | 81 size_t pos = 0; |
| 29 size_t end_item = 0; | 82 size_t end_item = 0; |
| 30 while(end_item != std::wstring::npos) { | 83 while (end_item != std::wstring::npos) { |
| 31 end_item = list.find(L",", pos); | 84 end_item = list.find(L",", pos); |
| 32 | 85 |
| 33 size_t size_item = (end_item == std::wstring::npos) ? end_item : | 86 size_t size_item = (end_item == std::wstring::npos) ? end_item : |
| 34 end_item - pos; | 87 end_item - pos; |
| 35 std::wstring item = list.substr(pos, size_item); | 88 std::wstring item = list.substr(pos, size_item); |
| 36 if (!item.empty()) { | 89 if (!item.empty()) { |
| 37 if (item == activex_clsid || item == plugin_dll) | 90 if (item == activex_clsid || item == plugin_dll) |
| 38 return PLUGIN_GROUP_TRUSTED; | 91 return PLUGIN_GROUP_TRUSTED; |
| 39 } | 92 } |
| 40 | 93 |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 85 | 138 |
| 86 key += L"\\*"; | 139 key += L"\\*"; |
| 87 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_REGISTRY, access, | 140 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_REGISTRY, access, |
| 88 key.c_str()); | 141 key.c_str()); |
| 89 if (result != sandbox::SBOX_ALL_OK) | 142 if (result != sandbox::SBOX_ALL_OK) |
| 90 return false; | 143 return false; |
| 91 | 144 |
| 92 return true; | 145 return true; |
| 93 } | 146 } |
| 94 | 147 |
| 95 // Eviction of injected DLLs is done by the sandbox. An interception on a | 148 // Eviction of injected DLLs is done by the sandbox so that the injected module |
| 96 // system call is added such that the blacklisted dll, don't fully load so | 149 // does not get a chance to execute any code. |
| 97 // the injected module does not get a chance to execute any code. | |
| 98 // | |
| 99 // The DLLs listed here are known (or under strong suspicion) of | |
| 100 // causing crashes when they are loaded in the render process. | |
| 101 bool AddDllEvictionPolicy(sandbox::TargetPolicy* policy) { | 150 bool AddDllEvictionPolicy(sandbox::TargetPolicy* policy) { |
| 102 // List of dlls to unmap. | 151 for (int ix = 0; ix != arraysize(kTroublesomeDlls); ++ix) { |
| 103 const wchar_t* troublesome_dlls[] = { | |
| 104 L"adialhk.dll", // Kaspersky Internet Security. | |
| 105 L"avgrsstx.dll", // AVG 8. | |
| 106 L"awatch.dll", // Online Armor. | |
| 107 L"cmcsyshk.dll", // CMC Internet Security. | |
| 108 L"dockshellhook.dll", // Stardock Objectdock. | |
| 109 L"GoogleDesktopNetwork3.DLL", // Google Desktop Search v5. | |
| 110 L"hookprocesscreation.dll", // Blumentals Program protector. | |
| 111 L"hookterminateapis.dll", // Blumentals and Cyberprinter. | |
| 112 L"hookprintapis.dll", // Cyberprinter. | |
| 113 L"ioloHL.dll", // Iolo (System Mechanic) | |
| 114 L"kloehk.dll", // Kaspersky Internet Security. | |
| 115 L"lawenforcer.dll", // Spyware-Browser AntiSpyware (Spybro). | |
| 116 L"madchook.dll", // Madshi (generic hooking library). | |
| 117 L"moonsysh.dll", // Moon Secure Antivirus. | |
| 118 L"npggNT.des", // GameGuard 2008. | |
| 119 L"npggNT.dll", // GameGuard (older). | |
| 120 L"pavhook.dll", // Panda Internet Security. | |
| 121 L"pavshook.dll", // Panda Anti-virus. | |
| 122 L"pctavhook.dll", // PC Tools Antivirus. | |
| 123 L"rlhook.dll", // Trustware Bufferzone. | |
| 124 L"r3hook.dll", // Kaspersky Internet Security. | |
| 125 L"sc2hook.dll", // Supercopier 2. | |
| 126 L"sguard.dll", // Iolo (System Guard). | |
| 127 L"smumhook.dll", // Spyware Doctor version 5 and above. | |
| 128 L"tfwah.dll", // Threatfire (PC tools). | |
| 129 L"wblind.dll", // Stardock Object desktop. | |
| 130 L"wbhelp.dll", // Stardock Object desktop. | |
| 131 L"winstylerthemehelper.dll" // Tuneup utilities 2006. | |
| 132 }; | |
| 133 | |
| 134 for(int ix = 0; ix != arraysize(troublesome_dlls); ++ix) { | |
| 135 // To minimize the list we only add an unload policy if the dll is also | 152 // To minimize the list we only add an unload policy if the dll is also |
| 136 // loaded in this process. All the injected dlls of interest do this. | 153 // loaded in this process. All the injected dlls of interest do this. |
| 137 if (::GetModuleHandleW(troublesome_dlls[ix])) { | 154 if (::GetModuleHandleW(kTroublesomeDlls[ix])) { |
| 138 LOG(WARNING) << "dll to unload found: " << troublesome_dlls[ix]; | 155 LOG(WARNING) << "dll to unload found: " << kTroublesomeDlls[ix]; |
| 139 if (sandbox::SBOX_ALL_OK != policy->AddDllToUnload(troublesome_dlls[ix])) | 156 if (sandbox::SBOX_ALL_OK != policy->AddDllToUnload(kTroublesomeDlls[ix])) |
| 140 return false; | 157 return false; |
| 141 } | 158 } |
| 142 } | 159 } |
| 143 | 160 |
| 144 return true; | 161 return true; |
| 145 } | 162 } |
| 146 | 163 |
| 147 bool AddPolicyForGearsInRenderer(sandbox::TargetPolicy* policy) { | 164 bool AddPolicyForGearsInRenderer(sandbox::TargetPolicy* policy) { |
| 148 sandbox::ResultCode result; | 165 sandbox::ResultCode result; |
| 149 | 166 |
| (...skipping 152 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 302 return ApplyPolicyForTrustedPlugin(policy); | 319 return ApplyPolicyForTrustedPlugin(policy); |
| 303 case PLUGIN_GROUP_UNTRUSTED: | 320 case PLUGIN_GROUP_UNTRUSTED: |
| 304 return ApplyPolicyForUntrustedPlugin(policy); | 321 return ApplyPolicyForUntrustedPlugin(policy); |
| 305 default: | 322 default: |
| 306 NOTREACHED(); | 323 NOTREACHED(); |
| 307 break; | 324 break; |
| 308 } | 325 } |
| 309 | 326 |
| 310 return false; | 327 return false; |
| 311 } | 328 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9376:
New batch of dlls to evict from the render process (top crashers). (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/