1 files changed, 72 insertions, 0 deletions

diff --git a/sandbox/win/wow_helper/service64_resolver.h b/sandbox/win/wow_helper/service64_resolver.h
new file mode 100644
index 0000000..abd7efd
--- /dev/null
+++ b/sandbox/win/wow_helper/service64_resolver.h
@@ -0,0 +1,72 @@
+// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef SANDBOX_WOW_HELPER_SERVICE64_RESOLVER_H__
+#define SANDBOX_WOW_HELPER_SERVICE64_RESOLVER_H__
+
+#include "sandbox/win/src/nt_internals.h"
+#include "sandbox/win/src/resolver.h"
+
+namespace sandbox {
+
+// This is the concrete resolver used to perform service-call type functions
+// inside ntdll.dll (64-bit).
+class Service64ResolverThunk : public ResolverThunk {
+ public:
+  // The service resolver needs a child process to write to.
+  explicit Service64ResolverThunk(HANDLE process)
+      : process_(process), ntdll_base_(NULL) {}
+  virtual ~Service64ResolverThunk() {}
+
+  // Implementation of Resolver::Setup.
+  virtual NTSTATUS Setup(const void* target_module,
+                         const void* interceptor_module,
+                         const char* target_name,
+                         const char* interceptor_name,
+                         const void* interceptor_entry_point,
+                         void* thunk_storage,
+                         size_t storage_bytes,
+                         size_t* storage_used);
+
+  // Implementation of Resolver::ResolveInterceptor.
+  virtual NTSTATUS ResolveInterceptor(const void* module,
+                                      const char* function_name,
+                                      const void** address);
+
+  // Implementation of Resolver::ResolveTarget.
+  virtual NTSTATUS ResolveTarget(const void* module,
+                                 const char* function_name,
+                                 void** address);
+
+  // Implementation of Resolver::GetThunkSize.
+  virtual size_t GetThunkSize() const;
+
+ protected:
+  // The unit test will use this member to allow local patch on a buffer.
+  HMODULE ntdll_base_;
+
+  // Handle of the child process.
+  HANDLE process_;
+
+ private:
+  // Returns true if the code pointer by target_ corresponds to the expected
+  // type of function. Saves that code on the first part of the thunk pointed
+  // by local_thunk (should be directly accessible from the parent).
+  virtual bool IsFunctionAService(void* local_thunk) const;
+
+  // Performs the actual patch of target_.
+  // local_thunk must be already fully initialized, and the first part must
+  // contain the original code. The real type of this buffer is ServiceFullThunk
+  // (yes, private). remote_thunk (real type ServiceFullThunk), must be
+  // allocated on the child, and will contain the thunk data, after this call.
+  // Returns the apropriate status code.
+  virtual NTSTATUS PerformPatch(void* local_thunk, void* remote_thunk);
+
+  DISALLOW_COPY_AND_ASSIGN(Service64ResolverThunk);
+};
+
+}  // namespace sandbox
+
+
+#endif  // SANDBOX_WOW_HELPER_SERVICE64_RESOLVER_H__