Correct PROCESS_BASIC_INFORMATION for 64 bit Windows.

Based on the structure given at https://msdn.microsoft.com/en-us/library/windows/desktop/ms684280(v=vs.85).aspx. BUG=528450 Review URL: https://codereview.chromium.org/1328703003 Cr-Commit-Position: refs/heads/master@{#347842}
author: rickyz <rickyz@chromium.org> 2015-09-08 17:13:13 -0700
committer: Commit bot <commit-bot@chromium.org> 2015-09-09 00:13:48 +0000
commit: 45e371a2d7ce5048144695aa62d1e196ec19afd2 (patch)
tree: d1345ea372329fba1ed11b4f6bc0042d31a722d3
parent: 2d8d0e8d7c75b73649de2c79a2c4ddadf9585522 (diff)
download: chromium_src-45e371a2d7ce5048144695aa62d1e196ec19afd2.zip
chromium_src-45e371a2d7ce5048144695aa62d1e196ec19afd2.tar.gz
chromium_src-45e371a2d7ce5048144695aa62d1e196ec19afd2.tar.bz2
7 files changed, 81 insertions, 9 deletions
diff --git a/sandbox/win/BUILD.gn b/sandbox/win/BUILD.gn
index be60efb..b830534 100644
--- a/sandbox/win/BUILD.gn
+++ b/sandbox/win/BUILD.gn
@@ -246,6 +246,7 @@ test("sbox_unittests") {
     "src/policy_low_level_unittest.cc",
     "src/policy_opcodes_unittest.cc",
     "src/restricted_token_unittest.cc",
+    "src/sandbox_nt_util_unittest.cc",
     "src/service_resolver_unittest.cc",
     "src/sid_unittest.cc",
     "src/threadpool_unittest.cc",
diff --git a/sandbox/win/sandbox_win.gypi b/sandbox/win/sandbox_win.gypi
index b3b70bd..aeb8f03 100644
--- a/sandbox/win/sandbox_win.gypi
+++ b/sandbox/win/sandbox_win.gypi
@@ -276,6 +276,7 @@
         'src/policy_low_level_unittest.cc',
         'src/policy_opcodes_unittest.cc',
         'src/ipc_unittest.cc',
+        'src/sandbox_nt_util_unittest.cc',
         'src/threadpool_unittest.cc',
         'src/win_utils_unittest.cc',
         'tests/common/test_utils.cc',
diff --git a/sandbox/win/src/nt_internals.h b/sandbox/win/src/nt_internals.h
index 40b29c6..010f7cb 100644
--- a/sandbox/win/src/nt_internals.h
+++ b/sandbox/win/src/nt_internals.h
@@ -308,15 +308,27 @@ typedef enum _PROCESSINFOCLASS {
 } PROCESSINFOCLASS;
 
 typedef PVOID PPEB;
-typedef PVOID KPRIORITY;
+typedef LONG KPRIORITY;
 
 typedef struct _PROCESS_BASIC_INFORMATION {
-  NTSTATUS ExitStatus;
+  union {
+    NTSTATUS ExitStatus;
+    PVOID padding_for_x64_0;
+  };
   PPEB PebBaseAddress;
   KAFFINITY AffinityMask;
-  KPRIORITY BasePriority;
-  ULONG UniqueProcessId;
-  ULONG InheritedFromUniqueProcessId;
+  union {
+    KPRIORITY BasePriority;
+    PVOID padding_for_x64_1;
+  };
+  union {
+    DWORD UniqueProcessId;
+    PVOID padding_for_x64_2;
+  };
+  union {
+    DWORD InheritedFromUniqueProcessId;
+    PVOID padding_for_x64_3;
+  };
 } PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION;
 
 typedef NTSTATUS (WINAPI *NtQueryInformationProcessFunction)(
diff --git a/sandbox/win/src/policy_broker.cc b/sandbox/win/src/policy_broker.cc
index dc5e18c..c2d25bd 100644
--- a/sandbox/win/src/policy_broker.cc
+++ b/sandbox/win/src/policy_broker.cc
@@ -38,7 +38,7 @@ SANDBOX_INTERCEPT NtExports g_nt;
   if (NULL == g_nt.member) \
     return false
 
-bool SetupNtdllImports(TargetProcess *child) {
+bool InitGlobalNt() {
   HMODULE ntdll = ::GetModuleHandle(kNtdllName);
   base::win::PEImage ntdll_image(ntdll);
 
@@ -75,6 +75,14 @@ bool SetupNtdllImports(TargetProcess *child) {
   INIT_GLOBAL_RTL(wcslen);
   INIT_GLOBAL_RTL(memcpy);
 
