Chromium Code Reviews Chromium Code Reviews
Issue 1360863006:
win: Add more memory regions to gathering of PEB (Closed)
Base URL: https://chromium.googlesource.com/crashpad/crashpad@save-peb| Index: snapshot/win/process_snapshot_win.cc |
| diff --git a/snapshot/win/process_snapshot_win.cc b/snapshot/win/process_snapshot_win.cc |
| index b9df62c0ab4c011109ab9054f5b556141958d658..d1d517b12c43367ce1401b6a236cd785617a2bea 100644 |
| --- a/snapshot/win/process_snapshot_win.cc |
| +++ b/snapshot/win/process_snapshot_win.cc |
| @@ -14,6 +14,8 @@ |
| #include "snapshot/win/process_snapshot_win.h" |
| +#include <algorithm> |
| + |
| #include "base/logging.h" |
| #include "snapshot/win/module_snapshot_win.h" |
| #include "util/win/registration_protocol_win.h" |
| @@ -48,10 +50,11 @@ bool ProcessSnapshotWin::Initialize(HANDLE process, |
| return false; |
| system_.Initialize(&process_reader_); |
| - WinVMAddress peb_address; |
| - WinVMSize peb_size; |
| - process_reader_.GetProcessInfo().Peb(&peb_address, &peb_size); |
| - peb_.Initialize(&process_reader_, peb_address, peb_size); |
| + |
| + if (process_reader_.Is64Bit()) |
| + InitializePebData<process_types::internal::Traits64>(); |
| + else |
| + InitializePebData<process_types::internal::Traits32>(); |
| InitializeThreads(); |
| InitializeModules(); |
| @@ -186,7 +189,8 @@ const ExceptionSnapshot* ProcessSnapshotWin::Exception() const { |
| std::vector<const MemorySnapshot*> ProcessSnapshotWin::ExtraMemory() const { |
| INITIALIZATION_STATE_DCHECK_VALID(initialized_); |
| std::vector<const MemorySnapshot*> extra_memory; |
| - extra_memory.push_back(&peb_); |
| + for (const auto& peb_memory : peb_memory_) |
| + extra_memory.push_back(peb_memory); |
| return extra_memory; |
| } |
| @@ -214,4 +218,91 @@ void ProcessSnapshotWin::InitializeModules() { |
| } |
| } |
| +template <class Traits> |
| +void ProcessSnapshotWin::InitializePebData() { |
| + WinVMAddress peb_address; |
| + WinVMSize peb_size; |
| + process_reader_.GetProcessInfo().Peb(&peb_address, &peb_size); |
| + AddMemorySnapshot(peb_address, peb_size, &peb_memory_); |
| + |
| + process_types::PEB<Traits> peb_data; |
| + if (!process_reader_.ReadMemory(peb_address, peb_size, &peb_data)) { |
| + LOG(ERROR) << "ReadMemory PEB"; |
| + return; |
| + } |
| + AddMemorySnapshot( |
| + peb_data.Ldr, sizeof(process_types::PEB_LDR_DATA<Traits>), &peb_memory_); |
| + |
| + process_types::RTL_USER_PROCESS_PARAMETERS<Traits> process_parameters; |
| + if (!process_reader_.ReadMemory(peb_data.ProcessParameters, |
| + sizeof(process_parameters), |
| + &process_parameters)) { |
| + LOG(ERROR) << "ReadMemory RTL_USER_PROCESS_PARAMETERS"; |
| + return; |
| + } |
| + |
| + AddMemorySnapshotForUNICODE_STRING( |
| + process_parameters.CurrentDirectory.DosPath, &peb_memory_); |
| + AddMemorySnapshotForUNICODE_STRING(process_parameters.DllPath, &peb_memory_); |
| + AddMemorySnapshotForUNICODE_STRING(process_parameters.ImagePathName, |
| + &peb_memory_); |
| + AddMemorySnapshotForUNICODE_STRING(process_parameters.CommandLine, |
| + &peb_memory_); |
| + |
| + AddMemorySnapshot( |
| + process_parameters.Environment, |
| + DetermineSizeOfEnvironmentBlock(process_parameters.Environment), |
| + &peb_memory_); |
| +} |
| + |
| +void ProcessSnapshotWin::AddMemorySnapshot( |
| + WinVMAddress address, |
| + WinVMSize size, |
| + PointerVector<internal::MemorySnapshotWin>* into) { |
| + if (size == 0) |
| + return; |
| + internal::MemorySnapshotWin* memory_snapshot = |
| + new internal::MemorySnapshotWin(); |
| + memory_snapshot->Initialize(&process_reader_, address, size); |
| + into->push_back(memory_snapshot); |
| +} |
| + |
| +template <class Traits> |
| +void ProcessSnapshotWin::AddMemorySnapshotForUNICODE_STRING( |
| + const process_types::UNICODE_STRING<Traits>& us, |
| + PointerVector<internal::MemorySnapshotWin>* into) { |
| + AddMemorySnapshot(us.Buffer, us.Length, into); |
| +} |
| + |
| +WinVMSize ProcessSnapshotWin::DetermineSizeOfEnvironmentBlock( |
| + WinVMAddress start_of_environment_block) { |
| + // http://blogs.msdn.com/b/oldnewthing/archive/2010/02/03/9957320.aspx On |
| + // newer OSs there's no stated limit, but in practice grabbing 32k characters |
| + // should be more than enough. |
| + int env_block_size = 32768; |
| + scoped_ptr<wchar_t[]> env_block(new wchar_t[env_block_size]); |
| + while (env_block_size > 0) { |
| + if (process_reader_.ReadMemory(start_of_environment_block, |
| + env_block_size * sizeof(wchar_t), |
|
Mark Mentovai
2015/09/26 01:46:48
sizeof(env_block[0])
scottmg
2015/09/28 22:38:09
Done.
|
| + env_block.get())) { |
| + break; |
| + } |
| + // We could be out of range of the process so the read might |
|
Mark Mentovai
2015/09/26 01:46:48
TODO to revisit this with a more generic “read as
scottmg
2015/09/28 22:38:09
Uses the memory map-aware read now.
|
| + // fail. Decrease by a bit and try again. |
| + env_block_size -= 1024; |
| + } |
| + if (env_block_size > 0) { |
| + std::wstring look_in(&env_block[0], env_block_size); |
|
Mark Mentovai
2015/09/26 01:46:48
Since you’re just copying the whole thing into loo
scottmg
2015/09/28 22:38:09
Done.
|
| + const wchar_t terminator[] = { 0, 0 }; |
| + size_t at = look_in.find(std::wstring(terminator, arraysize(terminator))); |
| + if (at != std::wstring::npos) |
| + env_block_size = static_cast<int>(at) + arraysize(terminator); |
| + // If we didn't find a terminator, then just add the whole (presumably |
| + // partial) block. |
| + return env_block_size * sizeof(wchar_t); |
| + } |
| + |
| + return 0; |
| +} |
| + |
| } // namespace crashpad |
