diff options
| author | nsylvain@chromium.org <nsylvain@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-05-21 18:46:59 +0000 |
|---|---|---|
| committer | nsylvain@chromium.org <nsylvain@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-05-21 18:46:59 +0000 |
| commit | b31cb10adc5b1150ad6725b2f0b503c4e1593b33 (patch) | |
| tree | 3e4e57abbaf48bb741646110148a15c956c2680b /sandbox/src | |
| parent | c6b5c4b23b00a72937d402af2b5794388b0fdca4 (diff) | |
| download | chromium_src-b31cb10adc5b1150ad6725b2f0b503c4e1593b33.zip chromium_src-b31cb10adc5b1150ad6725b2f0b503c4e1593b33.tar.gz chromium_src-b31cb10adc5b1150ad6725b2f0b503c4e1593b33.tar.bz2 | |
ZwOpenKeyEx is now documented at http://msdn.microsoft.com/en-us/library/dd535803.aspx
The last unknown parameter is OpenOptions. We do not support it at this point, since it
involves links, which wont be trivial to secure, and giving "special" privileges.
Updating the code accordingly.
BUG:7611
TEST:No code change
Review URL: http://codereview.chromium.org/115640
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@16633 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox/src')
| -rw-r--r-- | sandbox/src/nt_internals.h | 2 | ||||
| -rw-r--r-- | sandbox/src/registry_interception.cc | 12 | ||||
| -rw-r--r-- | sandbox/src/registry_interception.h | 2 |
3 files changed, 8 insertions, 8 deletions
diff --git a/sandbox/src/nt_internals.h b/sandbox/src/nt_internals.h index a2cb751..1e664d7 100644 --- a/sandbox/src/nt_internals.h +++ b/sandbox/src/nt_internals.h @@ -358,7 +358,7 @@ typedef NTSTATUS (WINAPI *NtOpenKeyExFunction)( OUT PHANDLE KeyHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, - IN DWORD unknown); // TODO(nsylvain): define this. bug 7611 + IN DWORD open_options); // ----------------------------------------------------------------------- // Memory diff --git a/sandbox/src/registry_interception.cc b/sandbox/src/registry_interception.cc index 2ecfa4a..aaeab92 100644 --- a/sandbox/src/registry_interception.cc +++ b/sandbox/src/registry_interception.cc @@ -155,15 +155,15 @@ NTSTATUS WINAPI TargetNtOpenKey(NtOpenKeyFunction orig_OpenKey, PHANDLE key, NTSTATUS WINAPI TargetNtOpenKeyEx(NtOpenKeyExFunction orig_OpenKeyEx, PHANDLE key, ACCESS_MASK desired_access, POBJECT_ATTRIBUTES object_attributes, - DWORD unknown) { + DWORD open_options) { // Check if the process can open it first. NTSTATUS status = orig_OpenKeyEx(key, desired_access, object_attributes, - unknown); + open_options); - // TODO(nsylvain): We don't know what the last parameter is. If it's not - // zero, we don't attempt to proxy the call. We need to find out what it is! - // See bug 7611 - if (NT_SUCCESS(status) || unknown != 0) + // We do not support open_options at this time. The 2 current known values + // are REG_OPTION_CREATE_LINK, to open a symbolic link, and + // REG_OPTION_BACKUP_RESTORE to open the key with special privileges. + if (NT_SUCCESS(status) || open_options != 0) return status; return CommonNtOpenKey(status, key, desired_access, object_attributes); diff --git a/sandbox/src/registry_interception.h b/sandbox/src/registry_interception.h index ff08016..e92cc22 100644 --- a/sandbox/src/registry_interception.h +++ b/sandbox/src/registry_interception.h @@ -29,7 +29,7 @@ SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenKey( // It should never be called directly SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenKeyEx( NtOpenKeyExFunction orig_OpenKeyEx, PHANDLE key, ACCESS_MASK desired_access, - POBJECT_ATTRIBUTES object_attributes, DWORD unknown); + POBJECT_ATTRIBUTES object_attributes, DWORD open_options); } // extern "C" |