diff options
| author | cpu@google.com <cpu@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-10-09 23:32:23 +0000 |
|---|---|---|
| committer | cpu@google.com <cpu@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-10-09 23:32:23 +0000 |
| commit | dd59411d090b2a6a7327f5c0d527321bdccd5e84 (patch) | |
| tree | 32f92da3a75427e0ae8525ce7dcf0c6627764fca /chrome/browser/sandbox_policy.cc | |
| parent | 813ce4b8cc2190d4d2ec12e31efcc94a736c3e49 (diff) | |
| download | chromium_src-dd59411d090b2a6a7327f5c0d527321bdccd5e84.zip chromium_src-dd59411d090b2a6a7327f5c0d527321bdccd5e84.tar.gz chromium_src-dd59411d090b2a6a7327f5c0d527321bdccd5e84.tar.bz2 | |
Add a bunch of dlls to our dll eviction blacklist
Using the data collected by Marc-Antoine from 3800 dumps, I have selected the dlls that we
want to vote out of the island. This should reduce the number of crashes we suffer because
these dlls interact badly with the sandbox.
- This change only afects renderers
- We won't block it if the dll is not first found loaded in the browser process
- Testing this is going to be challenging.
Review URL: http://codereview.chromium.org/6376
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@3155 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/sandbox_policy.cc')
| -rw-r--r-- | chrome/browser/sandbox_policy.cc | 32 |
1 files changed, 30 insertions, 2 deletions
diff --git a/chrome/browser/sandbox_policy.cc b/chrome/browser/sandbox_policy.cc index 04c61c2..a87a890 100644 --- a/chrome/browser/sandbox_policy.cc +++ b/chrome/browser/sandbox_policy.cc @@ -95,12 +95,40 @@ bool AddKeyAndSubkeys(std::wstring key, // Eviction of injected DLLs is done by the sandbox. An interception on a // system call is added such that the blacklisted dll, don't fully load so // the injected module does not get a chance to execute any code. +// +// The DLLs listed here are known (or under strong suspicion) of +// causing crashes when they are loaded in the render process. bool AddDllEvictionPolicy(sandbox::TargetPolicy* policy) { // List of dlls to unmap. const wchar_t* troublesome_dlls[] = { - L"smumhook.dll", // Spyware Doctor version 5 and above. + L"adialhk.dll", // Kaspersky Internet Security. + L"avgrsstx.dll", // AVG 8. + L"awatch.dll", // Online Armor. + L"cmcsyshk.dll", // CMC Internet Security. + L"dockshellhook.dll", // Stardock Objectdock. L"GoogleDesktopNetwork3.DLL", // Google Desktop Search v5. - L"npggNT.des", // GameGuard version 2008. It is a packed dll. + L"hookprocesscreation.dll", // Blumentals Program protector. + L"hookterminateapis.dll", // Blumentals and Cyberprinter. + L"hookprintapis.dll", // Cyberprinter. + L"ioloHL.dll", // Iolo (System Mechanic) + L"kloehk.dll", // Kaspersky Internet Security. + L"lawenforcer.dll", // Spyware-Browser AntiSpyware (Spybro). + L"madchook.dll", // Madshi (generic hooking library). + L"moonsysh.dll", // Moon Secure Antivirus. + L"npggNT.des", // GameGuard 2008. + L"npggNT.dll", // GameGuard (older). + L"pavhook.dll", // Panda Internet Security. + L"pavshook.dll", // Panda Anti-virus. + L"pctavhook.dll", // PC Tools Antivirus. + L"rlhook.dll", // Trustware Bufferzone. + L"r3hook.dll", // Kaspersky Internet Security. + L"sc2hook.dll", // Supercopier 2. + L"sguard.dll", // Iolo (System Guard). + L"smumhook.dll", // Spyware Doctor version 5 and above. + L"tfwah.dll", // Threatfire (PC tools). + L"wblind.dll", // Stardock Object desktop. + L"wbhelp.dll", // Stardock Object desktop. + L"winstylerthemehelper.dll" // Tuneup utilities 2006. }; for(int ix = 0; ix != arraysize(troublesome_dlls); ++ix) { |