diff options
| author | maruel@chromium.org <maruel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-11-04 18:18:55 +0000 |
|---|---|---|
| committer | maruel@chromium.org <maruel@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-11-04 18:18:55 +0000 |
| commit | 35ef51a9b6944dd9c3852f2c78f6be0548fe6e5e (patch) | |
| tree | c818bb2e3b792e8836f2949583c7000e4c0039da /sandbox/src | |
| parent | 1fcffab820c3a870d0c1b2baa71184984c2c7cc2 (diff) | |
| download | chromium_src-35ef51a9b6944dd9c3852f2c78f6be0548fe6e5e.zip chromium_src-35ef51a9b6944dd9c3852f2c78f6be0548fe6e5e.tar.gz chromium_src-35ef51a9b6944dd9c3852f2c78f6be0548fe6e5e.tar.bz2 | |
Enforces strong DEP all the time. Use the /NXCOMPAT linker flag on chrome.exe so there's no need to call anything on Vista and later to activate it.
Review URL: http://codereview.chromium.org/9050
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@4609 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox/src')
| -rw-r--r-- | sandbox/src/dep.cc | 34 |
1 files changed, 1 insertions, 33 deletions
diff --git a/sandbox/src/dep.cc b/sandbox/src/dep.cc index 2c771cc..423205b 100644 --- a/sandbox/src/dep.cc +++ b/sandbox/src/dep.cc @@ -23,8 +23,6 @@ namespace { // SetProcessDEPPolicy is declared in the Windows 2008 SDK. typedef BOOL (WINAPI *FnSetProcessDEPPolicy)(DWORD dwFlags); -// Completely undocumented from Microsoft. You can find this information by -// disassembling Vista's SP1 kernel32.dll with your favorite disassembler. enum PROCESS_INFORMATION_CLASS { ProcessExecuteFlags = 0x22, }; @@ -49,38 +47,8 @@ bool SetCurrentProcessDEP(DepEnforcement enforcement) { // DEP is always on in x64. return enforcement != DEP_DISABLED; #endif - - // Try documented ways first. - // Only available on Vista SP1 and Windows 2008. - // http://msdn.microsoft.com/en-us/library/bb736299.aspx - FnSetProcessDEPPolicy SetProcDEP = - reinterpret_cast<FnSetProcessDEPPolicy>( - GetProcAddress(GetModuleHandle(L"kernel32.dll"), - "SetProcessDEPPolicy")); - - if (SetProcDEP) { - ULONG dep_flags; - switch (enforcement) { - case DEP_DISABLED: - dep_flags = 0; - break; - case DEP_ENABLED: - dep_flags = PROCESS_DEP_ENABLE | - PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION; - break; - case DEP_ENABLED_ATL7_COMPAT: - dep_flags = PROCESS_DEP_ENABLE; - break; - default: - NOTREACHED(); - return false; - } - return 0 != SetProcDEP(dep_flags); - } - - // Go in darker areas. // Only available on Windows XP SP2 and Windows Server 2003 SP1. - // http://www.uninformed.org/?v=2&a=4 + // For reference: http://www.uninformed.org/?v=2&a=4 FnNtSetInformationProcess NtSetInformationProc = reinterpret_cast<FnNtSetInformationProcess>( GetProcAddress(GetModuleHandle(L"ntdll.dll"), |