diff options
Diffstat (limited to 'sandbox')
-rw-r--r-- | sandbox/src/interception.cc | 2 | ||||
-rw-r--r-- | sandbox/src/sandbox.cc | 7 | ||||
-rw-r--r-- | sandbox/src/sandbox_nt_util.cc | 10 | ||||
-rw-r--r-- | sandbox/src/sandbox_nt_util.h | 2 | ||||
-rw-r--r-- | sandbox/src/service_resolver.cc | 12 | ||||
-rw-r--r-- | sandbox/src/sidestep/mini_disassembler.cpp | 4 | ||||
-rw-r--r-- | sandbox/src/target_process.cc | 2 |
7 files changed, 27 insertions, 12 deletions
diff --git a/sandbox/src/interception.cc b/sandbox/src/interception.cc index 81657aa..007c373 100644 --- a/sandbox/src/interception.cc +++ b/sandbox/src/interception.cc @@ -375,7 +375,7 @@ bool InterceptionManager::PatchNtdll(bool hot_patch_needed) { return false; // and now write the first part of the table to the child's memory - DWORD written; + SIZE_T written; bool ok = FALSE != ::WriteProcessMemory(child, thunks, &dll_data, offsetof(DllInterceptionData, thunks), &written); diff --git a/sandbox/src/sandbox.cc b/sandbox/src/sandbox.cc index 0943d10..f0b42bf 100644 --- a/sandbox/src/sandbox.cc +++ b/sandbox/src/sandbox.cc @@ -9,6 +9,13 @@ #include "sandbox/src/broker_services.h" #include "sandbox/src/target_services.h" +#ifdef _WIN64 +#error Sandbox code was not tested on 64-bit Windows. See \ + http://code.google.com/p/chromium/issues/detail?id=27218 for details \ + and progress log. +#endif + + namespace sandbox { // The section for IPC and policy. SANDBOX_INTERCEPT HANDLE g_shared_section = NULL; diff --git a/sandbox/src/sandbox_nt_util.cc b/sandbox/src/sandbox_nt_util.cc index 188974e..a3ea634 100644 --- a/sandbox/src/sandbox_nt_util.cc +++ b/sandbox/src/sandbox_nt_util.cc @@ -217,7 +217,7 @@ bool IsSameProcess(HANDLE process) { } bool IsValidImageSection(HANDLE section, PVOID *base, PLARGE_INTEGER offset, - PULONG view_size) { + PSIZE_T view_size) { if (!section || !base || !view_size || offset) return false; @@ -366,14 +366,18 @@ UNICODE_STRING* ExtractModuleName(const UNICODE_STRING* module_path) { // Add one to the size so we can null terminate the string. size_t size_bytes = (start_pos - ix + 1) * sizeof(wchar_t); + + // Based on the code above, size_bytes should always be small enough + // to make the static_cast below safe. + DCHECK_NT(kuint16max > size_bytes); char* str_buffer = new(NT_ALLOC) char[size_bytes + sizeof(UNICODE_STRING)]; if (!str_buffer) return NULL; UNICODE_STRING* out_string = reinterpret_cast<UNICODE_STRING*>(str_buffer); out_string->Buffer = reinterpret_cast<wchar_t*>(&out_string[1]); - out_string->Length = size_bytes - sizeof(wchar_t); - out_string->MaximumLength = size_bytes; + out_string->Length = static_cast<USHORT>(size_bytes - sizeof(wchar_t)); + out_string->MaximumLength = static_cast<USHORT>(size_bytes); NTSTATUS ret = CopyData(out_string->Buffer, &sep[1], out_string->Length); if (!NT_SUCCESS(ret)) { diff --git a/sandbox/src/sandbox_nt_util.h b/sandbox/src/sandbox_nt_util.h index 87d2409..36c22c5 100644 --- a/sandbox/src/sandbox_nt_util.h +++ b/sandbox/src/sandbox_nt_util.h @@ -125,7 +125,7 @@ UNICODE_STRING* ExtractModuleName(const UNICODE_STRING* module_path); // Returns true if the parameters correspond to a dll