Filenames are in my experience always erroneous. One of the great things that helps us prevent mistakes in programming is type-safety, the more type-safe you are it's likely you'll have fewer errors. But more importantly you'll also have early indications when something goes wrong. For example it's hard to cast to an type if the type itself doesn't even exists.
Sometimes it would be handy to disallow your code to access files/folders that aren't whitelisted. This could be handy in the case of console hardware and cross-platform libraries/code to limit the pc build to only have accessibility to the data repository that is also available to the foreign hardware. Which gives us the opportunity to have early warning indications on our emulation if our application violates the established boundaries.
So what we can do is introduce a broker. A broker is essentially nothing more than a layer between two layers usually User-code & Kernel-Code. This broker inspects the validity of the call and it either fakes an error, or executes the real call. This is what the code above does using a Microsoft research library named Detours.
Sometimes it would be handy to disallow your code to access files/folders that aren't whitelisted. This could be handy in the case of console hardware and cross-platform libraries/code to limit the pc build to only have accessibility to the data repository that is also available to the foreign hardware. Which gives us the opportunity to have early warning indications on our emulation if our application violates the established boundaries.
So what we can do is introduce a broker. A broker is essentially nothing more than a layer between two layers usually User-code & Kernel-Code. This broker inspects the validity of the call and it either fakes an error, or executes the real call. This is what the code above does using a Microsoft research library named Detours.
#include <stdio.h>
#include <windows.h>
#include "detours.h"
HANDLE (__stdcall * Real_CreateFile)( __in LPCTSTR lpFileName, __in DWORD dwDesiredAccess, __in DWORD dwShareMode,
__in_opt LPSECURITY_ATTRIBUTES lpSecurityAttributes, __in DWORD dwCreationDisposition, __in DWORD dwFlagsAndAttributes,
__in_opt HANDLE hTemplateFile)
= CreateFile;
HANDLE WINAPI RepositoryCreateFile( __in LPCTSTR lpFileName, __in DWORD dwDesiredAccess, __in DWORD dwShareMode,
__in_opt LPSECURITY_ATTRIBUTES lpSecurityAttributes, __in DWORD dwCreationDisposition, __in DWORD dwFlagsAndAttributes,
__in_opt HANDLE hTemplateFile )
{
char pathname[_MAX_PATH];
GetFullPathNameA(lpFileName, sizeof(pathname), pathname, 0);
const char* control = "c:UsersPhr34kDesktopAuroraToolsDetoursTest";
int value = strncmp(pathname, control, strlen(control));
if( value == 0x0 ) {
HANDLE result = Real_CreateFile( lpFileName, dwDesiredAccess, dwShareMode, lpSecurityAttributes, dwCreationDisposition, dwFlagsAndAttributes, hTemplateFile);
return result;
}
else {
return INVALID_HANDLE_VALUE;
}
}
void main()
{
LONG error;
DetourRestoreAfterWith();
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)Real_CreateFile, RepositoryCreateFile);
error = DetourTransactionCommit();
HANDLE hFile = CreateFile(TEXT("ONE.TXT"), GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)Real_CreateFile, RepositoryCreateFile);
error = DetourTransactionCommit();
getchar();
}
Comments
Post a Comment