From e2eb4505d0ea073d031b4a886a35cb3ce0caf197 Mon Sep 17 00:00:00 2001 From: "Liu.andrew.x@gmail.com" Date: Tue, 30 Jun 2015 23:22:09 +0000 Subject: Use general instruction/stack pointer convenience method instead of manually finding the instruction/stack pointer for exploitability rating. There was already a method that found the instruction pointer, so the files for exploitability ratings had repeated code. Also a method for finding the stack pointer is implemented in this CL. R=ivanpe@chromium.org Review URL: https://codereview.chromium.org/1210943005 git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1468 4c0a9323-5329-0410-9bdc-e9ce6186880e --- src/google_breakpad/common/minidump_cpu_ppc.h | 5 +++ src/google_breakpad/common/minidump_cpu_ppc64.h | 5 +++ src/google_breakpad/common/minidump_cpu_sparc.h | 5 +++ src/google_breakpad/processor/dump_context.h | 4 +++ src/processor/dump_context.cc | 43 +++++++++++++++++++++++++ src/processor/exploitability_linux.cc | 25 +++----------- src/processor/exploitability_win.cc | 20 +++++------- 7 files changed, 74 insertions(+), 33 deletions(-) diff --git a/src/google_breakpad/common/minidump_cpu_ppc.h b/src/google_breakpad/common/minidump_cpu_ppc.h index 02ac3220..b24cc424 100644 --- a/src/google_breakpad/common/minidump_cpu_ppc.h +++ b/src/google_breakpad/common/minidump_cpu_ppc.h @@ -140,6 +140,11 @@ typedef struct { MDVectorSaveAreaPPC vector_save; } MDRawContextPPC; /* Based on ppc_thread_state */ +/* Indices into gpr for registers with a dedicated or conventional purpose. */ +enum MDPPCRegisterNumbers { + MD_CONTEXT_PPC_REG_SP = 1 +}; + #if defined(__SUNPRO_C) || defined(__SUNPRO_CC) #pragma pack(0) #else diff --git a/src/google_breakpad/common/minidump_cpu_ppc64.h b/src/google_breakpad/common/minidump_cpu_ppc64.h index 3a883230..61f41938 100644 --- a/src/google_breakpad/common/minidump_cpu_ppc64.h +++ b/src/google_breakpad/common/minidump_cpu_ppc64.h @@ -112,6 +112,11 @@ typedef struct { MDVectorSaveAreaPPC vector_save; } MDRawContextPPC64; /* Based on ppc_thread_state */ +/* Indices into gpr for registers with a dedicated or conventional purpose. */ +enum MDPPC64RegisterNumbers { + MD_CONTEXT_PPC64_REG_SP = 1 +}; + /* For (MDRawContextPPC).context_flags. These values indicate the type of * context stored in the structure. MD_CONTEXT_PPC is Breakpad-defined. Its * value was chosen to avoid likely conflicts with MD_CONTEXT_* for other diff --git a/src/google_breakpad/common/minidump_cpu_sparc.h b/src/google_breakpad/common/minidump_cpu_sparc.h index ddc4c759..95c08b17 100644 --- a/src/google_breakpad/common/minidump_cpu_sparc.h +++ b/src/google_breakpad/common/minidump_cpu_sparc.h @@ -138,6 +138,11 @@ typedef struct { } MDRawContextSPARC; /* CONTEXT_SPARC */ +/* Indices into g_r for registers with a dedicated or conventional purpose. */ +enum MDSPARCRegisterNumbers { + MD_CONTEXT_SPARC_REG_SP = 14 +}; + /* For (MDRawContextSPARC).context_flags. These values indicate the type of * context stored in the structure. MD_CONTEXT_SPARC is Breakpad-defined. Its * value was chosen to avoid likely conflicts with MD_CONTEXT_* for other diff --git a/src/google_breakpad/processor/dump_context.h b/src/google_breakpad/processor/dump_context.h index f6238ffa..df80bf7e 100644 --- a/src/google_breakpad/processor/dump_context.h +++ b/src/google_breakpad/processor/dump_context.h @@ -67,6 +67,10 @@ class DumpContext : public DumpObject { // MDRawContext, since it varies per-CPU architecture. bool GetInstructionPointer(uint64_t* ip) const; + // Similar to the GetInstructionPointer method, this method gets the stack + // pointer for all CPU architectures. + bool GetStackPointer(uint64_t* sp) const; + // Print a human-readable representation of the object to stdout. void Print(); diff --git a/src/processor/dump_context.cc b/src/processor/dump_context.cc index cadf93f7..612556a2 100644 --- a/src/processor/dump_context.cc +++ b/src/processor/dump_context.cc @@ -185,6 +185,49 @@ bool DumpContext::GetInstructionPointer(uint64_t* ip) const { return true; } +bool DumpContext::GetStackPointer(uint64_t* sp) const { + BPLOG_IF(ERROR, !sp) << "DumpContext::GetStackPointer requires |sp|"; + assert(sp); + *sp = 0; + + if (!valid_) { + BPLOG(ERROR) << "Invalid DumpContext for GetStackPointer"; + return false; + } + + switch (GetContextCPU()) { + case MD_CONTEXT_AMD64: + *sp = GetContextAMD64()->rsp; + break; + case MD_CONTEXT_ARM: + *sp = GetContextARM()->iregs[MD_CONTEXT_ARM_REG_SP]; + break; + case MD_CONTEXT_ARM64: + *sp = GetContextARM64()->iregs[MD_CONTEXT_ARM64_REG_SP]; + break; + case MD_CONTEXT_PPC: + *sp = GetContextPPC()->gpr[MD_CONTEXT_PPC_REG_SP]; + break; + case MD_CONTEXT_PPC64: + *sp = GetContextPPC64()->gpr[MD_CONTEXT_PPC64_REG_SP]; + break; + case MD_CONTEXT_SPARC: + *sp = GetContextSPARC()->g_r[MD_CONTEXT_SPARC_REG_SP]; + break; + case MD_CONTEXT_X86: + *sp = GetContextX86()->esp; + break; + case MD_CONTEXT_MIPS: + *sp = GetContextMIPS()->iregs[MD_CONTEXT_MIPS_REG_SP]; + break; + default: + // This should never happen. + BPLOG(ERROR) << "Unknown CPU architecture in GetStackPointer"; + return false; + } + return true; +} + void DumpContext::SetContextFlags(uint32_t context_flags) { context_flags_ = context_flags; } diff --git a/src/processor/exploitability_linux.cc b/src/processor/exploitability_linux.cc index 875df165..b5dc0e87 100644 --- a/src/processor/exploitability_linux.cc +++ b/src/processor/exploitability_linux.cc @@ -37,8 +37,8 @@ #include "processor/exploitability_linux.h" #include "google_breakpad/common/minidump_exception_linux.h" -#include "google_breakpad/processor/process_state.h" #include "google_breakpad/processor/call_stack.h" +#include "google_breakpad/processor/process_state.h" #include "google_breakpad/processor/stack_frame.h" #include "processor/logging.h" @@ -98,26 +98,9 @@ ExploitabilityRating ExploitabilityLinux::CheckPlatformExploitability() { return EXPLOITABILITY_ERR_PROCESSING; } - // Getting instruction pointer based off architecture. - uint32_t architecture = context->GetContextCPU(); - switch (architecture) { - case MD_CONTEXT_X86: - instruction_ptr = context->GetContextX86()->eip; - break; - case MD_CONTEXT_AMD64: - instruction_ptr = context->GetContextAMD64()->rip; - break; - case MD_CONTEXT_ARM: - instruction_ptr = - context->GetContextARM()->iregs[MD_CONTEXT_ARM_REG_PC]; - break; - case MD_CONTEXT_ARM64: - instruction_ptr = - context->GetContextARM64()->iregs[MD_CONTEXT_ARM64_REG_PC]; - break; - default: - BPLOG(INFO) << "Unsupported architecture."; - return EXPLOITABILITY_ERR_PROCESSING; + // Getting the instruction pointer. + if (!context->GetInstructionPointer(&instruction_ptr)) { + return EXPLOITABILITY_ERR_PROCESSING; } // Checking for the instruction pointer in a valid instruction region. diff --git a/src/processor/exploitability_win.cc b/src/processor/exploitability_win.cc index 8a444eb2..a1f8703a 100644 --- a/src/processor/exploitability_win.cc +++ b/src/processor/exploitability_win.cc @@ -106,18 +106,14 @@ ExploitabilityRating ExploitabilityWin::CheckPlatformExploitability() { uint64_t stack_ptr = 0; uint64_t instruction_ptr = 0; - switch (context->GetContextCPU()) { - case MD_CONTEXT_X86: - stack_ptr = context->GetContextX86()->esp; - instruction_ptr = context->GetContextX86()->eip; - break; - case MD_CONTEXT_AMD64: - stack_ptr = context->GetContextAMD64()->rsp; - instruction_ptr = context->GetContextAMD64()->rip; - break; - default: - BPLOG(INFO) << "Unsupported architecture."; - return EXPLOITABILITY_ERR_PROCESSING; + // Getting the instruction pointer. + if (!context->GetInstructionPointer(&instruction_ptr)) { + return EXPLOITABILITY_ERR_PROCESSING; + } + + // Getting the stack pointer. + if (!context->GetStackPointer(&stack_ptr)) { + return EXPLOITABILITY_ERR_PROCESSING; } // Check if we are executing on the stack. -- cgit v1.2.1