diff options
| author | rickyz <rickyz@chromium.org> | 2015-09-08 17:13:13 -0700 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2015-09-09 00:13:48 +0000 |
| commit | 45e371a2d7ce5048144695aa62d1e196ec19afd2 (patch) | |
| tree | d1345ea372329fba1ed11b4f6bc0042d31a722d3 /sandbox/win | |
| parent | 2d8d0e8d7c75b73649de2c79a2c4ddadf9585522 (diff) | |
| download | chromium_src-45e371a2d7ce5048144695aa62d1e196ec19afd2.zip chromium_src-45e371a2d7ce5048144695aa62d1e196ec19afd2.tar.gz chromium_src-45e371a2d7ce5048144695aa62d1e196ec19afd2.tar.bz2 | |
Correct PROCESS_BASIC_INFORMATION for 64 bit Windows.
Based on the structure given at https://msdn.microsoft.com/en-us/library/windows/desktop/ms684280(v=vs.85).aspx.
BUG=528450
Review URL: https://codereview.chromium.org/1328703003
Cr-Commit-Position: refs/heads/master@{#347842}
Diffstat (limited to 'sandbox/win')
| -rw-r--r-- | sandbox/win/BUILD.gn | 1 | ||||
| -rw-r--r-- | sandbox/win/sandbox_win.gypi | 1 | ||||
| -rw-r--r-- | sandbox/win/src/nt_internals.h | 22 | ||||
| -rw-r--r-- | sandbox/win/src/policy_broker.cc | 10 | ||||
| -rw-r--r-- | sandbox/win/src/policy_broker.h | 3 | ||||
| -rw-r--r-- | sandbox/win/src/sandbox_nt_util.cc | 6 | ||||
| -rw-r--r-- | sandbox/win/src/sandbox_nt_util_unittest.cc | 47 |
7 files changed, 81 insertions, 9 deletions
diff --git a/sandbox/win/BUILD.gn b/sandbox/win/BUILD.gn index be60efb..b830534 100644 --- a/sandbox/win/BUILD.gn +++ b/sandbox/win/BUILD.gn @@ -246,6 +246,7 @@ test("sbox_unittests") { "src/policy_low_level_unittest.cc", "src/policy_opcodes_unittest.cc", "src/restricted_token_unittest.cc", + "src/sandbox_nt_util_unittest.cc", "src/service_resolver_unittest.cc", "src/sid_unittest.cc", "src/threadpool_unittest.cc", diff --git a/sandbox/win/sandbox_win.gypi b/sandbox/win/sandbox_win.gypi index b3b70bd..aeb8f03 100644 --- a/sandbox/win/sandbox_win.gypi +++ b/sandbox/win/sandbox_win.gypi @@ -276,6 +276,7 @@ 'src/policy_low_level_unittest.cc', 'src/policy_opcodes_unittest.cc', 'src/ipc_unittest.cc', + 'src/sandbox_nt_util_unittest.cc', 'src/threadpool_unittest.cc', 'src/win_utils_unittest.cc', 'tests/common/test_utils.cc', diff --git a/sandbox/win/src/nt_internals.h b/sandbox/win/src/nt_internals.h index 40b29c6..010f7cb 100644 --- a/sandbox/win/src/nt_internals.h +++ b/sandbox/win/src/nt_internals.h @@ -308,15 +308,27 @@ typedef enum _PROCESSINFOCLASS { } PROCESSINFOCLASS; typedef PVOID PPEB; -typedef PVOID KPRIORITY; +typedef LONG KPRIORITY; typedef struct _PROCESS_BASIC_INFORMATION { - NTSTATUS ExitStatus; + union { + NTSTATUS ExitStatus; + PVOID padding_for_x64_0; + }; PPEB PebBaseAddress; KAFFINITY AffinityMask; - KPRIORITY BasePriority; - ULONG UniqueProcessId; - ULONG InheritedFromUniqueProcessId; + union { + KPRIORITY BasePriority; + PVOID padding_for_x64_1; + }; + union { + DWORD UniqueProcessId; + PVOID padding_for_x64_2; + }; + union { + DWORD InheritedFromUniqueProcessId; + PVOID padding_for_x64_3; + }; } PROCESS_BASIC_INFORMATION, *PPROCESS_BASIC_INFORMATION; typedef NTSTATUS (WINAPI *NtQueryInformationProcessFunction)( diff --git a/sandbox/win/src/policy_broker.cc b/sandbox/win/src/policy_broker.cc index dc5e18c..c2d25bd 100644 --- a/sandbox/win/src/policy_broker.cc +++ b/sandbox/win/src/policy_broker.cc @@ -38,7 +38,7 @@ SANDBOX_INTERCEPT NtExports g_nt; if (NULL == g_nt.member) \ return false -bool SetupNtdllImports(TargetProcess *child) { +bool InitGlobalNt() { HMODULE ntdll = ::GetModuleHandle(kNtdllName); base::win::PEImage ntdll_image(ntdll); @@ -75,6 +75,14 @@ bool SetupNtdllImports(TargetProcess *child) { INIT_GLOBAL_RTL(wcslen); INIT_GLOBAL_RTL(memcpy); + return true; +} + +bool SetupNtdllImports(TargetProcess *child) { + if (!InitGlobalNt()) { + return false; + } + #ifndef NDEBUG // Verify that the structure is fully initialized. for (size_t i = 0; i < sizeof(g_nt)/sizeof(void*); i++) diff --git a/sandbox/win/src/policy_broker.h b/sandbox/win/src/policy_broker.h index 1c5cc26..15d3b21 100644 --- a/sandbox/win/src/policy_broker.h +++ b/sandbox/win/src/policy_broker.h @@ -11,6 +11,9 @@ namespace sandbox { class TargetProcess; +// Initializes global imported symbols from ntdll. +bool InitGlobalNt(); + // Sets up interceptions not controlled by explicit policies. bool SetupBasicInterceptions(InterceptionManager* manager); diff --git a/sandbox/win/src/sandbox_nt_util.cc b/sandbox/win/src/sandbox_nt_util.cc index 64fd1f1..4f2720f 100644 --- a/sandbox/win/src/sandbox_nt_util.cc +++ b/sandbox/win/src/sandbox_nt_util.cc @@ -337,7 +337,7 @@ NTSTATUS AllocAndCopyName(const OBJECT_ATTRIBUTES* in_object, return ret; } -NTSTATUS GetProcessId(HANDLE process, ULONG *process_id) { +NTSTATUS GetProcessId(HANDLE process, DWORD *process_id) { PROCESS_BASIC_INFORMATION proc_info; ULONG bytes_returned; @@ -355,7 +355,7 @@ bool IsSameProcess(HANDLE process) { if (NtCurrentProcess == process) return true; - static ULONG s_process_id = 0; + static DWORD s_process_id = 0; if (!s_process_id) { NTSTATUS ret = GetProcessId(NtCurrentProcess, &s_process_id); @@ -363,7 +363,7 @@ bool IsSameProcess(HANDLE process) { return false; } - ULONG process_id; + DWORD process_id; NTSTATUS ret = GetProcessId(process, &process_id); if (!NT_SUCCESS(ret)) return false; diff --git a/sandbox/win/src/sandbox_nt_util_unittest.cc b/sandbox/win/src/sandbox_nt_util_unittest.cc new file mode 100644 index 0000000..0fbea66 --- /dev/null +++ b/sandbox/win/src/sandbox_nt_util_unittest.cc @@ -0,0 +1,47 @@ +// Copyright 2015 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include <windows.h> + +#include "base/win/scoped_handle.h" +#include "base/win/scoped_process_information.h" +#include "sandbox/win/src/policy_broker.h" +#include "sandbox/win/src/sandbox_nt_util.h" +#include "testing/gtest/include/gtest/gtest.h" + +namespace sandbox { +namespace { + +TEST(SandboxNtUtil, IsSameProcessPseudoHandle) { + InitGlobalNt(); + + HANDLE current_process_pseudo = GetCurrentProcess(); + EXPECT_TRUE(IsSameProcess(current_process_pseudo)); +} + +TEST(SandboxNtUtil, IsSameProcessNonPseudoHandle) { + InitGlobalNt(); + + base::win::ScopedHandle current_process( + OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, GetCurrentProcessId())); + ASSERT_TRUE(current_process.IsValid()); + EXPECT_TRUE(IsSameProcess(current_process.Get())); +} + +TEST(SandboxNtUtil, IsSameProcessDifferentProcess) { + InitGlobalNt(); + + STARTUPINFO si = {sizeof(si)}; + PROCESS_INFORMATION pi = {}; + wchar_t notepad[] = L"notepad"; + ASSERT_TRUE(CreateProcessW(nullptr, notepad, nullptr, nullptr, FALSE, 0, + nullptr, nullptr, &si, &pi)); + base::win::ScopedProcessInformation process_info(pi); + + EXPECT_FALSE(IsSameProcess(process_info.process_handle())); + EXPECT_TRUE(TerminateProcess(process_info.process_handle(), 0)); +} + +} // namespace +} // namespace sandbox |