• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 // Defines ResolverThunk, the interface for classes that perform interceptions.
6 // For more details see
7 // http://dev.chromium.org/developers/design-documents/sandbox .
8 
9 #include "base/basictypes.h"
10 #include "sandbox/win/src/nt_internals.h"
11 
12 #ifndef SANDBOX_SRC_RESOLVER_H__
13 #define SANDBOX_SRC_RESOLVER_H__
14 
15 namespace sandbox {
16 
17 // A resolver is the object in charge of performing the actual interception of
18 // a function. There should be a concrete implementation of a resolver roughly
19 // per type of interception.
20 class ResolverThunk {
21  public:
ResolverThunk()22   ResolverThunk() {}
~ResolverThunk()23   virtual ~ResolverThunk() {}
24 
25   // Performs the actual interception of a function.
26   // target_name is an exported function from the module loaded at
27   // target_module, and must be replaced by interceptor_name, exported from
28   // interceptor_module. interceptor_entry_point can be provided instead of
29   // interceptor_name / interceptor_module.
30   // thunk_storage must point to a buffer on the child's address space, to hold
31   // the patch thunk, and related data. If provided, storage_used will receive
32   // the number of bytes used from thunk_storage.
33   //
34   // Example: (without error checking)
35   //
36   // size_t size = resolver.GetThunkSize();
37   // char* buffer = ::VirtualAllocEx(child_process, NULL, size,
38   //                                 MEM_COMMIT, PAGE_READWRITE);
39   // resolver.Setup(ntdll_module, NULL, L"NtCreateFile", NULL,
40   //                &MyReplacementFunction, buffer, size, NULL);
41   //
42   // In general, the idea is to allocate a single big buffer for all
43   // interceptions on the same dll, and call Setup n times.
44   // WARNING: This means that any data member that is specific to a single
45   // interception must be reset within this method.
46   virtual NTSTATUS Setup(const void* target_module,
47                          const void* interceptor_module,
48                          const char* target_name,
49                          const char* interceptor_name,
50                          const void* interceptor_entry_point,
51                          void* thunk_storage,
52                          size_t storage_bytes,
53                          size_t* storage_used) = 0;
54 
55   // Gets the address of function_name inside module (main exe).
56   virtual NTSTATUS ResolveInterceptor(const void* module,
57                                       const char* function_name,
58                                       const void** address);
59 
60   // Gets the address of an exported function_name inside module.
61   virtual NTSTATUS ResolveTarget(const void* module,
62                                  const char* function_name,
63                                  void** address);
64 
65   // Gets the required buffer size for this type of thunk.
66   virtual size_t GetThunkSize() const = 0;
67 
68  protected:
69   // Performs basic initialization on behalf of a concrete instance of a
70   // resolver. That is, parameter validation and resolution of the target
71   // and the interceptor into the member variables.
72   //
73   // target_name is an exported function from the module loaded at
74   // target_module, and must be replaced by interceptor_name, exported from
75   // interceptor_module. interceptor_entry_point can be provided instead of
76   // interceptor_name / interceptor_module.
77   // thunk_storage must point to a buffer on the child's address space, to hold
78   // the patch thunk, and related data.
79   virtual NTSTATUS Init(const void* target_module,
80                         const void* interceptor_module,
81                         const char* target_name,
82                         const char* interceptor_name,
83                         const void* interceptor_entry_point,
84                         void* thunk_storage,
85                         size_t storage_bytes);
86 
87   // Gets the required buffer size for the internal part of the thunk.
88   size_t GetInternalThunkSize() const;
89 
90   // Initializes the internal part of the thunk.
91   // interceptor is the function to be called instead of original_function.
92   bool SetInternalThunk(void* storage, size_t storage_bytes,
93                         const void* original_function, const void* interceptor);
94 
95   // Holds the resolved interception target.
96   void* target_;
97   // Holds the resolved interception interceptor.
98   const void* interceptor_;
99 
100   DISALLOW_COPY_AND_ASSIGN(ResolverThunk);
101 };
102 
103 }  // namespace sandbox
104 
105 #endif  // SANDBOX_SRC_RESOLVER_H__
106