| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2017 Google Inc. All Rights Reserved. |
| 2 // |
| 3 // Licensed under the Apache License, Version 2.0 (the "License"); |
| 4 // you may not use this file except in compliance with the License. |
| 5 // You may obtain a copy of the License at |
| 6 // |
| 7 // http://www.apache.org/licenses/LICENSE-2.0 |
| 8 // |
| 9 // Unless required by applicable law or agreed to in writing, software |
| 10 // distributed under the License is distributed on an "AS IS" BASIS, |
| 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 12 // See the License for the specific language governing permissions and |
| 13 // limitations under the License. |
| 14 // |
| 15 |
| 16 #include "syzygy/instrument/transforms/security_cookie_check_hook_transform.h" |
| 17 |
| 18 #include "gtest/gtest.h" |
| 19 #include "syzygy/block_graph/basic_block.h" |
| 20 #include "syzygy/block_graph/basic_block_decomposer.h" |
| 21 #include "syzygy/block_graph/basic_block_subgraph.h" |
| 22 #include "syzygy/block_graph/block_graph.h" |
| 23 #include "syzygy/core/unittest_util.h" |
| 24 #include "syzygy/instrument/transforms/unittest_util.h" |
| 25 #include "syzygy/pe/unittest_util.h" |
| 26 |
| 27 #include "mnemonics.h" // NOLINT |
| 28 |
| 29 namespace instrument { |
| 30 namespace transforms { |
| 31 namespace { |
| 32 |
| 33 using block_graph::BasicBlock; |
| 34 using block_graph::BasicBlockDecomposer; |
| 35 using block_graph::BasicBlockSubGraph; |
| 36 using block_graph::BasicCodeBlock; |
| 37 using block_graph::BlockGraph; |
| 38 using block_graph::Instruction; |
| 39 |
| 40 class SecurityCookieCheckHookTransformTest |
| 41 : public testing::TestDllTransformTest { |
| 42 protected: |
| 43 void CheckBasicBlockInstrumentation(); |
| 44 |
| 45 SecurityCookieCheckHookTransform security_cookie_check_hook_; |
| 46 }; |
| 47 |
| 48 void SecurityCookieCheckHookTransformTest::CheckBasicBlockInstrumentation() { |
| 49 bool hit = false; |
| 50 |
| 51 BlockGraph::BlockMap::const_iterator block_iter = |
| 52 block_graph_.blocks().begin(); |
| 53 for (; block_iter != block_graph_.blocks().end(); ++block_iter) { |
| 54 const BlockGraph::Block& block = block_iter->second; |
| 55 |
| 56 // Skip everything but __syzygy_report_gsfailure. |
| 57 if (block.name() != |
| 58 SecurityCookieCheckHookTransform::kSyzygyReportGsFailure) |
| 59 continue; |
| 60 |
| 61 hit = true; |
| 62 |
| 63 // Decompose the block to basic-blocks. |
| 64 BasicBlockSubGraph subgraph; |
| 65 BasicBlockDecomposer bb_decomposer(&block, &subgraph); |
| 66 ASSERT_TRUE(bb_decomposer.Decompose()); |
| 67 |
| 68 // Retrieve the first basic block. |
| 69 ASSERT_EQ(1, subgraph.block_descriptions().size()); |
| 70 const BasicBlockSubGraph::BasicBlockOrdering& original_order = |
| 71 subgraph.block_descriptions().front().basic_block_order; |
| 72 BasicCodeBlock* first_bb = BasicCodeBlock::Cast(*original_order.begin()); |
| 73 ASSERT_NE(first_bb, nullptr); |
| 74 |
| 75 // Check if the stub is a 'mov [deadbeef], eax' instruction. |
| 76 BasicBlockSubGraph::BBCollection::const_iterator bb_iter = |
| 77 subgraph.basic_blocks().begin(); |
| 78 for (; bb_iter != subgraph.basic_blocks().end(); ++bb_iter) { |
| 79 const BasicCodeBlock* bb = BasicCodeBlock::Cast(*bb_iter); |
| 80 if (bb == nullptr || bb->is_padding()) |
| 81 continue; |
| 82 |
| 83 BasicBlock::Instructions::const_iterator inst_iter = |
| 84 bb->instructions().begin(), |
| 85 end_iter = |
| 86 bb->instructions().end(); |
| 87 ASSERT_NE(inst_iter, end_iter); |
| 88 // mov [deadbeef], eax |
| 89 const Instruction& inst = *inst_iter; |
| 90 const _DInst& representation = inst.representation(); |
| 91 EXPECT_EQ(I_MOV, representation.opcode); |
| 92 EXPECT_EQ(representation.ops[0].type, O_DISP); |
| 93 EXPECT_EQ(representation.disp, |
| 94 SecurityCookieCheckHookTransform::kInvalidUserAddress); |
| 95 } |
| 96 } |
| 97 |
| 98 EXPECT_TRUE(hit); |
| 99 } |
| 100 |
| 101 } // namespace |
| 102 |
| 103 TEST_F(SecurityCookieCheckHookTransformTest, ApplyTranform) { |
| 104 ASSERT_NO_FATAL_FAILURE(DecomposeTestDll()); |
| 105 |
| 106 ASSERT_TRUE(block_graph::ApplyBlockGraphTransform( |
| 107 &security_cookie_check_hook_, policy_, &block_graph_, header_block_)); |
| 108 |
| 109 ASSERT_NO_FATAL_FAILURE(CheckBasicBlockInstrumentation()); |
| 110 } |
| 111 |
| 112 } // namespace transforms |
| 113 } // namespace instrument |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2871863002:
adds the security cookie check hook transform. (Closed)