mapped as code. bool IsValidImageSection(HANDLE section, PVOID *base, PLARGE_INTEGER offset, - PULONG view_size); + PSIZE_T view_size); // Converts an ansi string to an UNICODE_STRING. UNICODE_STRING* AnsiToUnicode(const char* string); diff --git a/sandbox/src/service_resolver.cc b/sandbox/src/service_resolver.cc index 9cdd824..069b37f 100644 --- a/sandbox/src/service_resolver.cc +++ b/sandbox/src/service_resolver.cc @@ -116,7 +116,7 @@ bool WriteProtectedChildMemory(HANDLE child_process, PAGE_WRITECOPY, &old_protection)) return false; - DWORD written; + SIZE_T written; bool ok = ::WriteProcessMemory(child_process, address, buffer, length, &written) && (length == written); @@ -197,7 +197,7 @@ size_t ServiceResolverThunk::GetThunkSize() const { bool ServiceResolverThunk::IsFunctionAService(void* local_thunk) const { ServiceEntry function_code; - DWORD read; + SIZE_T read; if (!::ReadProcessMemory(process_, target_, &function_code, sizeof(function_code), &read)) return false; @@ -293,7 +293,7 @@ NTSTATUS ServiceResolverThunk::PerformPatch(void* local_thunk, size_t thunk_size = GetThunkSize(); // copy the local thunk buffer to the child - DWORD written; + SIZE_T written; if (!::WriteProcessMemory(process_, remote_thunk, local_thunk, thunk_size, &written)) return STATUS_UNSUCCESSFUL; @@ -319,7 +319,7 @@ NTSTATUS ServiceResolverThunk::PerformPatch(void* local_thunk, bool ServiceResolverThunk::SaveOriginalFunction(void* local_thunk, void* remote_thunk) { ServiceEntry function_code; - DWORD read; + SIZE_T read; if (!::ReadProcessMemory(process_, target_, &function_code, sizeof(function_code), &read)) return false; @@ -354,7 +354,7 @@ bool ServiceResolverThunk::SaveOriginalFunction(void* local_thunk, bool Wow64ResolverThunk::IsFunctionAService(void* local_thunk) const { Wow64Entry function_code; - DWORD read; + SIZE_T read; if (!::ReadProcessMemory(process_, target_, &function_code, sizeof(function_code), &read)) return false; @@ -380,7 +380,7 @@ bool Wow64ResolverThunk::IsFunctionAService(void* local_thunk) const { bool Win2kResolverThunk::IsFunctionAService(void* local_thunk) const { ServiceEntry function_code; - DWORD read; + SIZE_T read; if (!::ReadProcessMemory(process_, target_, &function_code, sizeof(function_code), &read)) return false; diff --git a/sandbox/src/sidestep/mini_disassembler.cpp b/sandbox/src/sidestep/mini_disassembler.cpp index a6f0839..601bf1c 100644 --- a/sandbox/src/sidestep/mini_disassembler.cpp +++ b/sandbox/src/sidestep/mini_disassembler.cpp @@ -29,6 +29,10 @@ // Implementation of MiniDisassembler. +#ifdef _WIN64 +#error The code in this file should not be used on 64-bit Windows. +#endif + #include "sandbox/src/sidestep/mini_disassembler.h" namespace sidestep { diff --git a/sandbox/src/target_process.cc b/sandbox/src/target_process.cc index d3ae80d..fd65fea 100644 --- a/sandbox/src/target_process.cc +++ b/sandbox/src/target_process.cc @@ -220,7 +220,7 @@ ResultCode TargetProcess::TransferVariable(char* name, void* address, UNREFERENCED_PARAMETER(name); #endif - DWORD written; + SIZE_T written; if (!::WriteProcessMemory(sandbox_process_, child_var, address, size, &written)) return SBOX_ERROR_GENERIC; |