Avi Drissman | 0987565 | 2022-09-15 20:03:19 | [diff] [blame] | 1 | // Copyright 2006-2010 The Chromium Authors |
license.bot | bf09a50 | 2008-08-24 00:55:55 | [diff] [blame] | 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
initial.commit | a814a8d5 | 2008-07-26 22:41:28 | [diff] [blame] | 4 | |
Lei Zhang | 21255d2 | 2021-04-23 19:17:24 | [diff] [blame] | 5 | #ifndef SANDBOX_WIN_SRC_WIN_UTILS_H_ |
| 6 | #define SANDBOX_WIN_SRC_WIN_UTILS_H_ |
initial.commit | a814a8d5 | 2008-07-26 22:41:28 | [diff] [blame] | 7 | |
James Forshaw | f928125c | 2021-11-19 23:43:12 | [diff] [blame] | 8 | #include <stdlib.h> |
| 9 | |
James Forshaw | 5ac0647 | 2021-12-22 13:07:38 | [diff] [blame] | 10 | #include <map> |
James Forshaw | e74d391 | 2019-10-03 19:48:05 | [diff] [blame] | 11 | #include <memory> |
initial.commit | a814a8d5 | 2008-07-26 22:41:28 | [diff] [blame] | 12 | #include <string> |
James Forshaw | 5ac0647 | 2021-12-22 13:07:38 | [diff] [blame] | 13 | #include <vector> |
brettw@chromium.org | 5672e5d | 2013-12-12 21:36:50 | [diff] [blame] | 14 | |
James Forshaw | f928125c | 2021-11-19 23:43:12 | [diff] [blame] | 15 | #include "base/win/windows_types.h" |
James Forshaw | 5ac0647 | 2021-12-22 13:07:38 | [diff] [blame] | 16 | #include "third_party/abseil-cpp/absl/types/optional.h" |
initial.commit | a814a8d5 | 2008-07-26 22:41:28 | [diff] [blame] | 17 | |
| 18 | namespace sandbox { |
| 19 | |
| 20 | // Prefix for path used by NT calls. |
| 21 | const wchar_t kNTPrefix[] = L"\\??\\"; |
Daniel Cheng | f42ae6c | 2022-02-27 01:07:34 | [diff] [blame] | 22 | const size_t kNTPrefixLen = std::size(kNTPrefix) - 1; |
initial.commit | a814a8d5 | 2008-07-26 22:41:28 | [diff] [blame] | 23 | |
rvargas | 0e49d02 | 2015-04-01 19:20:01 | [diff] [blame] | 24 | const wchar_t kNTDevicePrefix[] = L"\\Device\\"; |
Daniel Cheng | f42ae6c | 2022-02-27 01:07:34 | [diff] [blame] | 25 | const size_t kNTDevicePrefixLen = std::size(kNTDevicePrefix) - 1; |
cpu@chromium.org | a7cab94 | 2010-08-07 03:10:12 | [diff] [blame] | 26 | |
James Forshaw | 5ac0647 | 2021-12-22 13:07:38 | [diff] [blame] | 27 | // List of handles mapped to their kernel object type name. |
| 28 | using ProcessHandleMap = std::map<std::wstring, std::vector<HANDLE>>; |
| 29 | |
initial.commit | a814a8d5 | 2008-07-26 22:41:28 | [diff] [blame] | 30 | // Basic implementation of a singleton which calls the destructor |
| 31 | // when the exe is shutting down or the DLL is being unloaded. |
| 32 | template <typename Derived> |
| 33 | class SingletonBase { |
| 34 | public: |
| 35 | static Derived* GetInstance() { |
Will Harris | 0dbd918 | 2017-10-05 20:56:45 | [diff] [blame] | 36 | static Derived* instance = nullptr; |
| 37 | if (!instance) { |
initial.commit | a814a8d5 | 2008-07-26 22:41:28 | [diff] [blame] | 38 | instance = new Derived(); |
| 39 | // Microsoft CRT extension. In an exe this this called after |
| 40 | // winmain returns, in a dll is called in DLL_PROCESS_DETACH |
| 41 | _onexit(OnExit); |
| 42 | } |
| 43 | return instance; |
| 44 | } |
| 45 | |
| 46 | private: |
| 47 | // this is the function that gets called by the CRT when the |
