summaryrefslogtreecommitdiffstats
path: root/chrome
diff options
context:
space:
mode:
authorrvargas@google.com <rvargas@google.com@0039d316-1c4b-4281-b951-d872f2087c98>2008-11-05 18:53:45 +0000
committerrvargas@google.com <rvargas@google.com@0039d316-1c4b-4281-b951-d872f2087c98>2008-11-05 18:53:45 +0000
commit49a608d55bdb77491ea5dfe605a924fd1cb88d63 (patch)
treef26771f1ab49f8b10f8f40f5986f5e4a24d049ab /chrome
parent782e69aa855f6a42886831fa850b516420c3a5c3 (diff)
downloadchromium_src-49a608d55bdb77491ea5dfe605a924fd1cb88d63.zip
chromium_src-49a608d55bdb77491ea5dfe605a924fd1cb88d63.tar.gz
chromium_src-49a608d55bdb77491ea5dfe605a924fd1cb88d63.tar.bz2
New batch of dlls to evict from the render process (top crashers).
Review URL: http://codereview.chromium.org/9376 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@4797 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome')
-rw-r--r--chrome/browser/sandbox_policy.cc103
1 files changed, 60 insertions, 43 deletions
diff --git a/chrome/browser/sandbox_policy.cc b/chrome/browser/sandbox_policy.cc
index a87a890..5b9dcc8 100644
--- a/chrome/browser/sandbox_policy.cc
+++ b/chrome/browser/sandbox_policy.cc
@@ -16,6 +16,59 @@
#include "chrome/common/win_util.h"
#include "webkit/glue/plugins/plugin_list.h"
+namespace {
+
+// The DLLs listed here are known (or under strong suspicion) of causing crashes
+// when they are loaded in the renderer.
+const wchar_t* const kTroublesomeDlls[] = {
+ L"adialhk.dll", // Kaspersky Internet Security.
+ L"acpiz.dll", // Unknown.
+ L"avgrsstx.dll", // AVG 8.
+ L"btkeyind.dll", // Widcomm Bluetooth.
+ L"cmcsyshk.dll", // CMC Internet Security.
+ L"dockshellhook.dll", // Stardock Objectdock.
+ L"GoogleDesktopNetwork3.DLL", // Google Desktop Search v5.
+ L"fwhook.dll", // PC Tools Firewall Plus.
+ L"hookprocesscreation.dll", // Blumentals Program protector.
+ L"hookterminateapis.dll", // Blumentals and Cyberprinter.
+ L"hookprintapis.dll", // Cyberprinter.
+ L"imon.dll", // NOD32 Antivirus.
+ L"ioloHL.dll", // Iolo (System Mechanic).
+ L"kloehk.dll", // Kaspersky Internet Security.
+ L"lawenforcer.dll", // Spyware-Browser AntiSpyware (Spybro).
+ L"libdivx.dll", // DivX.
+ L"lvprcinj01.dll", // Logitech QuickCam.
+ L"madchook.dll", // Madshi (generic hooking library).
+ L"mdnsnsp.dll", // Bonjour.
+ L"moonsysh.dll", // Moon Secure Antivirus.
+ L"npdivx32.dll", // DivX.
+ L"npggNT.des", // GameGuard 2008.
+ L"npggNT.dll", // GameGuard (older).
+ L"oawatch.dll", // Online Armor.
+ L"pavhook.dll", // Panda Internet Security.
+ L"pavshook.dll", // Panda Antivirus.
+ L"pctavhook.dll", // PC Tools Antivirus.
+ L"prntrack.dll", // Pharos Systems.
+ L"radhslib.dll", // Radiant Naomi Internet Filter.
+ L"radprlib.dll", // Radiant Naomi Internet Filter.
+ L"rlhook.dll", // Trustware Bufferzone.
+ L"r3hook.dll", // Kaspersky Internet Security.
+ L"sahook.dll", // McAfee Site Advisor.
+ L"sbrige.dll", // Unknown.
+ L"sc2hook.dll", // Supercopier 2.
+ L"sguard.dll", // Iolo (System Guard).
+ L"smumhook.dll", // Spyware Doctor version 5 and above.
+ L"ssldivx.dll", // DivX.
