| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 Google Inc. | 1 // Copyright (c) 2013 Google Inc. |
| 2 // All rights reserved. | 2 // All rights reserved. |
| 3 // | 3 // |
| 4 // Redistribution and use in source and binary forms, with or without | 4 // Redistribution and use in source and binary forms, with or without |
| 5 // modification, are permitted provided that the following conditions are | 5 // modification, are permitted provided that the following conditions are |
| 6 // met: | 6 // met: |
| 7 // | 7 // |
| 8 // * Redistributions of source code must retain the above copyright | 8 // * Redistributions of source code must retain the above copyright |
| 9 // notice, this list of conditions and the following disclaimer. | 9 // notice, this list of conditions and the following disclaimer. |
| 10 // * Redistributions in binary form must reproduce the above | 10 // * Redistributions in binary form must reproduce the above |
| (...skipping 19 matching lines...) Expand all Loading... |
| 30 // exploitability_linux.cc: Linux specific exploitability engine. | 30 // exploitability_linux.cc: Linux specific exploitability engine. |
| 31 // | 31 // |
| 32 // Provides a guess at the exploitability of the crash for the Linux | 32 // Provides a guess at the exploitability of the crash for the Linux |
| 33 // platform given a minidump and process_state. | 33 // platform given a minidump and process_state. |
| 34 // | 34 // |
| 35 // Author: Matthew Riley | 35 // Author: Matthew Riley |
| 36 | 36 |
| 37 #include "processor/exploitability_linux.h" | 37 #include "processor/exploitability_linux.h" |
| 38 | 38 |
| 39 #include "google_breakpad/common/minidump_exception_linux.h" | 39 #include "google_breakpad/common/minidump_exception_linux.h" |
| 40 #include "google_breakpad/processor/call_stack.h" |
| 40 #include "google_breakpad/processor/process_state.h" | 41 #include "google_breakpad/processor/process_state.h" |
| 41 #include "google_breakpad/processor/call_stack.h" | |
| 42 #include "google_breakpad/processor/stack_frame.h" | 42 #include "google_breakpad/processor/stack_frame.h" |
| 43 #include "processor/logging.h" | 43 #include "processor/logging.h" |
| 44 | 44 |
| 45 namespace { | 45 namespace { |
| 46 | 46 |
| 47 // This function in libc is called if the program was compiled with | 47 // This function in libc is called if the program was compiled with |
| 48 // -fstack-protector and a function's stack canary changes. | 48 // -fstack-protector and a function's stack canary changes. |
| 49 const char kStackCheckFailureFunction[] = "__stack_chk_fail"; | 49 const char kStackCheckFailureFunction[] = "__stack_chk_fail"; |
| 50 | 50 |
| 51 // This function in libc is called if the program was compiled with | 51 // This function in libc is called if the program was compiled with |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 91 if (exception == NULL) { | 91 if (exception == NULL) { |
| 92 BPLOG(INFO) << "No exception record."; | 92 BPLOG(INFO) << "No exception record."; |
| 93 return EXPLOITABILITY_ERR_PROCESSING; | 93 return EXPLOITABILITY_ERR_PROCESSING; |
| 94 } | 94 } |
| 95 const MinidumpContext *context = exception->GetContext(); | 95 const MinidumpContext *context = exception->GetContext(); |
| 96 if (context == NULL) { | 96 if (context == NULL) { |
| 97 BPLOG(INFO) << "No exception context."; | 97 BPLOG(INFO) << "No exception context."; |
| 98 return EXPLOITABILITY_ERR_PROCESSING; | 98 return EXPLOITABILITY_ERR_PROCESSING; |
| 99 } | 99 } |
| 100 | 100 |
| 101 // Getting instruction pointer based off architecture. | 101 // Getting the instruction pointer. |
| 102 uint32_t architecture = context->GetContextCPU(); | 102 if (!context->GetInstructionPointer(&instruction_ptr)) { |
| 103 switch (architecture) { | 103 return EXPLOITABILITY_ERR_PROCESSING; |
| 104 case MD_CONTEXT_X86: | |
| 105 instruction_ptr = context->GetContextX86()->eip; | |
| 106 break; | |
| 107 case MD_CONTEXT_AMD64: | |
| 108 instruction_ptr = context->GetContextAMD64()->rip; | |
| 109 break; | |
| 110 case MD_CONTEXT_ARM: | |
| 111 instruction_ptr = | |
| 112 context->GetContextARM()->iregs[MD_CONTEXT_ARM_REG_PC]; | |
| 113 break; | |
| 114 case MD_CONTEXT_ARM64: | |
| 115 instruction_ptr = | |
| 116 context->GetContextARM64()->iregs[MD_CONTEXT_ARM64_REG_PC]; | |
| 117 break; | |
| 118 default: | |
| 119 BPLOG(INFO) << "Unsupported architecture."; | |
| 120 return EXPLOITABILITY_ERR_PROCESSING; | |
| 121 } | 104 } |
| 122 | 105 |
| 123 // Checking for the instruction pointer in a valid instruction region. | 106 // Checking for the instruction pointer in a valid instruction region. |
| 124 if (!this->InstructionPointerInCode(instruction_ptr)) { | 107 if (!this->InstructionPointerInCode(instruction_ptr)) { |
| 125 return EXPLOITABILITY_HIGH; | 108 return EXPLOITABILITY_HIGH; |
| 126 } | 109 } |
| 127 | 110 |
| 128 const MDRawExceptionStream *raw_exception_stream = exception->exception(); | 111 const MDRawExceptionStream *raw_exception_stream = exception->exception(); |
| 129 if (raw_exception_stream == NULL) { | 112 if (raw_exception_stream == NULL) { |
| 130 BPLOG(INFO) << "No raw exception stream."; | 113 BPLOG(INFO) << "No raw exception stream."; |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 198 case MD_EXCEPTION_CODE_LIN_DUMP_REQUESTED: | 181 case MD_EXCEPTION_CODE_LIN_DUMP_REQUESTED: |
| 199 return true; | 182 return true; |
| 200 break; | 183 break; |
| 201 default: | 184 default: |
| 202 return false; | 185 return false; |
| 203 break; | 186 break; |
| 204 } | 187 } |
| 205 } | 188 } |
| 206 | 189 |
| 207 } // namespace google_breakpad | 190 } // namespace google_breakpad |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1210943005:
Use general instruction/stack pointer convenience method instead of manually (Closed)
Base URL: http://google-breakpad.googlecode.com/svn/trunk/