The Tor Browser / annotate

toolkit/crashreporter/google-breakpad/src/processor/disassembler_x86_unittest.cc@6474c204b198 (annotated)

toolkit/crashreporter/google-breakpad/src/processor/disassembler_x86_unittest.cc

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

michael@0 1 // All rights reserved.
michael@0 2 //
michael@0 3 // Redistribution and use in source and binary forms, with or without
michael@0 4 // modification, are permitted provided that the following conditions are
michael@0 5 // met:
michael@0 6 //
michael@0 7 // * Redistributions of source code must retain the above copyright
michael@0 8 // notice, this list of conditions and the following disclaimer.
michael@0 9 // * Redistributions in binary form must reproduce the above
michael@0 10 // copyright notice, this list of conditions and the following disclaimer
michael@0 11 // in the documentation and/or other materials provided with the
michael@0 12 // distribution.
michael@0 13 // * Neither the name of Google Inc. nor the names of its
michael@0 14 // contributors may be used to endorse or promote products derived from
michael@0 15 // this software without specific prior written permission.
michael@0 16 //
michael@0 17 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
michael@0 18 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
michael@0 19 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
michael@0 20 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
michael@0 21 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
michael@0 22 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
michael@0 23 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
michael@0 24 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
michael@0 25 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
michael@0 26 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
michael@0 27 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE//
michael@0 28 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
michael@0 29 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
michael@0 30 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
michael@0 31 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
michael@0 32 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
michael@0 33 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
michael@0 34 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
michael@0 35 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
michael@0 36 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
michael@0 37 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
michael@0 38 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
michael@0 39
michael@0 40 #include <unistd.h>
michael@0 41
michael@0 42 #include "breakpad_googletest_includes.h"
michael@0 43 #include "processor/disassembler_x86.h"
michael@0 44 #include "third_party/libdisasm/libdis.h"
michael@0 45
michael@0 46 namespace {
michael@0 47
michael@0 48 using google_breakpad::DisassemblerX86;
michael@0 49
michael@0 50 unsigned char just_return[] = "\xc3"; // retn
michael@0 51
michael@0 52 unsigned char invalid_instruction[] = "\x00"; // invalid
michael@0 53
michael@0 54 unsigned char read_eax_jmp_eax[] =
michael@0 55 "\x8b\x18" // mov ebx, [eax];
michael@0 56 "\x33\xc9" // xor ebx, ebx;
michael@0 57 "\xff\x20" // jmp eax;
michael@0 58 "\xc3"; // retn;
michael@0 59
michael@0 60 unsigned char write_eax_arg_to_call[] =
michael@0 61 "\x89\xa8\x00\x02\x00\x00" // mov [eax+200], ebp;
michael@0 62 "\xc1\xeb\x02" // shr ebx, 2;
michael@0 63 "\x50" // push eax;
michael@0 64 "\xe8\xd1\x24\x77\x88" // call something;
michael@0 65 "\xc3"; // retn;
michael@0 66
michael@0 67 unsigned char read_edi_stosb[] =
michael@0 68 "\x8b\x07" // mov eax, [edi];
michael@0 69 "\x8b\xc8" // mov ecx, eax;
michael@0 70 "\xf3\xaa" // rep stosb;
michael@0 71 "\xc3"; // retn;
michael@0 72
michael@0 73 unsigned char read_clobber_write[] =
michael@0 74 "\x03\x18" // add ebx, [eax];
michael@0 75 "\x8b\xc1" // mov eax, ecx;
michael@0 76 "\x89\x10" // mov [eax], edx;
michael@0 77 "\xc3"; // retn;
michael@0 78
michael@0 79 unsigned char read_xchg_write[] =
michael@0 80 "\x03\x18" // add ebx, [eax];
michael@0 81 "\x91" // xchg eax, ecx;
michael@0 82 "\x89\x18" // mov [eax], ebx;
