diff options
| author | csharp@chromium.org <csharp@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-01-03 21:35:52 +0000 |
|---|---|---|
| committer | csharp@chromium.org <csharp@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-01-03 21:35:52 +0000 |
| commit | 6029b6f08a9a9f0e939f25c182cfeb1fadf037c7 (patch) | |
| tree | c9839ef8c8599e634810d7b4ef338bf22803c4f7 /chrome_elf | |
| parent | 52e28da70fc4b01c6b17336592c5dae6bb658f80 (diff) | |
| download | chromium_src-6029b6f08a9a9f0e939f25c182cfeb1fadf037c7.zip chromium_src-6029b6f08a9a9f0e939f25c182cfeb1fadf037c7.tar.gz chromium_src-6029b6f08a9a9f0e939f25c182cfeb1fadf037c7.tar.bz2 | |
Fix Thunk Storage Allocation for blacklist.cc
Use VirtualProtect to set change the memory's protection to what is
needed, when it is need, instead of always being executable, writable
and readable.
BUG=330435
Review URL: https://codereview.chromium.org/119773003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@242929 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome_elf')
| -rw-r--r-- | chrome_elf/blacklist/blacklist.cc | 32 |
1 files changed, 19 insertions, 13 deletions
diff --git a/chrome_elf/blacklist/blacklist.cc b/chrome_elf/blacklist/blacklist.cc index 15f0acf..c7d1a5d 100644 --- a/chrome_elf/blacklist/blacklist.cc +++ b/chrome_elf/blacklist/blacklist.cc @@ -25,16 +25,10 @@ const wchar_t kRegistryBeaconPath[] = L"SOFTWARE\\Google\\Chrome\\BLBeacon"; } // namespace blacklist -// Allocate storage for thunks in a RWX page of this module to save on doing +// Allocate storage for thunks in a page of this module to save on doing // an extra allocation at run time. -#if !defined(_WIN64) && (_MSC_VER < 1700) -// 64-bit images or images generated with 2012 and above appear to not support -// writeable and executable pages. -// This would yield compile warning C4330. -// TODO(robertshield): Figure out how / if to do this on 2012. -#pragma section(".crthunk",read,write,execute) +#pragma section(".crthunk",read,execute) __declspec(allocate(".crthunk")) sandbox::ThunkData g_thunk_storage; -#endif namespace { @@ -250,11 +244,16 @@ bool Initialize(bool force) { } #endif -#if defined(_WIN64) || (_MSC_VER >= 1700) - BYTE* thunk_storage = new BYTE[sizeof(sandbox::ThunkData)]; -#else BYTE* thunk_storage = reinterpret_cast<BYTE*>(&g_thunk_storage); -#endif + + // Mark the thunk storage as readable and writeable, since we + // ready to write to it. + DWORD old_protect = 0; + if (!VirtualProtect(&g_thunk_storage, + sizeof(g_thunk_storage), + PAGE_EXECUTE_READWRITE, + &old_protect)) + return false; thunk->AllowLocalPatches(); @@ -269,7 +268,14 @@ bool Initialize(bool force) { NULL); delete thunk; - return NT_SUCCESS(ret); + + // Mark the thunk storage as executable and prevent any future writes to it. + BOOL page_executable = VirtualProtect(&g_thunk_storage, + sizeof(g_thunk_storage), + PAGE_EXECUTE_READ, + &old_protect); + + return NT_SUCCESS(ret) && page_executable; } } // namespace blacklist |