| blob | bcec7a37661fdb231f1627cb63d79677b3d4502c |
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
18 }
24 }
30 SANDBOX_INTERCEPT NtExports g_nt;
32 // Note: The opcodes are implemented as functions (as opposed to classes derived
33 // from PolicyOpcode) because you should not add more member variables to the
34 // PolicyOpcode class since it would cause object slicing on the target. So to
35 // enforce that (instead of just trusting the developer) the opcodes became
36 // just functions.
37 //
38 // In the code that follows I have keep the evaluation function and the factory
39 // function together to stress the close relationship between both. For example,
40 // only the factory method and the evaluation function know the stored argument
41 // order and meaning.
47 //////////////////////////////////////////////////////////////////////////////
48 // Opcode OpAlwaysFalse:
49 // Does not require input parameter.
53 }
63 }
65 //////////////////////////////////////////////////////////////////////////////
66 // Opcode OpAlwaysTrue:
67 // Does not require input parameter.
71 }
81 }
83 //////////////////////////////////////////////////////////////////////////////
84 // Opcode OpAction:
85 // Does not require input parameter.
86 // Argument 0 contains the actual action to return.
89 uint32 options) {
94 }
105 }
107 //////////////////////////////////////////////////////////////////////////////
108 // Opcode OpNumberMatch:
109 // Requires a uint32 or void* in selected_param
110 // Argument 0 is the stored number to match.
111 // Argument 1 is the C++ type of the 0th argument.
114 uint32 match,
115 uint32 options) {
121 }
125 uint32 options) {
131 }
149 }
150 }
152 }
154 //////////////////////////////////////////////////////////////////////////////
155 // Opcode OpNumberMatchRange
156 // Requires a uint32 in selected_param.
157 // Argument 0 is the stored lower bound to match.
158 // Argument 1 is the stored upper bound to match.
161 uint32 lower_bound,
162 uint32 upper_bound,
163 uint32 options) {
166 }
168 selected_param);
173 }
189 }
191 //////////////////////////////////////////////////////////////////////////////
192 // Opcode OpNumberAndMatch:
193 // Requires a uint32 in selected_param.
194 // Argument 0 is the stored number to match.
197 uint32 match,
198 uint32 options) {
203 }
216 }
218 //////////////////////////////////////////////////////////////////////////////
219 // Opcode OpWStringMatch:
220 // Requires a wchar_t* in selected_param.
221 // Argument 0 is the byte displacement of the stored string.
222 // Argument 1 is the lenght in chars of the stored string.
223 // Argument 2 is the offset to apply on the input string. It has special values.
224 // as noted in the header file.
225 // Argument 3 is the string matching options.
230 StringMatchOptions match_opts,
231 uint32 options) {
234 }
237 }
244 }
248 }
254 }
262 }
274 // Advance the source string to the last successfully evaluated position
275 // according to the match context.
280 // If we reached the end of the source string there is nothing we can
281 // match against.
283 }
285 // There can't be a positive match when the target string is bigger than
286 // the source string
288 }
292 // We have three cases, depending on the value of start_pos:
293 // Case 1. We skip N characters and compare once.
294 // Case 2: We skip to the end and compare once.
295 // Case 3: We match the first substring (if we find any).
300 // A sub-case of case 3 is when the EXACT_LENGHT flag is on
301 // the match needs to be not just substring but full match.
304 }
305 }
307 // Advance start_pos characters. Warning! this does not consider
308 // utf16 encodings (surrogate pairs) or other Unicode 'features'.
311 // Since we skipped, lets reevaluate just the lengths again.
314 }
316 UNICODE_STRING match_ustr;
317 UNICODE_STRING source_ustr;
323 case_sensitive)) {
324 // Match! update the match context.
329 }
331 UNICODE_STRING match_ustr;
332 UNICODE_STRING source_ustr;
339 case_sensitive)) {
340 // Match! update the match context.
343 }
347 }
349 }
351 //////////////////////////////////////////////////////////////////////////////
352 // OpcodeMaker (other member functions).
355 uint32 options,
356 int16 selected_param) {
359 }
361 // Create opcode using placement-new on the buffer memory.
364 // Fill in the standard fields, that every opcode has.
370 }
377 }
380 // TODO(cpu) replace this for something better.
382 }
386 }
388 //////////////////////////////////////////////////////////////////////////////
389 // Opcode evaluation dispatchers.
391 // This function is the one and only entry for evaluating any opcode. It is
392 // in charge of applying any relevant opcode options and calling EvaluateInner
393 // were the actual dispatch-by-id is made. It would seem at first glance that
394 // the dispatch should be done by virtual function (vtable) calls but you have
395 // to remember that the opcodes are made in the broker process and copied as
396 // raw memory to the target process.
402 }
407 }
409 }
412 // Apply the general options regardless of the particular type of opcode.
415 }
424 }
425 }
429 }
432 }
433 }
435 }
437 #define OPCODE_EVAL(op, x, y, z) case op: return OpcodeEval<op>(x, y, z)
451 }
452 }
454 #undef OPCODE_EVAL