michael@0 83 "\x89\x11" // mov [ecx], edx;
michael@0 84 "\xc3"; // retn;
michael@0 85
michael@0 86 unsigned char read_cmp[] =
michael@0 87 "\x03\x18" // add ebx, [eax];
michael@0 88 "\x83\xf8\x00" // cmp eax, 0;
michael@0 89 "\x74\x04" // je +4;
michael@0 90 "\xc3"; // retn;
michael@0 91
michael@0 92 TEST(DisassemblerX86Test, SimpleReturnInstruction) {
michael@0 93 DisassemblerX86 dis(just_return, sizeof(just_return)-1, 0);
michael@0 94 EXPECT_EQ(1U, dis.NextInstruction());
michael@0 95 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 96 EXPECT_EQ(0U, dis.flags());
michael@0 97 EXPECT_TRUE(dis.endOfBlock());
michael@0 98 EXPECT_EQ(libdis::insn_controlflow, dis.currentInstructionGroup());
michael@0 99 const libdis::x86_insn_t* instruction = dis.currentInstruction();
michael@0 100 EXPECT_EQ(libdis::insn_controlflow, instruction->group);
michael@0 101 EXPECT_EQ(libdis::insn_return, instruction->type);
michael@0 102 EXPECT_EQ(0U, dis.NextInstruction());
michael@0 103 EXPECT_FALSE(dis.currentInstructionValid());
michael@0 104 EXPECT_EQ(NULL, dis.currentInstruction());
michael@0 105 }
michael@0 106
michael@0 107 TEST(DisassemblerX86Test, SimpleInvalidInstruction) {
michael@0 108 DisassemblerX86 dis(invalid_instruction, sizeof(invalid_instruction)-1, 0);
michael@0 109 EXPECT_EQ(0U, dis.NextInstruction());
michael@0 110 EXPECT_FALSE(dis.currentInstructionValid());
michael@0 111 }
michael@0 112
michael@0 113 TEST(DisassemblerX86Test, BadReadLeadsToBranch) {
michael@0 114 DisassemblerX86 dis(read_eax_jmp_eax, sizeof(read_eax_jmp_eax)-1, 0);
michael@0 115 EXPECT_EQ(2U, dis.NextInstruction());
michael@0 116 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 117 EXPECT_EQ(0U, dis.flags());
michael@0 118 EXPECT_FALSE(dis.endOfBlock());
michael@0 119 EXPECT_EQ(libdis::insn_move, dis.currentInstructionGroup());
michael@0 120 EXPECT_TRUE(dis.setBadRead());
michael@0 121 EXPECT_EQ(2U, dis.NextInstruction());
michael@0 122 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 123 EXPECT_EQ(0U, dis.flags());
michael@0 124 EXPECT_FALSE(dis.endOfBlock());
michael@0 125 EXPECT_EQ(libdis::insn_logic, dis.currentInstructionGroup());
michael@0 126 EXPECT_EQ(2U, dis.NextInstruction());
michael@0 127 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 128 EXPECT_EQ(google_breakpad::DISX86_BAD_BRANCH_TARGET, dis.flags());
michael@0 129 EXPECT_FALSE(dis.endOfBlock());
michael@0 130 EXPECT_EQ(libdis::insn_controlflow, dis.currentInstructionGroup());
michael@0 131 }
michael@0 132
michael@0 133 TEST(DisassemblerX86Test, BadWriteLeadsToPushedArg) {
michael@0 134 DisassemblerX86 dis(write_eax_arg_to_call,
michael@0 135 sizeof(write_eax_arg_to_call)-1, 0);
michael@0 136 EXPECT_EQ(6U, dis.NextInstruction());
michael@0 137 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 138 EXPECT_EQ(0U, dis.flags());
michael@0 139 EXPECT_FALSE(dis.endOfBlock());
michael@0 140 EXPECT_EQ(libdis::insn_move, dis.currentInstructionGroup());
michael@0 141 EXPECT_TRUE(dis.setBadWrite());
michael@0 142 EXPECT_EQ(3U, dis.NextInstruction());
michael@0 143 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 144 EXPECT_EQ(0U, dis.flags());
michael@0 145 EXPECT_FALSE(dis.endOfBlock());
michael@0 146 EXPECT_EQ(libdis::insn_arithmetic, dis.currentInstructionGroup());
michael@0 147 EXPECT_EQ(1U, dis.NextInstruction());
michael@0 148 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 149 EXPECT_EQ(0U, dis.flags());
michael@0 150 EXPECT_FALSE(dis.endOfBlock());
michael@0 151 EXPECT_EQ(5U, dis.NextInstruction());
michael@0 152 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 153 EXPECT_EQ(google_breakpad::DISX86_BAD_ARGUMENT_PASSED, dis.flags());
michael@0 154 EXPECT_EQ(libdis::insn_controlflow, dis.currentInstructionGroup());
michael@0 155 EXPECT_FALSE(dis.endOfBlock());
michael@0 156 }
michael@0 157
michael@0 158
michael@0 159 TEST(DisassemblerX86Test, BadReadLeadsToBlockWrite) {
michael@0 160 DisassemblerX86 dis(read_edi_stosb, sizeof(read_edi_stosb)-1, 0);
michael@0 161 EXPECT_EQ(2U, dis.NextInstruction());
michael@0 162 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 163 EXPECT_EQ(0U, dis.flags());
michael@0 164 EXPECT_FALSE(dis.endOfBlock());
michael@0 165 EXPECT_EQ(libdis::insn_move, dis.currentInstructionGroup());
