Use the new dll injection blocking api of the sandbox to block

the loading of dlls that cause renderer crashes.
- Remove the old FreeLibrary() method

Review URL: http://codereview.chromium.org/2458

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@2441 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 24 insertions, 0 deletions

diff --git a/chrome/browser/sandbox_policy.cc b/chrome/browser/sandbox_policy.cc
index 1782823..0969bd3 100644
--- a/chrome/browser/sandbox_policy.cc
+++ b/chrome/browser/sandbox_policy.cc
@@ -92,6 +92,30 @@ bool AddKeyAndSubkeys(std::wstring key,
   return true;
 }
 
+// Eviction of injected DLLs is done by the sandbox. An interception on a
+// system call is added such that the blacklisted dll, don't fully load so
+// the injected module does not get a chance to execute any code.
+bool AddDllEvictionPolicy(sandbox::TargetPolicy* policy) {
+  // List of dlls to unmap.
+  const wchar_t* troublesome_dlls[] = {
+      L"smumhook.dll",  // Spyware Doctor version 5 and above.
+      L"GoogleDesktopNetwork3.DLL",  // Google Desktop Search v5.
+      L"npggNT.des",   // GameGuard version 2008. It is a packed dll.
+  };
+
+  for(int ix = 0; ix != arraysize(troublesome_dlls); ++ix) {
+    // To minimize the list we only add an unload policy if the dll is also
+    // loaded in this process. All the injected dlls of interest do this.
+    if (::GetModuleHandleW(troublesome_dlls[ix])) {
+      LOG(WARNING) << "dll to unload found: " << troublesome_dlls[ix];
+      if (sandbox::SBOX_ALL_OK != policy->AddDllToUnload(troublesome_dlls[ix]))
+        return false;
+    }
+  }
+
+  return true;
+}
+
 bool AddGenericPolicy(sandbox::TargetPolicy* policy) {
   sandbox::ResultCode result;