+  return true;
+}
+
+bool SetupNtdllImports(TargetProcess *child) {
+  if (!InitGlobalNt()) {
+    return false;
+  }
+
 #ifndef NDEBUG
   // Verify that the structure is fully initialized.
   for (size_t i = 0; i < sizeof(g_nt)/sizeof(void*); i++)
diff --git a/sandbox/win/src/policy_broker.h b/sandbox/win/src/policy_broker.h
index 1c5cc26..15d3b21 100644
--- a/sandbox/win/src/policy_broker.h
+++ b/sandbox/win/src/policy_broker.h
@@ -11,6 +11,9 @@ namespace sandbox {
 
 class TargetProcess;
 
+// Initializes global imported symbols from ntdll.
+bool InitGlobalNt();
+
 // Sets up interceptions not controlled by explicit policies.
 bool SetupBasicInterceptions(InterceptionManager* manager);
 
diff --git a/sandbox/win/src/sandbox_nt_util.cc b/sandbox/win/src/sandbox_nt_util.cc
index 64fd1f1..4f2720f 100644
--- a/sandbox/win/src/sandbox_nt_util.cc
+++ b/sandbox/win/src/sandbox_nt_util.cc
@@ -337,7 +337,7 @@ NTSTATUS AllocAndCopyName(const OBJECT_ATTRIBUTES* in_object,
   return ret;
 }
 
-NTSTATUS GetProcessId(HANDLE process, ULONG *process_id) {
+NTSTATUS GetProcessId(HANDLE process, DWORD *process_id) {
   PROCESS_BASIC_INFORMATION proc_info;
   ULONG bytes_returned;
 
@@ -355,7 +355,7 @@ bool IsSameProcess(HANDLE process) {
   if (NtCurrentProcess == process)
     return true;
 
-  static ULONG s_process_id = 0;
+  static DWORD s_process_id = 0;
 
   if (!s_process_id) {
     NTSTATUS ret = GetProcessId(NtCurrentProcess, &s_process_id);
@@ -363,7 +363,7 @@ bool IsSameProcess(HANDLE process) {
       return false;
   }
 
-  ULONG process_id;
+  DWORD process_id;
   NTSTATUS ret = GetProcessId(process, &process_id);
   if (!NT_SUCCESS(ret))
     return false;
diff --git a/sandbox/win/src/sandbox_nt_util_unittest.cc b/sandbox/win/src/sandbox_nt_util_unittest.cc
new file mode 100644
index 0000000..0fbea66
--- /dev/null
+++ b/sandbox/win/src/sandbox_nt_util_unittest.cc
@@ -0,0 +1,47 @@
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <windows.h>
+
+#include "base/win/scoped_handle.h"
+#include "base/win/scoped_process_information.h"
+#include "sandbox/win/src/policy_broker.h"
+#include "sandbox/win/src/sandbox_nt_util.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+namespace sandbox {
+namespace {
+
+TEST(SandboxNtUtil, IsSameProcessPseudoHandle) {
+  InitGlobalNt();
+
+  HANDLE current_process_pseudo = GetCurrentProcess();
+  EXPECT_TRUE(IsSameProcess(current_process_pseudo));
+}
+
+TEST(SandboxNtUtil, IsSameProcessNonPseudoHandle) {
+  InitGlobalNt();
+
+  base::win::ScopedHandle current_process(
+      OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, GetCurrentProcessId()));
+  ASSERT_TRUE(current_process.IsValid());
+  EXPECT_TRUE(IsSameProcess(current_process.Get()));
+}
+
+TEST(SandboxNtUtil, IsSameProcessDifferentProcess) {
+  InitGlobalNt();
+
+  STARTUPINFO si = {sizeof(si)};
+  PROCESS_INFORMATION pi = {};
+  wchar_t notepad[] = L"notepad";
+  ASSERT_TRUE(CreateProcessW(nullptr, notepad, nullptr, nullptr, FALSE, 0,
+                             nullptr, nullptr, &si, &pi));
+  base::win::ScopedProcessInformation process_info(pi);
+
+  EXPECT_FALSE(IsSameProcess(process_info.process_handle()));
+  EXPECT_TRUE(TerminateProcess(process_info.process_handle(), 0));
+}
+
+}  // namespace
+}  // namespace sandbox
author	rickyz <rickyz@chromium.org>	2015-09-08 17:13:13 -0700
committer	Commit bot <commit-bot@chromium.org>	2015-09-09 00:13:48 +0000
commit	45e371a2d7ce5048144695aa62d1e196ec19afd2 (patch)
tree	d1345ea372329fba1ed11b4f6bc0042d31a722d3
parent	2d8d0e8d7c75b73649de2c79a2c4ddadf9585522 (diff)
download	chromium_src-45e371a2d7ce5048144695aa62d1e196ec19afd2.zip chromium_src-45e371a2d7ce5048144695aa62d1e196ec19afd2.tar.gz chromium_src-45e371a2d7ce5048144695aa62d1e196ec19afd2.tar.bz2