From 0f8a6b4de386b469859f6cd12c0ba091453c9a4d Mon Sep 17 00:00:00 2001 From: "cpu@google.com" Date: Mon, 22 Sep 2008 17:11:04 +0000 Subject: Use the new dll injection blocking api of the sandbox to block the loading of dlls that cause renderer crashes. - Remove the old FreeLibrary() method Review URL: http://codereview.chromium.org/2458 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@2441 0039d316-1c4b-4281-b951-d872f2087c98 --- chrome/browser/sandbox_policy.cc | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'chrome/browser/sandbox_policy.cc') diff --git a/chrome/browser/sandbox_policy.cc b/chrome/browser/sandbox_policy.cc index 1782823..0969bd3 100644 --- a/chrome/browser/sandbox_policy.cc +++ b/chrome/browser/sandbox_policy.cc @@ -92,6 +92,30 @@ bool AddKeyAndSubkeys(std::wstring key, return true; } +// Eviction of injected DLLs is done by the sandbox. An interception on a +// system call is added such that the blacklisted dll, don't fully load so +// the injected module does not get a chance to execute any code. +bool AddDllEvictionPolicy(sandbox::TargetPolicy* policy) { + // List of dlls to unmap. + const wchar_t* troublesome_dlls[] = { + L"smumhook.dll", // Spyware Doctor version 5 and above. + L"GoogleDesktopNetwork3.DLL", // Google Desktop Search v5. + L"npggNT.des", // GameGuard version 2008. It is a packed dll. + }; + + for(int ix = 0; ix != arraysize(troublesome_dlls); ++ix) { + // To minimize the list we only add an unload policy if the dll is also + // loaded in this process. All the injected dlls of interest do this. + if (::GetModuleHandleW(troublesome_dlls[ix])) { + LOG(WARNING) << "dll to unload found: " << troublesome_dlls[ix]; + if (sandbox::SBOX_ALL_OK != policy->AddDllToUnload(troublesome_dlls[ix])) + return false; + } + } + + return true; +} + bool AddGenericPolicy(sandbox::TargetPolicy* policy) { sandbox::ResultCode result; -- cgit v1.1