From 9cd0144cccf979ecce9f193f77e50c05544bc4a7 Mon Sep 17 00:00:00 2001 From: "cpu@google.com" Date: Thu, 18 Sep 2008 00:26:01 +0000 Subject: Add an interface to the sandbox to block dll from loading in the target process - new interface is TargetPolicy::AddDllToUnload - Added integration tests and unit tests. Review URL: http://codereview.chromium.org/2413 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@2348 0039d316-1c4b-4281-b951-d872f2087c98 --- sandbox/src/sandbox_nt_util.h | 30 +++++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) (limited to 'sandbox/src/sandbox_nt_util.h') diff --git a/sandbox/src/sandbox_nt_util.h b/sandbox/src/sandbox_nt_util.h index b21a1dd..700e83f 100644 --- a/sandbox/src/sandbox_nt_util.h +++ b/sandbox/src/sandbox_nt_util.h @@ -2,8 +2,8 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef SANDBOX_SRC_SANDBOX_NT_UTIL_H__ -#define SANDBOX_SRC_SANDBOX_NT_UTIL_H__ +#ifndef SANDBOX_SRC_SANDBOX_NT_UTIL_H_ +#define SANDBOX_SRC_SANDBOX_NT_UTIL_H_ #include "base/basictypes.h" #include "sandbox/src/nt_internals.h" @@ -89,17 +89,27 @@ bool InitHeap(); // Returns true if the provided handle refers to the current process. bool IsSameProcess(HANDLE process); -// Returns the name for a given module. The returned buffer must be freed with -// a placement delete from our ntdll level allocator: +enum MappedModuleFlags { + MODULE_IS_PE_IMAGE = 1, // Module is an executable. + MODULE_HAS_ENTRY_POINT = 2, // Execution entry point found. + MODULE_HAS_CODE = 4 // Non zero size of executable sections. +}; + +// Returns the name and characteristics for a given PE module. The return +// value is the name as defined by the export table and the flags is any +// combination of the MappedModuleFlags enumeration. // -// UNICODE_STRING* name = GetImageNameFromModule(HMODULE module); +// The returned buffer must be freed with a placement delete from the ntdll +// level allocator: +// +// UNICODE_STRING* name = GetPEImageInfoFromModule(HMODULE module, &flags); // if (!name) { // // probably not a valid dll // return; // } // InsertYourLogicHere(name); // operator delete(name, NT_ALLOC); -UNICODE_STRING* GetImageNameFromModule(HMODULE module); +UNICODE_STRING* GetImageInfoFromModule(HMODULE module, uint32* flags); // Returns the full path and filename for a given dll. // May return NULL if the provided address is not backed by a named section, or @@ -107,6 +117,12 @@ UNICODE_STRING* GetImageNameFromModule(HMODULE module); // be freed with a placement delete (see GetImageNameFromModule example). UNICODE_STRING* GetBackingFilePath(PVOID address); +// Returns the last component of a path that contains the module name. +// It will return NULL if the path is not a full path or if the path ends +// with the path separator. The returned buffer must be freed with a placement +// delete (see GetImageNameFromModule example). +UNICODE_STRING* ExtractModuleName(const UNICODE_STRING* module_path); + // Returns true if the parameters correspond to a dll mapped as code. bool IsValidImageSection(HANDLE section, PVOID *base, PLARGE_INTEGER offset, PULONG view_size); @@ -147,5 +163,5 @@ bool IsSupportedRenameCall(FILE_RENAME_INFORMATION* file_info, DWORD length, } // namespace sandbox -#endif // SANDBOX_SRC_SANDBOX_NT_UTIL_H__ +#endif // SANDBOX_SRC_SANDBOX_NT_UTIL_H_ -- cgit v1.1