Home | History | Annotate | Download | only in src 
      1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 // Defines ResolverThunk, the interface for classes that perform interceptions.
      6 // For more details see
      7 // http://dev.chromium.org/developers/design-documents/sandbox .
      8 
      9 #include "base/basictypes.h"
     10 #include "sandbox/win/src/nt_internals.h"
     11 
     12 #ifndef SANDBOX_SRC_RESOLVER_H__
     13 #define SANDBOX_SRC_RESOLVER_H__
     14 
     15 namespace sandbox {
     16 
     17 // A resolver is the object in charge of performing the actual interception of
     18 // a function. There should be a concrete implementation of a resolver roughly
     19 // per type of interception.
     20 class ResolverThunk {
     21  public:
     22   ResolverThunk() {}
     23   virtual ~ResolverThunk() {}
     24 
     25   // Performs the actual interception of a function.
     26   // target_name is an exported function from the module loaded at
     27   // target_module, and must be replaced by interceptor_name, exported from
     28   // interceptor_module. interceptor_entry_point can be provided instead of
     29   // interceptor_name / interceptor_module.
     30   // thunk_storage must point to a buffer on the child's address space, to hold
     31   // the patch thunk, and related data. If provided, storage_used will receive
     32   // the number of bytes used from thunk_storage.
     33   //
     34   // Example: (without error checking)
     35   //
     36   // size_t size = resolver.GetThunkSize();
     37   // char* buffer = ::VirtualAllocEx(child_process, NULL, size,
     38   //                                 MEM_COMMIT, PAGE_READWRITE);
     39   // resolver.Setup(ntdll_module, NULL, L"NtCreateFile", NULL,
     40   //                &MyReplacementFunction, buffer, size, NULL);
     41   //
     42   // In general, the idea is to allocate a single big buffer for all
     43   // interceptions on the same dll, and call Setup n times.
     44   // WARNING: This means that any data member that is specific to a single
     45   // interception must be reset within this method.
     46   virtual NTSTATUS Setup(const void* target_module,
     47                          const void* interceptor_module,
     48                          const char* target_name,
     49                          const char* interceptor_name,
     50                          const void* interceptor_entry_point,
     51                          void* thunk_storage,
     52                          size_t storage_bytes,
     53                          size_t* storage_used) = 0;
     54 
     55   // Gets the address of function_name inside module (main exe).
     56   virtual NTSTATUS ResolveInterceptor(const void* module,
     57                                       const char* function_name,
     58                                       const void** address);
     59 
     60   // Gets the address of an exported function_name inside module.
     61   virtual NTSTATUS ResolveTarget(const void* module,
     62                                  const char* function_name,
     63                                  void** address);
     64 
     65   // Gets the required buffer size for this type of thunk.
     66   virtual size_t GetThunkSize() const = 0;
     67 
     68  protected:
     69   // Performs basic initialization on behalf of a concrete instance of a
     70   // resolver. That is, parameter validation and resolution of the target
     71   // and the interceptor into the member variables.
     72   //
     73   // target_name is an exported function from the module loaded at
     74   // target_module, and must be replaced by interceptor_name, exported from
     75   // interceptor_module. interceptor_entry_point can be provided instead of
     76   // interceptor_name / interceptor_module.
     77   // thunk_storage must point to a buffer on the child's address space, to hold
     78   // the patch thunk, and related data.
     79   virtual NTSTATUS Init(const void* target_module,
     80                         const void* interceptor_module,
     81                         const char* target_name,
     82                         const char* interceptor_name,
     83                         const void* interceptor_entry_point,
     84                         void* thunk_storage,
     85                         size_t storage_bytes);
     86 
     87   // Gets the required buffer size for the internal part of the thunk.
     88   size_t GetInternalThunkSize() const;
     89 
     90   // Initializes the internal part of the thunk.
     91   // interceptor is the function to be called instead of original_function.
     92   bool SetInternalThunk(void* storage, size_t storage_bytes,
     93                         const void* original_function, const void* interceptor);
     94 
     95   // Holds the resolved interception target.
     96   void* target_;
     97   // Holds the resolved interception interceptor.
     98   const void* interceptor_;
     99 
    100   DISALLOW_COPY_AND_ASSIGN(ResolverThunk);
    101 };
    102 
    103 }  // namespace sandbox
    104 
    105 #endif  // SANDBOX_SRC_RESOLVER_H__
    106