| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 Google Inc. | 1 // Copyright (c) 2010 Google Inc. |
| 2 // All rights reserved. | 2 // All rights reserved. |
| 3 // | 3 // |
| 4 // Redistribution and use in source and binary forms, with or without | 4 // Redistribution and use in source and binary forms, with or without |
| 5 // modification, are permitted provided that the following conditions are | 5 // modification, are permitted provided that the following conditions are |
| 6 // met: | 6 // met: |
| 7 // | 7 // |
| 8 // * Redistributions of source code must retain the above copyright | 8 // * Redistributions of source code must retain the above copyright |
| 9 // notice, this list of conditions and the following disclaimer. | 9 // notice, this list of conditions and the following disclaimer. |
| 10 // * Redistributions in binary form must reproduce the above | 10 // * Redistributions in binary form must reproduce the above |
| (...skipping 26 matching lines...) Expand all Loading... |
| 37 #include <vector> | 37 #include <vector> |
| 38 | 38 |
| 39 #include "processor/exploitability_win.h" | 39 #include "processor/exploitability_win.h" |
| 40 | 40 |
| 41 #include "common/scoped_ptr.h" | 41 #include "common/scoped_ptr.h" |
| 42 #include "google_breakpad/common/minidump_exception_win32.h" | 42 #include "google_breakpad/common/minidump_exception_win32.h" |
| 43 #include "google_breakpad/processor/minidump.h" | 43 #include "google_breakpad/processor/minidump.h" |
| 44 #include "processor/disassembler_x86.h" | 44 #include "processor/disassembler_x86.h" |
| 45 #include "processor/logging.h" | 45 #include "processor/logging.h" |
| 46 | 46 |
| 47 #include "third_party/libdisasm/libdis.h" | 47 //#include "third_party/libdisasm/libdis.h" |
| 48 | 48 |
| 49 namespace google_breakpad { | 49 namespace google_breakpad { |
| 50 | 50 |
| 51 // The cutoff that we use to judge if and address is likely an offset | 51 // The cutoff that we use to judge if and address is likely an offset |
| 52 // from various interesting addresses. | 52 // from various interesting addresses. |
| 53 static const uint64_t kProbableNullOffset = 4096; | 53 static const uint64_t kProbableNullOffset = 4096; |
| 54 static const uint64_t kProbableStackOffset = 8192; | 54 static const uint64_t kProbableStackOffset = 8192; |
| 55 | 55 |
| 56 // The various cutoffs for the different ratings. | 56 // The various cutoffs for the different ratings. |
| 57 static const size_t kHighCutoff = 100; | 57 static const size_t kHighCutoff = 100; |
| (...skipping 159 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 217 available_memory, | 217 available_memory, |
| 218 instruction_ptr); | 218 instruction_ptr); |
| 219 disassembler.NextInstruction(); | 219 disassembler.NextInstruction(); |
| 220 if (bad_read) | 220 if (bad_read) |
| 221 disassembler.setBadRead(); | 221 disassembler.setBadRead(); |
| 222 else | 222 else |
| 223 disassembler.setBadWrite(); | 223 disassembler.setBadWrite(); |
| 224 if (disassembler.currentInstructionValid()) { | 224 if (disassembler.currentInstructionValid()) { |
| 225 // Check if the faulting instruction falls into one of | 225 // Check if the faulting instruction falls into one of |
| 226 // several interesting groups. | 226 // several interesting groups. |
| 227 switch (disassembler.currentInstructionGroup()) { | 227 if (disassembler.currentInstructionIsGroup(X86_GRP_JUMP) || |
| 228 case libdis::insn_controlflow: | 228 disassembler.currentInstructionIsGroup(X86_GRP_CALL)) { |
| 229 exploitability_weight += kLargeBump; | 229 exploitability_weight += kLargeBump; |
| 230 break; | 230 } else if (disassembler.currentInstructionIsBlockData()) { |
| 231 case libdis::insn_string: | 231 exploitability_weight += kHugeBump; |
| 232 exploitability_weight += kHugeBump; | |
| 233 break; | |
| 234 default: | |
| 235 break; | |
| 236 } | 232 } |
| 237 // Loop the disassembler through the code and check if it | 233 // Loop the disassembler through the code and check if it |
| 238 // IDed any interesting conditions in the near future. | 234 // IDed any interesting conditions in the near future. |
| 239 // Multiple flags may be set so treat each equally. | 235 // Multiple flags may be set so treat each equally. |
| 240 while (disassembler.NextInstruction() && | 236 while (disassembler.NextInstruction() && |
| 241 disassembler.currentInstructionValid() && | 237 disassembler.currentInstructionValid() && |
| 242 !disassembler.endOfBlock()) | 238 !disassembler.endOfBlock()) |
| 243 continue; | 239 continue; |
| 244 if (disassembler.flags() & DISX86_BAD_BRANCH_TARGET) | 240 if (disassembler.flags() & DISX86_BAD_BRANCH_TARGET) |
| 245 exploitability_weight += kLargeBump; | 241 exploitability_weight += kLargeBump; |
| (...skipping 28 matching lines...) Expand all Loading... |
| 274 return EXPLOITABLITY_MEDIUM; | 270 return EXPLOITABLITY_MEDIUM; |
| 275 if (exploitability_weight >= kLowCutoff) | 271 if (exploitability_weight >= kLowCutoff) |
| 276 return EXPLOITABILITY_LOW; | 272 return EXPLOITABILITY_LOW; |
| 277 if (exploitability_weight >= kInterestingCutoff) | 273 if (exploitability_weight >= kInterestingCutoff) |
| 278 return EXPLOITABILITY_INTERESTING; | 274 return EXPLOITABILITY_INTERESTING; |
| 279 | 275 |
| 280 return EXPLOITABILITY_NONE; | 276 return EXPLOITABILITY_NONE; |
| 281 } | 277 } |
| 282 | 278 |
| 283 } // namespace google_breakpad | 279 } // namespace google_breakpad |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1821293002:
Replace libdisasm with capstone
Base URL: https://chromium.googlesource.com/breakpad/breakpad.git@master