+ L"syncor11.dll", // SynthCore Midi interface.
+ L"systools.dll", // Panda Antivirus.
+ L"tfwah.dll", // Threatfire (PC tools).
+ L"wblind.dll", // Stardock Object desktop.
+ L"wbhelp.dll", // Stardock Object desktop.
+ L"winstylerthemehelper.dll" // Tuneup utilities 2006.
+};
+
+} // namespace
+
PluginPolicyCategory GetPolicyCategoryForPlugin(
const std::wstring& dll,
const std::wstring& clsid,
@@ -27,7 +80,7 @@ PluginPolicyCategory GetPolicyCategoryForPlugin(
size_t pos = 0;
size_t end_item = 0;
- while(end_item != std::wstring::npos) {
+ while (end_item != std::wstring::npos) {
end_item = list.find(L",", pos);
size_t size_item = (end_item == std::wstring::npos) ? end_item :
@@ -92,51 +145,15 @@ bool AddKeyAndSubkeys(std::wstring key,
return true;
}
-// Eviction of injected DLLs is done by the sandbox. An interception on a
-// system call is added such that the blacklisted dll, don't fully load so
-// the injected module does not get a chance to execute any code.
-//
-// The DLLs listed here are known (or under strong suspicion) of
-// causing crashes when they are loaded in the render process.
+// Eviction of injected DLLs is done by the sandbox so that the injected module
+// does not get a chance to execute any code.
bool AddDllEvictionPolicy(sandbox::TargetPolicy* policy) {
- // List of dlls to unmap.
- const wchar_t* troublesome_dlls[] = {
- L"adialhk.dll", // Kaspersky Internet Security.
- L"avgrsstx.dll", // AVG 8.
- L"awatch.dll", // Online Armor.
- L"cmcsyshk.dll", // CMC Internet Security.
- L"dockshellhook.dll", // Stardock Objectdock.
- L"GoogleDesktopNetwork3.DLL", // Google Desktop Search v5.
- L"hookprocesscreation.dll", // Blumentals Program protector.
- L"hookterminateapis.dll", // Blumentals and Cyberprinter.
- L"hookprintapis.dll", // Cyberprinter.
- L"ioloHL.dll", // Iolo (System Mechanic)
- L"kloehk.dll", // Kaspersky Internet Security.
- L"lawenforcer.dll", // Spyware-Browser AntiSpyware (Spybro).
- L"madchook.dll", // Madshi (generic hooking library).
- L"moonsysh.dll", // Moon Secure Antivirus.
- L"npggNT.des", // GameGuard 2008.
- L"npggNT.dll", // GameGuard (older).
- L"pavhook.dll", // Panda Internet Security.
- L"pavshook.dll", // Panda Anti-virus.
- L"pctavhook.dll", // PC Tools Antivirus.
- L"rlhook.dll", // Trustware Bufferzone.
- L"r3hook.dll", // Kaspersky Internet Security.
- L"sc2hook.dll", // Supercopier 2.
- L"sguard.dll", // Iolo (System Guard).
- L"smumhook.dll", // Spyware Doctor version 5 and above.
- L"tfwah.dll", // Threatfire (PC tools).
- L"wblind.dll", // Stardock Object desktop.
- L"wbhelp.dll", // Stardock Object desktop.
- L"winstylerthemehelper.dll" // Tuneup utilities 2006.
- };
-
- for(int ix = 0; ix != arraysize(troublesome_dlls); ++ix) {
+ for (int ix = 0; ix != arraysize(kTroublesomeDlls); ++ix) {
// To minimize the list we only add an unload policy if the dll is also
// loaded in this process. All the injected dlls of interest do this.
- if (::GetModuleHandleW(troublesome_dlls[ix])) {
- LOG(WARNING) << "dll to unload found: " << troublesome_dlls[ix];
- if (sandbox::SBOX_ALL_OK != policy->AddDllToUnload(troublesome_dlls[ix]))
+ if (::GetModuleHandleW(kTroublesomeDlls[ix])) {
+ LOG(WARNING) << "dll to unload found: " << kTroublesomeDlls[ix];
+ if (sandbox::SBOX_ALL_OK != policy->AddDllToUnload(kTroublesomeDlls[ix]))
return false;
}
}