toolkit/crashreporter/google-breakpad/src/processor/disassembler_x86.h@6474c204b198 (annotated)
toolkit/crashreporter/google-breakpad/src/processor/disassembler_x86.h
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
| michael@0 | 1 | // All rights reserved. |
| michael@0 | 2 | // |
| michael@0 | 3 | // Redistribution and use in source and binary forms, with or without |
| michael@0 | 4 | // modification, are permitted provided that the following conditions are |
| michael@0 | 5 | // met: |
| michael@0 | 6 | // |
| michael@0 | 7 | // * Redistributions of source code must retain the above copyright |
| michael@0 | 8 | // notice, this list of conditions and the following disclaimer. |
| michael@0 | 9 | // * Redistributions in binary form must reproduce the above |
| michael@0 | 10 | // copyright notice, this list of conditions and the following disclaimer |
| michael@0 | 11 | // in the documentation and/or other materials provided with the |
| michael@0 | 12 | // distribution. |
| michael@0 | 13 | // * Neither the name of Google Inc. nor the names of its |
| michael@0 | 14 | // contributors may be used to endorse or promote products derived from |
| michael@0 | 15 | // this software without specific prior written permission. |
| michael@0 | 16 | // |
| michael@0 | 17 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| michael@0 | 18 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| michael@0 | 19 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| michael@0 | 20 | // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| michael@0 | 21 | // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| michael@0 | 22 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| michael@0 | 23 | // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| michael@0 | 24 | // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| michael@0 | 25 | // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| michael@0 | 26 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| michael@0 | 27 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| michael@0 | 28 | |
| michael@0 | 29 | // disassembler_x86.h: Basic x86 bytecode disassembler |
| michael@0 | 30 | // |
| michael@0 | 31 | // Provides a simple disassembler which wraps libdisasm. This allows simple |
| michael@0 | 32 | // tests to be run against bytecode to test for various properties. |
| michael@0 | 33 | // |
| michael@0 | 34 | // Author: Cris Neckar |
| michael@0 | 35 | |
| michael@0 | 36 | #ifndef GOOGLE_BREAKPAD_PROCESSOR_DISASSEMBLER_X86_H_ |
| michael@0 | 37 | #define GOOGLE_BREAKPAD_PROCESSOR_DISASSEMBLER_X86_H_ |
| michael@0 | 38 | |
| michael@0 | 39 | #include <stddef.h> |
| michael@0 | 40 | #include <sys/types.h> |
| michael@0 | 41 | |
| michael@0 | 42 | #include "google_breakpad/common/breakpad_types.h" |
| michael@0 | 43 | |
| michael@0 | 44 | namespace libdis { |
| michael@0 | 45 | #include "third_party/libdisasm/libdis.h" |
| michael@0 | 46 | } |
| michael@0 | 47 | |
| michael@0 | 48 | namespace google_breakpad { |
| michael@0 | 49 | |
| michael@0 | 50 | enum { |
| michael@0 | 51 | DISX86_NONE = 0x0, |
| michael@0 | 52 | DISX86_BAD_BRANCH_TARGET = 0x1, |
| michael@0 | 53 | DISX86_BAD_ARGUMENT_PASSED = 0x2, |
| michael@0 | 54 | DISX86_BAD_WRITE = 0x4, |
| michael@0 | 55 | DISX86_BAD_BLOCK_WRITE = 0x8, |
| michael@0 | 56 | DISX86_BAD_READ = 0x10, |
| michael@0 | 57 | DISX86_BAD_BLOCK_READ = 0x20, |
| michael@0 | 58 | DISX86_BAD_COMPARISON = 0x40 |
| michael@0 | 59 | }; |
| michael@0 | 60 | |
| michael@0 | 61 | class DisassemblerX86 { |
