| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 Google Inc. | 1 // Copyright (c) 2010 Google Inc. |
| 2 // All rights reserved. | 2 // All rights reserved. |
| 3 // | 3 // |
| 4 // Redistribution and use in source and binary forms, with or without | 4 // Redistribution and use in source and binary forms, with or without |
| 5 // modification, are permitted provided that the following conditions are | 5 // modification, are permitted provided that the following conditions are |
| 6 // met: | 6 // met: |
| 7 // | 7 // |
| 8 // * Redistributions of source code must retain the above copyright | 8 // * Redistributions of source code must retain the above copyright |
| 9 // notice, this list of conditions and the following disclaimer. | 9 // notice, this list of conditions and the following disclaimer. |
| 10 // * Redistributions in binary form must reproduce the above | 10 // * Redistributions in binary form must reproduce the above |
| (...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 99 memory_available = false; | 99 memory_available = false; |
| 100 } | 100 } |
| 101 uint64_t address = process_state_->crash_address(); | 101 uint64_t address = process_state_->crash_address(); |
| 102 uint32_t exception_code = raw_exception->exception_record.exception_code; | 102 uint32_t exception_code = raw_exception->exception_record.exception_code; |
| 103 | 103 |
| 104 uint32_t exploitability_weight = 0; | 104 uint32_t exploitability_weight = 0; |
| 105 | 105 |
| 106 uint64_t stack_ptr = 0; | 106 uint64_t stack_ptr = 0; |
| 107 uint64_t instruction_ptr = 0; | 107 uint64_t instruction_ptr = 0; |
| 108 | 108 |
| 109 switch (context->GetContextCPU()) { | 109 // Getting the instruction pointer. |
| 110 case MD_CONTEXT_X86: | 110 if (!context->GetInstructionPointer(&instruction_ptr)) { |
| 111 stack_ptr = context->GetContextX86()->esp; | 111 return EXPLOITABILITY_ERR_PROCESSING; |
| 112 instruction_ptr = context->GetContextX86()->eip; | 112 } |
| 113 break; | 113 |
| 114 case MD_CONTEXT_AMD64: | 114 // Getting the stack pointer. |
| 115 stack_ptr = context->GetContextAMD64()->rsp; | 115 if (!context->GetStackPointer(&stack_ptr)) { |
| 116 instruction_ptr = context->GetContextAMD64()->rip; | 116 return EXPLOITABILITY_ERR_PROCESSING; |
| 117 break; | |
| 118 default: | |
| 119 BPLOG(INFO) << "Unsupported architecture."; | |
| 120 return EXPLOITABILITY_ERR_PROCESSING; | |
| 121 } | 117 } |
| 122 | 118 |
| 123 // Check if we are executing on the stack. | 119 // Check if we are executing on the stack. |
| 124 if (instruction_ptr <= (stack_ptr + kProbableStackOffset) && | 120 if (instruction_ptr <= (stack_ptr + kProbableStackOffset) && |
| 125 instruction_ptr >= (stack_ptr - kProbableStackOffset)) | 121 instruction_ptr >= (stack_ptr - kProbableStackOffset)) |
| 126 exploitability_weight += kHugeBump; | 122 exploitability_weight += kHugeBump; |
| 127 | 123 |
| 128 switch (exception_code) { | 124 switch (exception_code) { |
| 129 // This is almost certainly recursion. | 125 // This is almost certainly recursion. |
| 130 case MD_EXCEPTION_CODE_WIN_STACK_OVERFLOW: | 126 case MD_EXCEPTION_CODE_WIN_STACK_OVERFLOW: |
| (...skipping 147 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 278 return EXPLOITABLITY_MEDIUM; | 274 return EXPLOITABLITY_MEDIUM; |
| 279 if (exploitability_weight >= kLowCutoff) | 275 if (exploitability_weight >= kLowCutoff) |
| 280 return EXPLOITABILITY_LOW; | 276 return EXPLOITABILITY_LOW; |
| 281 if (exploitability_weight >= kInterestingCutoff) | 277 if (exploitability_weight >= kInterestingCutoff) |
| 282 return EXPLOITABILITY_INTERESTING; | 278 return EXPLOITABILITY_INTERESTING; |
| 283 | 279 |
| 284 return EXPLOITABILITY_NONE; | 280 return EXPLOITABILITY_NONE; |
| 285 } | 281 } |
| 286 | 282 |
| 287 } // namespace google_breakpad | 283 } // namespace google_breakpad |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1210943005:
Use general instruction/stack pointer convenience method instead of manually (Closed)
Base URL: http://google-breakpad.googlecode.com/svn/trunk/