• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef BASE_WIN_IAT_PATCH_FUNCTION_H_
6 #define BASE_WIN_IAT_PATCH_FUNCTION_H_
7 
8 #include <windows.h>
9 
10 #include "base/base_export.h"
11 #include "base/basictypes.h"
12 
13 namespace base {
14 namespace win {
15 
16 // A class that encapsulates Import Address Table patching helpers and restores
17 // the original function in the destructor.
18 //
19 // It will intercept functions for a specific DLL imported from another DLL.
20 // This is the case when, for example, we want to intercept
21 // CertDuplicateCertificateContext function (exported from crypt32.dll) called
22 // by wininet.dll.
23 class BASE_EXPORT IATPatchFunction {
24  public:
25   IATPatchFunction();
26   ~IATPatchFunction();
27 
28   // Intercept a function in an import table of a specific
29   // module. Save the original function and the import
30   // table address. These values will be used later
31   // during Unpatch
32   //
33   // Arguments:
34   // module                 Module to be intercepted
35   // imported_from_module   Module that exports the 'function_name'
36   // function_name          Name of the API to be intercepted
37   //
38   // Returns: Windows error code (winerror.h). NO_ERROR if successful
39   //
40   // Note: Patching a function will make the IAT patch take some "ownership" on
41   // |module|.  It will LoadLibrary(module) to keep the DLL alive until a call
42   // to Unpatch(), which will call FreeLibrary() and allow the module to be
43   // unloaded.  The idea is to help prevent the DLL from going away while a
44   // patch is still active.
45   DWORD Patch(const wchar_t* module,
46               const char* imported_from_module,
47               const char* function_name,
48               void* new_function);
49 
50   // Unpatch the IAT entry using internally saved original
51   // function.
52   //
53   // Returns: Windows error code (winerror.h). NO_ERROR if successful
54   DWORD Unpatch();
55 
is_patched()56   bool is_patched() const {
57     return (NULL != intercept_function_);
58   }
59 
60   void* original_function() const;
61 
62 
63  private:
64   HMODULE module_handle_;
65   void* intercept_function_;
66   void* original_function_;
67   IMAGE_THUNK_DATA* iat_thunk_;
68 
69   DISALLOW_COPY_AND_ASSIGN(IATPatchFunction);
70 };
71 
72 BASE_EXPORT DWORD ModifyCode(void* old_code, void* new_code, int length);
73 
74 }  // namespace win
75 }  // namespace base
76 
77 #endif  // BASE_WIN_IAT_PATCH_FUNCTION_H_
78