win/src/win_utils.h - chromium/src/sandbox - Git at Google

 // Copyright 2006-2010 The Chromium Authors
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef SANDBOX_WIN_SRC_WIN_UTILS_H_
 #define SANDBOX_WIN_SRC_WIN_UTILS_H_

 #include <stdlib.h>

 #include <map>
 #include <memory>
 #include <string>
 #include <vector>

 #include <optional>
 #include "base/win/windows_types.h"

 namespace sandbox {

 // Prefix for path used by NT calls.
 const wchar_t kNTPrefix[] = L"\\??\\";
 const size_t kNTPrefixLen = std::size(kNTPrefix) - 1;

 const wchar_t kNTDevicePrefix[] = L"\\Device\\";
 const size_t kNTDevicePrefixLen = std::size(kNTDevicePrefix) - 1;

 // List of handles mapped to their kernel object type name.
 using ProcessHandleMap = std::map<std::wstring, std::vector<HANDLE>>;

 // Basic implementation of a singleton which calls the destructor
 // when the exe is shutting down or the DLL is being unloaded.
 template <typename Derived>
 class SingletonBase {
  public:
   static Derived* GetInstance() {
     static Derived* instance = nullptr;
     if (!instance) {
       instance = new Derived();
       // Microsoft CRT extension. In an exe this this called after
       // winmain returns, in a dll is called in DLL_PROCESS_DETACH
       _onexit(OnExit);
     }
     return instance;
   }

  private:
   // this is the function that gets called by the CRT when the
   // process is shutting down.
   static int __cdecl OnExit() {
     delete GetInstance();
     return 0;
   }
 };

 // Convert a short path (C:\path~1 or \\??\\c:\path~1) to the long version of
 // the path. If the path is not a valid filesystem path, the function returns
 // false and argument is not modified.
 // - If passing in a short native device path (\Device\HarddiskVolumeX\path~1),
 //   a drive letter string (c:\) must also be provided.
 bool ConvertToLongPath(std::wstring* path,
                        const std::wstring* drive_letter = nullptr);

 // Returns ERROR_SUCCESS if the path contains a reparse point,
 // ERROR_NOT_A_REPARSE_POINT if there's no reparse point in this path, or an
 // error code when the function fails.
 // This function is not smart. It looks for each element in the path and
 // returns true if any of them is a reparse point.
 DWORD IsReparsePoint(const std::wstring& full_path);

 // Returns true if the handle corresponds to the object pointed by this path.
 bool SameObject(HANDLE handle, const wchar_t* full_path);

 // Resolves a handle to an nt path or nullopt if the path cannot be resolved.
 std::optional<std::wstring> GetPathFromHandle(HANDLE handle);

 // Resolves a win32 path to an nt path using GetPathFromHandle. The path must
 // exist. Returns the path if the translation was successful.
 std::optional<std::wstring> GetNtPathFromWin32Path(const std::wstring& path);

 // Resolves a handle to its type name. Returns the typename if successful.
 std::optional<std::wstring> GetTypeNameFromHandle(HANDLE handle);

 // Resolves a user-readable registry path to a system-readable registry path.
 // For example, HKEY_LOCAL_MACHINE\\Software\\microsoft is translated to
 // \\registry\\machine\\software\\microsoft. Returns nullopt if the path
 // cannot be resolved.
 std::optional<std::wstring> ResolveRegistryName(std::wstring name);

 // Allocates |buffer_bytes| in child (PAGE_READWRITE) and copies data
 // from |local_buffer| in this process into |child|. |remote_buffer|
 // contains the address in the chile.  If a zero byte copy is
 // requested |true| is returned and no allocation or copying is
 // attempted.  Returns false if allocation or copying fails. If
 // copying fails, the allocation will be reversed.
 bool CopyToChildMemory(HANDLE child,
                        const void* local_buffer,
                        size_t buffer_bytes,
                        void** remote_buffer);

 // Returns true if the provided path points to a pipe.
 bool IsPipe(const std::wstring& path);

 // Converts a NTSTATUS code to a Win32 error code.
 DWORD GetLastErrorFromNtStatus(NTSTATUS status);

 // Returns the address of the main exe module in memory taking in account
 // address space layout randomization. This uses the process' PEB to extract
 // the base address. This should only be called on new, suspended processes.
 void* GetProcessBaseAddress(HANDLE process);

 // Returns a map of handles open in the current process. The map is keyed by the
 // kernel object type name. If querying the handles fails an empty optional
 // value is returned. Note that unless all threads are suspended in the process
 // the valid handles could change between the return of the list and when you
 // use them.
 std::optional<ProcessHandleMap> GetCurrentProcessHandles();

 }  // namespace sandbox

 // Resolves a function name in NTDLL to a function pointer. The second parameter
 // is a pointer to the function pointer.
 void ResolveNTFunctionPtr(const char* name, void* ptr);

