sandbox/win/sandbox_poc/pocdll/registry.cc

   1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "sandbox/win/sandbox_poc/pocdll/exports.h"
   6 #include "sandbox/win/sandbox_poc/pocdll/utils.h"
   7
   8 // This file contains the tests used to verify the security of the registry.
   9
  10 // Converts an HKEY to a string. This is using the lazy way and works only
  11 // for the main hives.
  12 // "key" is the hive to convert to string.
  13 // The return value is the string corresponding to the hive or "unknown"
  14 const wchar_t *HKEYToString(const HKEY key) {
  15   switch (reinterpret_cast<LONG_PTR>(key)) {
  16     case HKEY_CLASSES_ROOT:
  17       return L"HKEY_CLASSES_ROOT";
  18     case HKEY_CURRENT_CONFIG:
  19       return L"HKEY_CURRENT_CONFIG";
  20     case HKEY_CURRENT_USER:
  21       return L"HKEY_CURRENT_USER";
  22     case HKEY_LOCAL_MACHINE:
  23       return L"HKEY_LOCAL_MACHINE";
  24     case HKEY_USERS:
  25       return L"HKEY_USERS";
  26   }
  27   return L"unknown";
  28 }
  29
  30 // Tries to open the key hive\path and outputs the result.
  31 // "output" is the stream used for logging.
  32 void TryOpenKey(const HKEY hive, const wchar_t *path, FILE *output) {
  33   HKEY key;
  34   LONG err_code = ::RegOpenKeyEx(hive,
  35                                  path,
  36                                  0,  // Reserved, must be 0.
  37                                  MAXIMUM_ALLOWED,
  38                                  &key);
  39   if (ERROR_SUCCESS == err_code) {
  40     fprintf(output, "[GRANTED] Opening key \"%S\\%S\". Handle 0x%p\r\n",
  41             HKEYToString(hive),
  42             path,
  43             key);
  44     ::RegCloseKey(key);
  45   } else {
  46     fprintf(output, "[BLOCKED] Opening key \"%S\\%S\". Error %d\r\n",
  47             HKEYToString(hive),
  48             path,
  49             err_code);
  50   }
  51 }
  52
  53 void POCDLL_API TestRegistry(HANDLE log) {
  54   HandleToFile handle2file;
  55   FILE *output = handle2file.Translate(log, "w");
  56
  57   TryOpenKey(HKEY_LOCAL_MACHINE, NULL, output);
  58   TryOpenKey(HKEY_CURRENT_USER, NULL, output);
  59   TryOpenKey(HKEY_USERS, NULL, output);
  60   TryOpenKey(HKEY_LOCAL_MACHINE,
  61              L"Software\\Microsoft\\Windows NT\\CurrentVersion\\WinLogon",
  62              output);
  63 }