| 48 | // process is shutting down. |
| 49 | static int __cdecl OnExit() { |
| 50 | delete GetInstance(); |
| 51 | return 0; |
| 52 | } |
| 53 | }; |
| 54 | |
| 55 | // Convert a short path (C:\path~1 or \\??\\c:\path~1) to the long version of |
| 56 | // the path. If the path is not a valid filesystem path, the function returns |
rvargas | b8fd739 | 2015-07-27 23:53:47 | [diff] [blame] | 57 | // false and argument is not modified. |
Penny MacNeil | 0a29c32 | 2017-08-09 17:16:41 | [diff] [blame] | 58 | // - If passing in a short native device path (\Device\HarddiskVolumeX\path~1), |
| 59 | // a drive letter string (c:\) must also be provided. |
Jan Wilken Dörrie | 4e88a3c | 2019-11-02 22:43:22 | [diff] [blame] | 60 | bool ConvertToLongPath(std::wstring* path, |
| 61 | const std::wstring* drive_letter = nullptr); |
initial.commit | a814a8d5 | 2008-07-26 22:41:28 | [diff] [blame] | 62 | |
rvargas | b8fd739 | 2015-07-27 23:53:47 | [diff] [blame] | 63 | // Returns ERROR_SUCCESS if the path contains a reparse point, |
| 64 | // ERROR_NOT_A_REPARSE_POINT if there's no reparse point in this path, or an |
| 65 | // error code when the function fails. |
initial.commit | a814a8d5 | 2008-07-26 22:41:28 | [diff] [blame] | 66 | // This function is not smart. It looks for each element in the path and |
| 67 | // returns true if any of them is a reparse point. |
Jan Wilken Dörrie | 4e88a3c | 2019-11-02 22:43:22 | [diff] [blame] | 68 | DWORD IsReparsePoint(const std::wstring& full_path); |
initial.commit | a814a8d5 | 2008-07-26 22:41:28 | [diff] [blame] | 69 | |
rvargas@google.com | 4f1f3d0 | 2010-01-27 19:20:42 | [diff] [blame] | 70 | // Returns true if the handle corresponds to the object pointed by this path. |
| 71 | bool SameObject(HANDLE handle, const wchar_t* full_path); |
| 72 | |
Alex Gough | 4f40d66 | 2022-11-29 23:35:13 | [diff] [blame] | 73 | // Resolves a handle to an nt path or nullopt if the path cannot be resolved. |
| 74 | absl::optional<std::wstring> GetPathFromHandle(HANDLE handle); |
initial.commit | a814a8d5 | 2008-07-26 22:41:28 | [diff] [blame] | 75 | |
cpu@chromium.org | a7cab94 | 2010-08-07 03:10:12 | [diff] [blame] | 76 | // Resolves a win32 path to an nt path using GetPathFromHandle. The path must |
Alex Gough | 4f40d66 | 2022-11-29 23:35:13 | [diff] [blame] | 77 | // exist. Returns the path if the translation was successful. |
| 78 | absl::optional<std::wstring> GetNtPathFromWin32Path(const std::wstring& path); |
cpu@chromium.org | a7cab94 | 2010-08-07 03:10:12 | [diff] [blame] | 79 | |
Alex Gough | 4f40d66 | 2022-11-29 23:35:13 | [diff] [blame] | 80 | // Resolves a handle to its type name. Returns the typename if successful. |
| 81 | absl::optional<std::wstring> GetTypeNameFromHandle(HANDLE handle); |
James Forshaw | 5a4e92c | 2021-12-21 10:55:18 | [diff] [blame] | 82 | |
initial.commit | a814a8d5 | 2008-07-26 22:41:28 | [diff] [blame] | 83 | // Resolves a user-readable registry path to a system-readable registry path. |
| 84 | // For example, HKEY_LOCAL_MACHINE\\Software\\microsoft is translated to |
