Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(186)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/processor/exploitability_win.cc

Issue 1210943005: Use general instruction/stack pointer convenience method instead of manually (Closed) Base URL: http://google-breakpad.googlecode.com/svn/trunk/
Patch Set: Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « src/processor/exploitability_linux.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 Google Inc. 1 // Copyright (c) 2010 Google Inc.
2 // All rights reserved. 2 // All rights reserved.
3 // 3 //
4 // Redistribution and use in source and binary forms, with or without 4 // Redistribution and use in source and binary forms, with or without
5 // modification, are permitted provided that the following conditions are 5 // modification, are permitted provided that the following conditions are
6 // met: 6 // met:
7 // 7 //
8 // * Redistributions of source code must retain the above copyright 8 // * Redistributions of source code must retain the above copyright
9 // notice, this list of conditions and the following disclaimer. 9 // notice, this list of conditions and the following disclaimer.
10 // * Redistributions in binary form must reproduce the above 10 // * Redistributions in binary form must reproduce the above
(...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after
99 memory_available = false; 99 memory_available = false;
100 } 100 }
101 uint64_t address = process_state_->crash_address(); 101 uint64_t address = process_state_->crash_address();
102 uint32_t exception_code = raw_exception->exception_record.exception_code; 102 uint32_t exception_code = raw_exception->exception_record.exception_code;
103 103
104 uint32_t exploitability_weight = 0; 104 uint32_t exploitability_weight = 0;
105 105
106 uint64_t stack_ptr = 0; 106 uint64_t stack_ptr = 0;
107 uint64_t instruction_ptr = 0; 107 uint64_t instruction_ptr = 0;
108 108
109 switch (context->GetContextCPU()) { 109 // Getting the instruction pointer.
110 case MD_CONTEXT_X86: 110 if (!context->GetInstructionPointer(&instruction_ptr)) {
111 stack_ptr = context->GetContextX86()->esp; 111 return EXPLOITABILITY_ERR_PROCESSING;
112 instruction_ptr = context->GetContextX86()->eip; 112 }
113 break; 113
114 case MD_CONTEXT_AMD64: 114 // Getting the stack pointer.
115 stack_ptr = context->GetContextAMD64()->rsp; 115 // TODO(liuandrew): get the stack ptr
ivanpe 2015/06/30 23:17:09 Is this TODO still relevant?
liuandrew 2015/06/30 23:20:51 Nope. Removed.
116 instruction_ptr = context->GetContextAMD64()->rip; 116 if (!context->GetStackPointer(&stack_ptr)) {
117 break; 117 return EXPLOITABILITY_ERR_PROCESSING;
118 default:
119 BPLOG(INFO) << "Unsupported architecture.";
120 return EXPLOITABILITY_ERR_PROCESSING;
121 } 118 }
122 119
123 // Check if we are executing on the stack. 120 // Check if we are executing on the stack.
124 if (instruction_ptr <= (stack_ptr + kProbableStackOffset) && 121 if (instruction_ptr <= (stack_ptr + kProbableStackOffset) &&
125 instruction_ptr >= (stack_ptr - kProbableStackOffset)) 122 instruction_ptr >= (stack_ptr - kProbableStackOffset))
126 exploitability_weight += kHugeBump; 123 exploitability_weight += kHugeBump;
127 124
128 switch (exception_code) { 125 switch (exception_code) {
129 // This is almost certainly recursion. 126 // This is almost certainly recursion.
130 case MD_EXCEPTION_CODE_WIN_STACK_OVERFLOW: 127 case MD_EXCEPTION_CODE_WIN_STACK_OVERFLOW:
(...skipping 147 matching lines...) Expand 10 before | Expand all | Expand 10 after
278 return EXPLOITABLITY_MEDIUM; 275 return EXPLOITABLITY_MEDIUM;
279 if (exploitability_weight >= kLowCutoff) 276 if (exploitability_weight >= kLowCutoff)
280 return EXPLOITABILITY_LOW; 277 return EXPLOITABILITY_LOW;
281 if (exploitability_weight >= kInterestingCutoff) 278 if (exploitability_weight >= kInterestingCutoff)
282 return EXPLOITABILITY_INTERESTING; 279 return EXPLOITABILITY_INTERESTING;
283 280
284 return EXPLOITABILITY_NONE; 281 return EXPLOITABILITY_NONE;
285 } 282 }
286 283
287 } // namespace google_breakpad 284 } // namespace google_breakpad
OLDNEW
« no previous file with comments | « src/processor/exploitability_linux.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698