Application Verifier hooks GetProcAddress and returns

pointer to functions in its own dll instead. When we
try to patch these functions, we fail because the
appverif dll is not loaded yet.

We need to get the real pointers to the NT functions.

Review URL: http://codereview.chromium.org/11412

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@5591 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 4 insertions, 1 deletions

diff --git a/sandbox/src/interception.cc b/sandbox/src/interception.cc
index 8ee56f4..621a27d 100644
--- a/sandbox/src/interception.cc
+++ b/sandbox/src/interception.cc
@@ -12,6 +12,7 @@
 #include "base/logging.h"
 #include "base/scoped_ptr.h"
 #include "sandbox/src/interception_internal.h"
+#include "sandbox/src/pe_image.h"
 #include "sandbox/src/sandbox.h"
 #include "sandbox/src/sandbox_utils.h"
 #include "sandbox/src/service_resolver.h"
@@ -400,9 +401,11 @@ bool InterceptionManager::PatchClientFunctions(DllInterceptionData* thunks,
   if (!ntdll_base)
     return false;
 
+  PEImage ntdll_image(ntdll_base);
+
   // Bypass purify's interception.
   wchar_t* loader_get = reinterpret_cast<wchar_t*>(
-                            ::GetProcAddress(ntdll_base, "LdrGetDllHandle"));
+                            ntdll_image.GetProcAddress("LdrGetDllHandle"));
   if (loader_get) {
     if (!GetModuleHandleHelper(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS |
                                    GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT,