diff options
Diffstat (limited to 'sandbox/src/handle_table.cc')
-rw-r--r-- | sandbox/src/handle_table.cc | 43 |
1 files changed, 27 insertions, 16 deletions
diff --git a/sandbox/src/handle_table.cc b/sandbox/src/handle_table.cc index c7fcf0a..ab079ea 100644 --- a/sandbox/src/handle_table.cc +++ b/sandbox/src/handle_table.cc @@ -17,6 +17,8 @@ bool CompareHandleEntries(const SYSTEM_HANDLE_INFORMATION& a, return a.ProcessId < b.ProcessId; } +static NtQueryObject QueryObject = NULL; + } // namespace namespace sandbox { @@ -68,12 +70,11 @@ HandleTable::Iterator HandleTable::HandlesForProcess(ULONG process_id) const { key.ProcessId = process_id; const SYSTEM_HANDLE_INFORMATION* start = handle_info()->Information; - const SYSTEM_HANDLE_INFORMATION* finish = - &handle_info()->Information[handle_info()->NumberOfHandles]; + const SYSTEM_HANDLE_INFORMATION* finish = end(); start = std::lower_bound(start, finish, key, CompareHandleEntries); if (start->ProcessId != process_id) - return Iterator(*this, finish, finish); + return Iterator(*this, end(), end()); finish = std::upper_bound(start, finish, key, CompareHandleEntries); return Iterator(*this, start, finish); } @@ -84,7 +85,6 @@ HandleTable::HandleEntry::HandleEntry( } void HandleTable::HandleEntry::UpdateInfo(UpdateType flag) { - static NtQueryObject QueryObject = NULL; if (!QueryObject) ResolveNTFunctionPtr("NtQueryObject", &QueryObject); @@ -119,18 +119,8 @@ void HandleTable::HandleEntry::UpdateInfo(UpdateType flag) { switch (flag) { case UPDATE_INFO_AND_NAME: if (type_info_buffer_.size() && handle_name_.empty()) { - ULONG size = MAX_PATH; - scoped_ptr<UNICODE_STRING> name; - do { - name.reset(reinterpret_cast<UNICODE_STRING*>(new BYTE[size])); - result = QueryObject(reinterpret_cast<HANDLE>( - handle_entry_->Handle), ObjectNameInformation, name.get(), - size, &size); - } while (result == STATUS_INFO_LENGTH_MISMATCH); - - if (NT_SUCCESS(result)) { - handle_name_.assign(name->Buffer, name->Length / sizeof(wchar_t)); - } + GetHandleName(reinterpret_cast<HANDLE>(handle_entry_->Handle), + &handle_name_); } break; @@ -144,6 +134,27 @@ void HandleTable::HandleEntry::UpdateInfo(UpdateType flag) { } } +// Returns the object manager's name associated with a handle +BOOL GetHandleName(HANDLE handle, string16* handle_name) { + if (!QueryObject) + ResolveNTFunctionPtr("NtQueryObject", &QueryObject); + + ULONG size = MAX_PATH; + scoped_ptr<UNICODE_STRING> name; + NTSTATUS result; + + do { + name.reset(reinterpret_cast<UNICODE_STRING*>(new BYTE[size])); + result = QueryObject(handle, ObjectNameInformation, name.get(), + size, &size); + } while (result == STATUS_INFO_LENGTH_MISMATCH); + + if (NT_SUCCESS(result)) + handle_name->assign(name->Buffer, name->Length / sizeof(wchar_t)); + + return NT_SUCCESS(result); +} + const OBJECT_TYPE_INFORMATION* HandleTable::HandleEntry::TypeInfo() { UpdateInfo(UPDATE_INFO_ONLY); return type_info_buffer_.empty() ? NULL : type_info_internal(); |