breakpad/linux/minidump_writer.cc - Issue 119249: Linux: Dumping a renderer can traverse an invalid pointer.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: breakpad/linux/minidump_writer.cc

Issue 119249: Linux: Dumping a renderer can traverse an invalid pointer. (Closed)

Patch Set: Created 11 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: breakpad/linux/minidump_writer.cc

diff --git a/breakpad/linux/minidump_writer.cc b/breakpad/linux/minidump_writer.cc

index fbec6bd342b7b9db63856538731c95c1db12392f..2a93347f3930e89ea9d139d6c058a11de095bab1 100644

--- a/breakpad/linux/minidump_writer.cc

+++ b/breakpad/linux/minidump_writer.cc

@@ -147,9 +147,9 @@ static void CPUFillFromThreadInfo(MDRawContextX86 *out,

// Juggle an x86 ucontext into minidump format

// out: the minidump structure

// info: the collection of register structures.

-static void CPUFillFromUContext(MDRawContextX86 *out, const ucontext *uc) {

+static void CPUFillFromUContext(MDRawContextX86 *out, const ucontext *uc,

+ const struct _libc_fpstate* fp) {

const greg_t* regs = uc->uc_mcontext.gregs;

- const fpregset_t fp = uc->uc_mcontext.fpregs;

out->context_flags = MD_CONTEXT_X86_FULL |

MD_CONTEXT_X86_FLOATING_POINT;

@@ -247,9 +247,9 @@ static void CPUFillFromThreadInfo(MDRawContextAMD64 *out,

memcpy(&out->flt_save.xmm_registers, &info.fpregs.xmm_space, 16 * 16);

}

-static void CPUFillFromUContext(MDRawContextAMD64 *out, const ucontext *uc) {

+static void CPUFillFromUContext(MDRawContextAMD64 *out, const ucontext *uc,

+ const struct _libc_fpstate* fpregs) {

const greg_t* regs = uc->gregs;

- const fpregset_t fpregs = uc->fpregs;

out->context_flags = MD_CONTEXT_AMD64_FULL;

@@ -308,6 +308,7 @@ class MinidumpWriter {

: filename_(filename),

siginfo_(&context->siginfo),

ucontext_(&context->context),

+ float_state_(&context->float_state),

crashing_tid_(context->tid),

dumper_(crashing_pid) {

}

@@ -440,7 +441,7 @@ class MinidumpWriter {

if (!cpu.Allocate())

return false;

my_memset(cpu.get(), 0, sizeof(RawContextCPU));

- CPUFillFromUContext(cpu.get(), ucontext_);

+ CPUFillFromUContext(cpu.get(), ucontext_, float_state_);

thread.thread_context = cpu.location();

crashing_thread_context_ = cpu.location();

} else {

@@ -675,6 +676,7 @@ class MinidumpWriter {

const char* const filename_; // output filename

const siginfo_t* const siginfo_; // from the signal handler (see sigaction)

const struct ucontext* const ucontext_; // also from the signal handler

+ const struct _libc_fpstate* const float_state_; // ditto

const pid_t crashing_tid_; // the process which actually crashed

LinuxDumper dumper_;

MinidumpFileWriter minidump_writer_;

« no previous file with comments | « breakpad/linux/exception_handler.cc ('k') | no next file » | no next file with comments »