Alex Gough | 4f40d66 | 2022-11-29 23:35:13 | [diff] [blame] | 85 | // \\registry\\machine\\software\\microsoft. Returns nullopt if the path |
initial.commit | a814a8d5 | 2008-07-26 22:41:28 | [diff] [blame] | 86 | // cannot be resolved. |
Alex Gough | 4f40d66 | 2022-11-29 23:35:13 | [diff] [blame] | 87 | absl::optional<std::wstring> ResolveRegistryName(std::wstring name); |
initial.commit | a814a8d5 | 2008-07-26 22:41:28 | [diff] [blame] | 88 | |
Alex Gough | e253792 | 2019-07-08 19:38:49 | [diff] [blame] | 89 | // Allocates |buffer_bytes| in child (PAGE_READWRITE) and copies data |
| 90 | // from |local_buffer| in this process into |child|. |remote_buffer| |
| 91 | // contains the address in the chile. If a zero byte copy is |
| 92 | // requested |true| is returned and no allocation or copying is |
| 93 | // attempted. Returns false if allocation or copying fails. If |
| 94 | // copying fails, the allocation will be reversed. |
| 95 | bool CopyToChildMemory(HANDLE child, |
| 96 | const void* local_buffer, |
| 97 | size_t buffer_bytes, |
| 98 | void** remote_buffer); |
| 99 | |
forshaw | 14976c1 | 2014-12-18 11:54:31 | [diff] [blame] | 100 | // Returns true if the provided path points to a pipe. |
Jan Wilken Dörrie | 4e88a3c | 2019-11-02 22:43:22 | [diff] [blame] | 101 | bool IsPipe(const std::wstring& path); |
forshaw | 14976c1 | 2014-12-18 11:54:31 | [diff] [blame] | 102 | |
forshaw | eca72db | 2016-05-05 20:11:14 | [diff] [blame] | 103 | // Converts a NTSTATUS code to a Win32 error code. |
| 104 | DWORD GetLastErrorFromNtStatus(NTSTATUS status); |
| 105 | |
forshaw | cd115ae | 2016-09-08 20:25:46 | [diff] [blame] | 106 | // Returns the address of the main exe module in memory taking in account |
James Forshaw | f398005 | 2017-08-15 09:29:46 | [diff] [blame] | 107 | // address space layout randomization. This uses the process' PEB to extract |
| 108 | // the base address. This should only be called on new, suspended processes. |
forshaw | cd115ae | 2016-09-08 20:25:46 | [diff] [blame] | 109 | void* GetProcessBaseAddress(HANDLE process); |
| 110 | |
Alex Gough | 665e875 | 2023-01-25 01:29:37 | [diff] [blame] | 111 | // Returns a map of handles open in the current process. The map is keyed by the |
| 112 | // kernel object type name. If querying the handles fails an empty optional |
| 113 | // value is returned. Note that unless all threads are suspended in the process |
| 114 | // the valid handles could change between the return of the list and when you |
| 115 | // use them. |
James Forshaw | 5ac0647 | 2021-12-22 13:07:38 | [diff] [blame] | 116 | absl::optional<ProcessHandleMap> GetCurrentProcessHandles(); |
| 117 | |
initial.commit | a814a8d5 | 2008-07-26 22:41:28 | [diff] [blame] | 118 | } // namespace sandbox |
| 119 | |
| 120 | // Resolves a function name in NTDLL to a function pointer. The second parameter |
| 121 | // is a pointer to the function pointer. |
| 122 | void ResolveNTFunctionPtr(const char* name, void* ptr); |
| 123 | |
Lei Zhang | 21255d2 | 2021-04-23 19:17:24 | [diff] [blame] | 124 | #endif // SANDBOX_WIN_SRC_WIN_UTILS_H_ |