 #endif  // SANDBOX_WIN_SRC_WIN_UTILS_H_
	// Copyright 2006-2010 The Chromium Authors
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef SANDBOX_WIN_SRC_WIN_UTILS_H_
	#define SANDBOX_WIN_SRC_WIN_UTILS_H_

	#include <stdlib.h>

	#include <map>
	#include <memory>
	#include <string>
	#include <vector>

	#include <optional>
	#include "base/win/windows_types.h"

	namespace sandbox {

	// Prefix for path used by NT calls.
	const wchar_t kNTPrefix[] = L"\\??\\";
	const size_t kNTPrefixLen = std::size(kNTPrefix) - 1;

	const wchar_t kNTDevicePrefix[] = L"\\Device\\";
	const size_t kNTDevicePrefixLen = std::size(kNTDevicePrefix) - 1;

	// List of handles mapped to their kernel object type name.
	using ProcessHandleMap = std::map<std::wstring, std::vector<HANDLE>>;

	// Basic implementation of a singleton which calls the destructor
	// when the exe is shutting down or the DLL is being unloaded.
	template <typename Derived>
	class SingletonBase {
	public:
	static Derived* GetInstance() {
	static Derived* instance = nullptr;
	if (!instance) {
	instance = new Derived();
	// Microsoft CRT extension. In an exe this this called after
	// winmain returns, in a dll is called in DLL_PROCESS_DETACH
	_onexit(OnExit);
	}
	return instance;
	}

	private:
	// this is the function that gets called by the CRT when the
	// process is shutting down.
	static int __cdecl OnExit() {
	delete GetInstance();
	return 0;
	}
	};

	// Convert a short path (C:\path~1 or \\??\\c:\path~1) to the long version of
	// the path. If the path is not a valid filesystem path, the function returns
	// false and argument is not modified.
	// - If passing in a short native device path (\Device\HarddiskVolumeX\path~1),
	// a drive letter string (c:\) must also be provided.
	bool ConvertToLongPath(std::wstring* path,
	const std::wstring* drive_letter = nullptr);

	// Returns ERROR_SUCCESS if the path contains a reparse point,
	// ERROR_NOT_A_REPARSE_POINT if there's no reparse point in this path, or an
	// error code when the function fails.
	// This function is not smart. It looks for each element in the path and
	// returns true if any of them is a reparse point.
	DWORD IsReparsePoint(const std::wstring& full_path);

	// Returns true if the handle corresponds to the object pointed by this path.
	bool SameObject(HANDLE handle, const wchar_t* full_path);

	// Resolves a handle to an nt path or nullopt if the path cannot be resolved.
	std::optional<std::wstring> GetPathFromHandle(HANDLE handle);

	// Resolves a win32 path to an nt path using GetPathFromHandle. The path must
	// exist. Returns the path if the translation was successful.
	std::optional<std::wstring> GetNtPathFromWin32Path(const std::wstring& path);

	// Resolves a handle to its type name. Returns the typename if successful.
	std::optional<std::wstring> GetTypeNameFromHandle(HANDLE handle);

	// Resolves a user-readable registry path to a system-readable registry path.
	// For example, HKEY_LOCAL_MACHINE\\Software\\microsoft is translated to
	// \\registry\\machine\\software\\microsoft. Returns nullopt if the path
	// cannot be resolved.
	std::optional<std::wstring> ResolveRegistryName(std::wstring name);

	// Allocates \|buffer_bytes\| in child (PAGE_READWRITE) and copies data
	// from \|local_buffer\| in this process into \|child\|. \|remote_buffer\|
	// contains the address in the chile. If a zero byte copy is
	// requested \|true\| is returned and no allocation or copying is
	// attempted. Returns false if allocation or copying fails. If
	// copying fails, the allocation will be reversed.
	bool CopyToChildMemory(HANDLE child,
	const void* local_buffer,
	size_t buffer_bytes,
	void** remote_buffer);

	// Returns true if the provided path points to a pipe.
	bool IsPipe(const std::wstring& path);

	// Converts a NTSTATUS code to a Win32 error code.
	DWORD GetLastErrorFromNtStatus(NTSTATUS status);

	// Returns the address of the main exe module in memory taking in account
	// address space layout randomization. This uses the process' PEB to extract
	// the base address. This should only be called on new, suspended processes.
	void* GetProcessBaseAddress(HANDLE process);

	// Returns a map of handles open in the current process. The map is keyed by the
	// kernel object type name. If querying the handles fails an empty optional
	// value is returned. Note that unless all threads are suspended in the process
	// the valid handles could change between the return of the list and when you
	// use them.
	std::optional<ProcessHandleMap> GetCurrentProcessHandles();

	} // namespace sandbox

	// Resolves a function name in NTDLL to a function pointer. The second parameter
	// is a pointer to the function pointer.
	void ResolveNTFunctionPtr(const char* name, void* ptr);

	#endif // SANDBOX_WIN_SRC_WIN_UTILS_H_