1// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "sandbox/win/sandbox_poc/pocdll/exports.h" 6#include "sandbox/win/sandbox_poc/pocdll/utils.h" 7 8// This file contains the tests used to verify the security of the registry. 9 10// Tries to open the key hive\path and outputs the result. 11// "output" is the stream used for logging. 12void TryOpenKey(const HKEY hive, 13 const wchar_t* hive_name, 14 const wchar_t* path, 15 FILE* output) { 16 HKEY key; 17 LONG err_code = ::RegOpenKeyEx(hive, 18 path, 19 0, // Reserved, must be 0. 20 MAXIMUM_ALLOWED, 21 &key); 22 if (ERROR_SUCCESS == err_code) { 23 fprintf(output, 24 "[GRANTED] Opening key \"%S\\%S\". Handle 0x%p\r\n", 25 hive_name, 26 path, 27 key); 28 ::RegCloseKey(key); 29 } else { 30 fprintf(output, 31 "[BLOCKED] Opening key \"%S\\%S\". Error %ld\r\n", 32 hive_name, 33 path, 34 err_code); 35 } 36} 37 38void POCDLL_API TestRegistry(HANDLE log) { 39 HandleToFile handle2file; 40 FILE *output = handle2file.Translate(log, "w"); 41 42 TryOpenKey(HKEY_LOCAL_MACHINE, L"HKEY_LOCAL_MACHINE", NULL, output); 43 TryOpenKey(HKEY_CURRENT_USER, L"HKEY_CURRENT_USER", NULL, output); 44 TryOpenKey(HKEY_USERS, L"HKEY_USERS", NULL, output); 45 TryOpenKey(HKEY_LOCAL_MACHINE, 46 L"HKEY_LOCAL_MACHINE", 47 L"Software\\Microsoft\\Windows NT\\CurrentVersion\\WinLogon", 48 output); 49} 50