Home | History | Annotate | Download | only in sidestep 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 // Definition of PreamblePatcher
      6 
      7 #ifndef SANDBOX_SRC_SIDESTEP_PREAMBLE_PATCHER_H__
      8 #define SANDBOX_SRC_SIDESTEP_PREAMBLE_PATCHER_H__
      9 
     10 #include <stddef.h>
     11 
     12 namespace sidestep {
     13 
     14 // Maximum size of the preamble stub. We overwrite at least the first 5
     15 // bytes of the function. Considering the worst case scenario, we need 4
     16 // bytes + the max instruction size + 5 more bytes for our jump back to
     17 // the original code. With that in mind, 32 is a good number :)
     18 const size_t kMaxPreambleStubSize = 32;
     19 
     20 // Possible results of patching/unpatching
     21 enum SideStepError {
     22   SIDESTEP_SUCCESS = 0,
     23   SIDESTEP_INVALID_PARAMETER,
     24   SIDESTEP_INSUFFICIENT_BUFFER,
     25   SIDESTEP_JUMP_INSTRUCTION,
     26   SIDESTEP_FUNCTION_TOO_SMALL,
     27   SIDESTEP_UNSUPPORTED_INSTRUCTION,
     28   SIDESTEP_NO_SUCH_MODULE,
     29   SIDESTEP_NO_SUCH_FUNCTION,
     30   SIDESTEP_ACCESS_DENIED,
     31   SIDESTEP_UNEXPECTED,
     32 };
     33 
     34 // Implements a patching mechanism that overwrites the first few bytes of
     35 // a function preamble with a jump to our hook function, which is then
     36 // able to call the original function via a specially-made preamble-stub
     37 // that imitates the action of the original preamble.
     38 //
     39 // Note that there are a number of ways that this method of patching can
     40 // fail.  The most common are:
     41 //    - If there is a jump (jxx) instruction in the first 5 bytes of
     42 //    the function being patched, we cannot patch it because in the
     43 //    current implementation we do not know how to rewrite relative
     44 //    jumps after relocating them to the preamble-stub.  Note that
     45 //    if you really really need to patch a function like this, it
     46 //    would be possible to add this functionality (but at some cost).
     47 //    - If there is a return (ret) instruction in the first 5 bytes
     48 //    we cannot patch the function because it may not be long enough
     49 //    for the jmp instruction we use to inject our patch.
     50 //    - If there is another thread currently executing within the bytes
     51 //    that are copied to the preamble stub, it will crash in an undefined
     52 //    way.
     53 //
     54 // If you get any other error than the above, you're either pointing the
     55 // patcher at an invalid instruction (e.g. into the middle of a multi-
     56 // byte instruction, or not at memory containing executable instructions)
     57 // or, there may be a bug in the disassembler we use to find
     58 // instruction boundaries.
     59 class PreamblePatcher {
     60  public:
     61   // Patches target_function to point to replacement_function using a provided
     62   // preamble_stub of stub_size bytes.
     63   // Returns An error code indicating the result of patching.
     64   template <class T>
     65   static SideStepError Patch(T target_function, T replacement_function,
     66                              void* preamble_stub, size_t stub_size) {
     67     return RawPatchWithStub(target_function, replacement_function,
     68                             reinterpret_cast<unsigned char*>(preamble_stub),
     69                             stub_size, NULL);
     70   }
     71 
     72  private:
     73 
     74   // Patches a function by overwriting its first few bytes with
     75   // a jump to a different function.  This is similar to the RawPatch
     76   // function except that it uses the stub allocated by the caller
     77   // instead of allocating it.
     78   //
     79   // To use this function, you first have to call VirtualProtect to make the
     80   // target function writable at least for the duration of the call.
     81   //
     82   // target_function: A pointer to the function that should be
     83   // patched.
     84   //
     85   // replacement_function: A pointer to the function that should
     86   // replace the target function.  The replacement function must have
     87   // exactly the same calling convention and parameters as the original
     88   // function.
     89   //
     90   // preamble_stub: A pointer to a buffer where the preamble stub
     91   // should be copied. The size of the buffer should be sufficient to
     92   // hold the preamble bytes.
     93   //
     94   // stub_size: Size in bytes of the buffer allocated for the
     95   // preamble_stub
     96   //
     97   // bytes_needed: Pointer to a variable that receives the minimum
     98   // number of bytes required for the stub.  Can be set to NULL if you're
     99   // not interested.
    100   //
    101   // Returns An error code indicating the result of patching.
    102   static SideStepError RawPatchWithStub(void* target_function,
    103                                         void *replacement_function,
    104                                         unsigned char* preamble_stub,
    105                                         size_t stub_size,
    106                                         size_t* bytes_needed);
    107 };
    108 
    109 };  // namespace sidestep
    110 
    111 #endif  // SANDBOX_SRC_SIDESTEP_PREAMBLE_PATCHER_H__
    112