1 // Copyright (c) 2006-2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "sandbox/win/src/nt_internals.h" 6 #include "sandbox/win/src/sandbox_types.h" 7 8 #ifndef SANDBOX_SRC_PROCESS_THREAD_INTERCEPTION_H__ 9 #define SANDBOX_SRC_PROCESS_THREAD_INTERCEPTION_H__ 10 11 namespace sandbox { 12 13 extern "C" { 14 15 typedef BOOL (WINAPI *CreateProcessWFunction)( 16 LPCWSTR lpApplicationName, 17 LPWSTR lpCommandLine, 18 LPSECURITY_ATTRIBUTES lpProcessAttributes, 19 LPSECURITY_ATTRIBUTES lpThreadAttributes, 20 BOOL bInheritHandles, 21 DWORD dwCreationFlags, 22 LPVOID lpEnvironment, 23 LPCWSTR lpCurrentDirectory, 24 LPSTARTUPINFOW lpStartupInfo, 25 LPPROCESS_INFORMATION lpProcessInformation); 26 27 typedef BOOL (WINAPI *CreateProcessAFunction)( 28 LPCSTR lpApplicationName, 29 LPSTR lpCommandLine, 30 LPSECURITY_ATTRIBUTES lpProcessAttributes, 31 LPSECURITY_ATTRIBUTES lpThreadAttributes, 32 BOOL bInheritHandles, 33 DWORD dwCreationFlags, 34 LPVOID lpEnvironment, 35 LPCSTR lpCurrentDirectory, 36 LPSTARTUPINFOA lpStartupInfo, 37 LPPROCESS_INFORMATION lpProcessInformation); 38 39 typedef HANDLE (WINAPI *CreateThreadFunction)( 40 LPSECURITY_ATTRIBUTES lpThreadAttributes, 41 SIZE_T dwStackSize, 42 LPTHREAD_START_ROUTINE lpStartAddress, 43 PVOID lpParameter, 44 DWORD dwCreationFlags, 45 LPDWORD lpThreadId); 46 47 typedef LCID (WINAPI *GetUserDefaultLCIDFunction)(); 48 49 // Interception of NtOpenThread on the child process. 50 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenThread( 51 NtOpenThreadFunction orig_OpenThread, PHANDLE thread, 52 ACCESS_MASK desired_access, POBJECT_ATTRIBUTES object_attributes, 53 PCLIENT_ID client_id); 54 55 // Interception of NtOpenProcess on the child process. 56 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcess( 57 NtOpenProcessFunction orig_OpenProcess, PHANDLE process, 58 ACCESS_MASK desired_access, POBJECT_ATTRIBUTES object_attributes, 59 PCLIENT_ID client_id); 60 61 // Interception of NtOpenProcessToken on the child process. 62 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcessToken( 63 NtOpenProcessTokenFunction orig_OpenProcessToken, HANDLE process, 64 ACCESS_MASK desired_access, PHANDLE token); 65 66 // Interception of NtOpenProcessTokenEx on the child process. 67 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcessTokenEx( 68 NtOpenProcessTokenExFunction orig_OpenProcessTokenEx, HANDLE process, 69 ACCESS_MASK desired_access, ULONG handle_attributes, PHANDLE token); 70 71 // Interception of CreateProcessW and A in kernel32.dll. 72 SANDBOX_INTERCEPT BOOL WINAPI TargetCreateProcessW( 73 CreateProcessWFunction orig_CreateProcessW, LPCWSTR application_name, 74 LPWSTR command_line, LPSECURITY_ATTRIBUTES process_attributes, 75 LPSECURITY_ATTRIBUTES thread_attributes, BOOL inherit_handles, DWORD flags, 76 LPVOID environment, LPCWSTR current_directory, LPSTARTUPINFOW startup_info, 77 LPPROCESS_INFORMATION process_information); 78 79 SANDBOX_INTERCEPT BOOL WINAPI TargetCreateProcessA( 80 CreateProcessAFunction orig_CreateProcessA, LPCSTR application_name, 81 LPSTR command_line, LPSECURITY_ATTRIBUTES process_attributes, 82 LPSECURITY_ATTRIBUTES thread_attributes, BOOL inherit_handles, DWORD flags, 83 LPVOID environment, LPCSTR current_directory, LPSTARTUPINFOA startup_info, 84 LPPROCESS_INFORMATION process_information); 85 86 // Interception of CreateThread in kernel32.dll. 87 SANDBOX_INTERCEPT HANDLE WINAPI TargetCreateThread( 88 CreateThreadFunction orig_CreateThread, 89 LPSECURITY_ATTRIBUTES thread_attributes, SIZE_T stack_size, 90 LPTHREAD_START_ROUTINE start_address, PVOID parameter, 91 DWORD creation_flags, LPDWORD thread_id); 92 93 // Interception of GetUserDefaultLCID in kernel32.dll. 94 SANDBOX_INTERCEPT LCID WINAPI TargetGetUserDefaultLCID( 95 GetUserDefaultLCIDFunction orig_GetUserDefaultLCID); 96 97 } // extern "C" 98 99 } // namespace sandbox 100 101 #endif // SANDBOX_SRC_PROCESS_THREAD_INTERCEPTION_H__ 102
