Add an interface to the sandbox to block dll from loading in the target process

- new interface is TargetPolicy::AddDllToUnload
- Added integration tests and unit tests.

Review URL: http://codereview.chromium.org/2413

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@2348 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 11 insertions, 4 deletions

diff --git a/sandbox/src/sandbox_policy_base.h b/sandbox/src/sandbox_policy_base.h
index 6f89f2a..4b81dbd 100644
--- a/sandbox/src/sandbox_policy_base.h
+++ b/sandbox/src/sandbox_policy_base.h
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#ifndef SANDBOX_SRC_SANDBOX_POLICY_BASE_H__
-#define SANDBOX_SRC_SANDBOX_POLICY_BASE_H__
+#ifndef SANDBOX_SRC_SANDBOX_POLICY_BASE_H_
+#define SANDBOX_SRC_SANDBOX_POLICY_BASE_H_
 
 #include <Windows.h>
 #include <list>
@@ -80,6 +80,11 @@ class PolicyBase : public Dispatcher, public TargetPolicy {
   virtual ResultCode AddRule(SubSystem subsystem, Semantics semantics,
                              const wchar_t* pattern);
 
+  virtual ResultCode AddDllToUnload(const wchar_t* dll_name) {
+    blacklisted_dlls_.push_back(std::wstring(dll_name));
+    return SBOX_ALL_OK;
+  }
+
   std::wstring GetDesktop() const {
     return desktop_;
   }
@@ -142,11 +147,13 @@ class PolicyBase : public Dispatcher, public TargetPolicy {
   bool file_system_init_;
   // Operation mode for the interceptions.
   bool relaxed_interceptions_;
+  // The list of dlls to unload in the target process.
+  std::vector<std::wstring> blacklisted_dlls_;
 
-  DISALLOW_EVIL_CONSTRUCTORS(PolicyBase);
+  DISALLOW_COPY_AND_ASSIGN(PolicyBase);
 };
 
 }  // namespace sandbox
 
-#endif  // SANDBOX_SRC_SANDBOX_POLICY_BASE_H__
+#endif  // SANDBOX_SRC_SANDBOX_POLICY_BASE_H_