Home | History | Annotate | Download | only in wow_helper 
      1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef SANDBOX_WOW_HELPER_SERVICE64_RESOLVER_H__
      6 #define SANDBOX_WOW_HELPER_SERVICE64_RESOLVER_H__
      7 
      8 #include "sandbox/win/src/nt_internals.h"
      9 #include "sandbox/win/src/resolver.h"
     10 
     11 namespace sandbox {
     12 
     13 // This is the concrete resolver used to perform service-call type functions
     14 // inside ntdll.dll (64-bit).
     15 class Service64ResolverThunk : public ResolverThunk {
     16  public:
     17   // The service resolver needs a child process to write to.
     18   explicit Service64ResolverThunk(HANDLE process)
     19       : process_(process), ntdll_base_(NULL) {}
     20   virtual ~Service64ResolverThunk() {}
     21 
     22   // Implementation of Resolver::Setup.
     23   virtual NTSTATUS Setup(const void* target_module,
     24                          const void* interceptor_module,
     25                          const char* target_name,
     26                          const char* interceptor_name,
     27                          const void* interceptor_entry_point,
     28                          void* thunk_storage,
     29                          size_t storage_bytes,
     30                          size_t* storage_used);
     31 
     32   // Implementation of Resolver::ResolveInterceptor.
     33   virtual NTSTATUS ResolveInterceptor(const void* module,
     34                                       const char* function_name,
     35                                       const void** address);
     36 
     37   // Implementation of Resolver::ResolveTarget.
     38   virtual NTSTATUS ResolveTarget(const void* module,
     39                                  const char* function_name,
     40                                  void** address);
     41 
     42   // Implementation of Resolver::GetThunkSize.
     43   virtual size_t GetThunkSize() const;
     44 
     45  protected:
     46   // The unit test will use this member to allow local patch on a buffer.
     47   HMODULE ntdll_base_;
     48 
     49   // Handle of the child process.
     50   HANDLE process_;
     51 
     52  private:
     53   // Returns true if the code pointer by target_ corresponds to the expected
     54   // type of function. Saves that code on the first part of the thunk pointed
     55   // by local_thunk (should be directly accessible from the parent).
     56   virtual bool IsFunctionAService(void* local_thunk) const;
     57 
     58   // Performs the actual patch of target_.
     59   // local_thunk must be already fully initialized, and the first part must
     60   // contain the original code. The real type of this buffer is ServiceFullThunk
     61   // (yes, private). remote_thunk (real type ServiceFullThunk), must be
     62   // allocated on the child, and will contain the thunk data, after this call.
     63   // Returns the apropriate status code.
     64   virtual NTSTATUS PerformPatch(void* local_thunk, void* remote_thunk);
     65 
     66   DISALLOW_COPY_AND_ASSIGN(Service64ResolverThunk);
     67 };
     68 
     69 }  // namespace sandbox
     70 
     71 
     72 #endif  // SANDBOX_WOW_HELPER_SERVICE64_RESOLVER_H__
     73