| michael@0 | 62 | public: |
| michael@0 | 63 | // TODO(cdn): Modify this class to take a MemoryRegion instead of just |
| michael@0 | 64 | // a raw buffer. This will make it easier to use this on arbitrary |
| michael@0 | 65 | // minidumps without first copying out the code segment. |
| michael@0 | 66 | DisassemblerX86(const uint8_t *bytecode, uint32_t, uint32_t); |
| michael@0 | 67 | ~DisassemblerX86(); |
| michael@0 | 68 | |
| michael@0 | 69 | // This walks to the next instruction in the memory region and |
| michael@0 | 70 | // sets flags based on the type of instruction and previous state |
| michael@0 | 71 | // including any registers marked as bad through setBadRead() |
| michael@0 | 72 | // or setBadWrite(). This method can be called in a loop to |
| michael@0 | 73 | // disassemble until the end of a region. |
| michael@0 | 74 | uint32_t NextInstruction(); |
| michael@0 | 75 | |
| michael@0 | 76 | // Indicates whether the current disassembled instruction was valid. |
| michael@0 | 77 | bool currentInstructionValid() { return instr_valid_; } |
| michael@0 | 78 | |
| michael@0 | 79 | // Returns the current instruction as defined in libdis.h, |
| michael@0 | 80 | // or NULL if the current instruction is not valid. |
| michael@0 | 81 | const libdis::x86_insn_t* currentInstruction() { |
| michael@0 | 82 | return instr_valid_ ? ¤t_instr_ : NULL; |
| michael@0 | 83 | } |
| michael@0 | 84 | |
| michael@0 | 85 | // Returns the type of the current instruction as defined in libdis.h. |
| michael@0 | 86 | libdis::x86_insn_group currentInstructionGroup() { |
| michael@0 | 87 | return current_instr_.group; |
| michael@0 | 88 | } |
| michael@0 | 89 | |
| michael@0 | 90 | // Indicates whether a return instruction has been encountered. |
| michael@0 | 91 | bool endOfBlock() { return end_of_block_; } |
| michael@0 | 92 | |
| michael@0 | 93 | // The flags set so far for the disassembly. |
| michael@0 | 94 | uint16_t flags() { return flags_; } |
| michael@0 | 95 | |
| michael@0 | 96 | // This sets an indicator that the register used to determine |
| michael@0 | 97 | // src or dest for the current instruction is tainted. These can |
| michael@0 | 98 | // be used after examining the current instruction to indicate, |
| michael@0 | 99 | // for example that a bad read or write occurred and the pointer |
| michael@0 | 100 | // stored in the register is currently invalid. |
| michael@0 | 101 | bool setBadRead(); |
| michael@0 | 102 | bool setBadWrite(); |
| michael@0 | 103 | |
| michael@0 | 104 | protected: |
| michael@0 | 105 | const uint8_t *bytecode_; |
| michael@0 | 106 | uint32_t size_; |
| michael@0 | 107 | uint32_t virtual_address_; |
| michael@0 | 108 | uint32_t current_byte_offset_; |
| michael@0 | 109 | uint32_t current_inst_offset_; |
| michael@0 | 110 | |
| michael@0 | 111 | bool instr_valid_; |
| michael@0 | 112 | libdis::x86_insn_t current_instr_; |
| michael@0 | 113 | |
| michael@0 | 114 | // TODO(cdn): Maybe also track an expression's index register. |
| michael@0 | 115 | // ex: mov eax, [ebx + ecx]; ebx is base, ecx is index. |
| michael@0 | 116 | bool register_valid_; |
| michael@0 | 117 | libdis::x86_reg_t bad_register_; |
| michael@0 | 118 | |
| michael@0 | 119 | bool pushed_bad_value_; |
| michael@0 | 120 | bool end_of_block_; |
| michael@0 | 121 | |
| michael@0 | 122 | uint16_t flags_; |
| michael@0 | 123 | }; |
| michael@0 | 124 | |
| michael@0 | 125 | } // namespace google_breakpad |
| michael@0 | 126 | |
| michael@0 | 127 | #endif // GOOGLE_BREAKPAD_PROCESSOR_DISASSEMBLER_X86_H_ |