michael@0 166 EXPECT_TRUE(dis.setBadRead());
michael@0 167 EXPECT_EQ(2U, dis.NextInstruction());
michael@0 168 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 169 EXPECT_EQ(0U, dis.flags());
michael@0 170 EXPECT_FALSE(dis.endOfBlock());
michael@0 171 EXPECT_EQ(libdis::insn_move, dis.currentInstructionGroup());
michael@0 172 EXPECT_EQ(2U, dis.NextInstruction());
michael@0 173 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 174 EXPECT_EQ(google_breakpad::DISX86_BAD_BLOCK_WRITE, dis.flags());
michael@0 175 EXPECT_FALSE(dis.endOfBlock());
michael@0 176 EXPECT_EQ(libdis::insn_string, dis.currentInstructionGroup());
michael@0 177 }
michael@0 178
michael@0 179 TEST(DisassemblerX86Test, BadReadClobberThenWrite) {
michael@0 180 DisassemblerX86 dis(read_clobber_write, sizeof(read_clobber_write)-1, 0);
michael@0 181 EXPECT_EQ(2U, dis.NextInstruction());
michael@0 182 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 183 EXPECT_EQ(0U, dis.flags());
michael@0 184 EXPECT_FALSE(dis.endOfBlock());
michael@0 185 EXPECT_EQ(libdis::insn_arithmetic, dis.currentInstructionGroup());
michael@0 186 EXPECT_TRUE(dis.setBadRead());
michael@0 187 EXPECT_EQ(2U, dis.NextInstruction());
michael@0 188 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 189 EXPECT_EQ(0U, dis.flags());
michael@0 190 EXPECT_FALSE(dis.endOfBlock());
michael@0 191 EXPECT_EQ(libdis::insn_move, dis.currentInstructionGroup());
michael@0 192 EXPECT_EQ(2U, dis.NextInstruction());
michael@0 193 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 194 EXPECT_EQ(0U, dis.flags());
michael@0 195 EXPECT_FALSE(dis.endOfBlock());
michael@0 196 EXPECT_EQ(libdis::insn_move, dis.currentInstructionGroup());
michael@0 197 }
michael@0 198
michael@0 199 TEST(DisassemblerX86Test, BadReadXCHGThenWrite) {
michael@0 200 DisassemblerX86 dis(read_xchg_write, sizeof(read_xchg_write)-1, 0);
michael@0 201 EXPECT_EQ(2U, dis.NextInstruction());
michael@0 202 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 203 EXPECT_EQ(0U, dis.flags());
michael@0 204 EXPECT_FALSE(dis.endOfBlock());
michael@0 205 EXPECT_EQ(libdis::insn_arithmetic, dis.currentInstructionGroup());
michael@0 206 EXPECT_TRUE(dis.setBadRead());
michael@0 207 EXPECT_EQ(1U, dis.NextInstruction());
michael@0 208 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 209 EXPECT_EQ(0U, dis.flags());
michael@0 210 EXPECT_FALSE(dis.endOfBlock());
michael@0 211 EXPECT_EQ(libdis::insn_move, dis.currentInstructionGroup());
michael@0 212 EXPECT_EQ(2U, dis.NextInstruction());
michael@0 213 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 214 EXPECT_EQ(0U, dis.flags());
michael@0 215 EXPECT_FALSE(dis.endOfBlock());
michael@0 216 EXPECT_EQ(libdis::insn_move, dis.currentInstructionGroup());
michael@0 217 EXPECT_EQ(2U, dis.NextInstruction());
michael@0 218 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 219 EXPECT_EQ(google_breakpad::DISX86_BAD_WRITE, dis.flags());
michael@0 220 EXPECT_FALSE(dis.endOfBlock());
michael@0 221 EXPECT_EQ(libdis::insn_move, dis.currentInstructionGroup());
michael@0 222 }
michael@0 223
michael@0 224 TEST(DisassemblerX86Test, BadReadThenCMP) {
michael@0 225 DisassemblerX86 dis(read_cmp, sizeof(read_cmp)-1, 0);
michael@0 226 EXPECT_EQ(2U, dis.NextInstruction());
michael@0 227 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 228 EXPECT_EQ(0U, dis.flags());
michael@0 229 EXPECT_FALSE(dis.endOfBlock());
michael@0 230 EXPECT_EQ(libdis::insn_arithmetic, dis.currentInstructionGroup());
michael@0 231 EXPECT_TRUE(dis.setBadRead());
michael@0 232 EXPECT_EQ(3U, dis.NextInstruction());
michael@0 233 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 234 EXPECT_EQ(google_breakpad::DISX86_BAD_COMPARISON, dis.flags());
michael@0 235 EXPECT_FALSE(dis.endOfBlock());
michael@0 236 EXPECT_EQ(libdis::insn_comparison, dis.currentInstructionGroup());
michael@0 237 EXPECT_EQ(2U, dis.NextInstruction());
michael@0 238 EXPECT_TRUE(dis.currentInstructionValid());
michael@0 239 EXPECT_EQ(google_breakpad::DISX86_BAD_COMPARISON, dis.flags());
michael@0 240 EXPECT_FALSE(dis.endOfBlock());
michael@0 241 EXPECT_EQ(libdis::insn_controlflow, dis.currentInstructionGroup());
michael@0 242 }
michael@0 243 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial