Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(333)

Side by Side Diff: src/processor/exploitability_linux.h

Issue 1233973002: Add ELF header analysis when checking for instruction pointer in code. (Closed) Base URL: http://google-breakpad.googlecode.com/svn/trunk/
Patch Set: Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | src/processor/exploitability_linux.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 Google Inc. 1 // Copyright (c) 2013 Google Inc.
2 // All rights reserved. 2 // All rights reserved.
3 // 3 //
4 // Redistribution and use in source and binary forms, with or without 4 // Redistribution and use in source and binary forms, with or without
5 // modification, are permitted provided that the following conditions are 5 // modification, are permitted provided that the following conditions are
6 // met: 6 // met:
7 // 7 //
8 // * Redistributions of source code must retain the above copyright 8 // * Redistributions of source code must retain the above copyright
9 // notice, this list of conditions and the following disclaimer. 9 // notice, this list of conditions and the following disclaimer.
10 // * Redistributions in binary form must reproduce the above 10 // * Redistributions in binary form must reproduce the above
(...skipping 19 matching lines...) Expand all
30 // exploitability_linux.h: Linux specific exploitability engine. 30 // exploitability_linux.h: Linux specific exploitability engine.
31 // 31 //
32 // Provides a guess at the exploitability of the crash for the Linux 32 // Provides a guess at the exploitability of the crash for the Linux
33 // platform given a minidump and process_state. 33 // platform given a minidump and process_state.
34 // 34 //
35 // Author: Matthew Riley 35 // Author: Matthew Riley
36 36
37 #ifndef GOOGLE_BREAKPAD_PROCESSOR_EXPLOITABILITY_LINUX_H_ 37 #ifndef GOOGLE_BREAKPAD_PROCESSOR_EXPLOITABILITY_LINUX_H_
38 #define GOOGLE_BREAKPAD_PROCESSOR_EXPLOITABILITY_LINUX_H_ 38 #define GOOGLE_BREAKPAD_PROCESSOR_EXPLOITABILITY_LINUX_H_
39 39
40 #include "common/scoped_ptr.h"
40 #include "google_breakpad/common/breakpad_types.h" 41 #include "google_breakpad/common/breakpad_types.h"
41 #include "google_breakpad/processor/exploitability.h" 42 #include "google_breakpad/processor/exploitability.h"
42 43
43 namespace google_breakpad { 44 namespace google_breakpad {
44 45
46 enum LinuxArchitectureType {
47 // A 32-bit Linux architecture.
48 LINUX_32_BIT,
49
50 // A 64-bit Linux architecture.
51 LINUX_64_BIT,
52
53 // Some other architecture that is not Linux.
54 UNSUPPORTED_ARCHITECTURE
55 };
56
45 class ExploitabilityLinux : public Exploitability { 57 class ExploitabilityLinux : public Exploitability {
46 public: 58 public:
47 ExploitabilityLinux(Minidump *dump, 59 ExploitabilityLinux(Minidump *dump,
48 ProcessState *process_state); 60 ProcessState *process_state);
49 61
50 virtual ExploitabilityRating CheckPlatformExploitability(); 62 virtual ExploitabilityRating CheckPlatformExploitability();
51 63
52 private: 64 private:
53 // This method takes the address of the instruction pointer and returns 65 // This method takes the address of the instruction pointer and returns
54 // whether the instruction pointer lies in a valid instruction region. 66 // whether the instruction pointer lies in a valid instruction region.
55 bool InstructionPointerInCode(uint64_t instruction_ptr); 67 bool InstructionPointerInCode(uint64_t instruction_ptr);
56 68
57 // This method checks the exception that triggered the creation of the 69 // This method checks the exception that triggered the creation of the
58 // minidump and reports whether the exception suggests no exploitability. 70 // minidump and reports whether the exception suggests no exploitability.
59 bool BenignCrashTrigger(const MDRawExceptionStream *raw_exception_stream); 71 bool BenignCrashTrigger(const MDRawExceptionStream *raw_exception_stream);
72
73 // Checks if the minidump architecture is 32-bit or 64-bit.
74 LinuxArchitectureType ArchitectureType();
75
76 // Loads ELF header data of the module present in the given memory
77 // region into the scoped pointer.
78 // This method takes a scoped pointer in which the ELF header data is
79 // loaded, the memory region containing the ELF header, and the base
80 // address of the ELF header.
81 template<typename T>
82 void LoadElfHeader(MinidumpMemoryRegion *memory,
83 uint64_t base_address,
84 T *header) {
85 for (size_t i = 0; i < sizeof(T); i++) {
86 uint8_t my_byte = 0;
87 memory->GetMemoryAtAddress(base_address + i, &my_byte);
88 *(reinterpret_cast<char *>(header) + i) = my_byte;
89 }
90 }
91
92 // Loads the Program Header Table of the module present in the given
93 // memory region into the scoped array.
94 // This method takes a scoped array in which the header table data is
95 // loaded, the memory region containing the table, the base address of
96 // the program header table, and the number of entries in the table.
97 template<typename T>
98 void LoadElfHeaderTable(MinidumpMemoryRegion *memory,
99 uint64_t base_address,
100 uint16_t e_phnum,
101 T table[]) {
102 uint64_t offset = 0;
103 for (size_t i = 0; i < e_phnum; i++) {
104 T *entry = &table[i];
105 for (size_t j = 0; j < sizeof(T); j++) {
106 uint8_t my_byte = 0;
107 memory->GetMemoryAtAddress(base_address + offset++, &my_byte);
108 *(reinterpret_cast<char *>(entry) + j) = my_byte;
109 }
110 }
111 }
60 }; 112 };
61 113
62 } // namespace google_breakpad 114 } // namespace google_breakpad
63 115
64 #endif // GOOGLE_BREAKPAD_PROCESSOR_EXPLOITABILITY_LINUX_H_ 116 #endif // GOOGLE_BREAKPAD_PROCESSOR_EXPLOITABILITY_LINUX_H_
OLDNEW
« no previous file with comments | « no previous file | src/processor/exploitability_linux.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698