toolkit/crashreporter/google-breakpad/src/processor/exploitability_unittest.cc@6474c204b198 (annotated)
toolkit/crashreporter/google-breakpad/src/processor/exploitability_unittest.cc
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
| michael@0 | 1 | // All rights reserved. |
| michael@0 | 2 | // |
| michael@0 | 3 | // Redistribution and use in source and binary forms, with or without |
| michael@0 | 4 | // modification, are permitted provided that the following conditions are |
| michael@0 | 5 | // met: |
| michael@0 | 6 | // |
| michael@0 | 7 | // * Redistributions of source code must retain the above copyright |
| michael@0 | 8 | // notice, this list of conditions and the following disclaimer. |
| michael@0 | 9 | // * Redistributions in binary form must reproduce the above |
| michael@0 | 10 | // copyright notice, this list of conditions and the following disclaimer |
| michael@0 | 11 | // in the documentation and/or other materials provided with the |
| michael@0 | 12 | // distribution. |
| michael@0 | 13 | // * Neither the name of Google Inc. nor the names of its |
| michael@0 | 14 | // contributors may be used to endorse or promote products derived from |
| michael@0 | 15 | // this software without specific prior written permission. |
| michael@0 | 16 | // |
| michael@0 | 17 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| michael@0 | 18 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| michael@0 | 19 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| michael@0 | 20 | // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| michael@0 | 21 | // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| michael@0 | 22 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| michael@0 | 23 | // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| michael@0 | 24 | // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| michael@0 | 25 | // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| michael@0 | 26 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| michael@0 | 27 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE// |
| michael@0 | 28 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| michael@0 | 29 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| michael@0 | 30 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| michael@0 | 31 | // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| michael@0 | 32 | // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| michael@0 | 33 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| michael@0 | 34 | // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| michael@0 | 35 | // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| michael@0 | 36 | // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| michael@0 | 37 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| michael@0 | 38 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| michael@0 | 39 | |
| michael@0 | 40 | #include <stdlib.h> |
| michael@0 | 41 | #include <unistd.h> |
| michael@0 | 42 | |
| michael@0 | 43 | #include <string> |
| michael@0 | 44 | |
| michael@0 | 45 | #include "breakpad_googletest_includes.h" |
| michael@0 | 46 | #include "common/using_std_string.h" |
| michael@0 | 47 | #include "google_breakpad/processor/basic_source_line_resolver.h" |
| michael@0 | 48 | #include "google_breakpad/processor/call_stack.h" |
| michael@0 | 49 | #include "google_breakpad/processor/code_module.h" |
| michael@0 | 50 | #include "google_breakpad/processor/code_modules.h" |
| michael@0 | 51 | #include "google_breakpad/processor/minidump.h" |
| michael@0 | 52 | #include "google_breakpad/processor/minidump_processor.h" |
| michael@0 | 53 | #include "google_breakpad/processor/process_state.h" |
| michael@0 | 54 | #include "google_breakpad/processor/stack_frame.h" |
| michael@0 | 55 | #include "google_breakpad/processor/symbol_supplier.h" |
| michael@0 | 56 | |
| michael@0 | 57 | namespace google_breakpad { |
| michael@0 | 58 | class MockMinidump : public Minidump { |
| michael@0 | 59 | public: |
| michael@0 | 60 | MockMinidump() : Minidump("") { |
| michael@0 | 61 | } |
| michael@0 | 62 | |
| michael@0 | 63 | MOCK_METHOD0(Read, bool()); |
| michael@0 | 64 | MOCK_CONST_METHOD0(path, string()); |
| michael@0 | 65 | MOCK_CONST_METHOD0(header, const MDRawHeader*()); |
| michael@0 | 66 | MOCK_METHOD0(GetThreadList, MinidumpThreadList*()); |
| michael@0 | 67 | }; |
| michael@0 | 68 | } |
| michael@0 | 69 | |
| michael@0 | 70 | namespace { |
| michael@0 | 71 | |
| michael@0 | 72 | using google_breakpad::BasicSourceLineResolver; |
| michael@0 | 73 | using google_breakpad::CallStack; |
| michael@0 | 74 | using google_breakpad::CodeModule; |
| michael@0 | 75 | using google_breakpad::MinidumpProcessor; |
| michael@0 | 76 | using google_breakpad::MinidumpThreadList; |
| michael@0 | 77 | using google_breakpad::MinidumpThread; |
| michael@0 | 78 | using google_breakpad::MockMinidump; |
| michael@0 | 79 | using google_breakpad::ProcessState; |
| michael@0 | 80 | using google_breakpad::SymbolSupplier; |
| michael@0 | 81 | using google_breakpad::SystemInfo; |
| michael@0 | 82 | |
| michael@0 | 83 | class TestSymbolSupplier : public SymbolSupplier { |
| michael@0 | 84 | public: |
| michael@0 | 85 | TestSymbolSupplier() : interrupt_(false) {} |
| michael@0 | 86 | |
| michael@0 | 87 | virtual SymbolResult GetSymbolFile(const CodeModule *module, |
| michael@0 | 88 | const SystemInfo *system_info, |
| michael@0 | 89 | string *symbol_file); |
| michael@0 | 90 | |
| michael@0 | 91 | virtual SymbolResult GetSymbolFile(const CodeModule *module, |
| michael@0 | 92 | const SystemInfo *system_info, |
| michael@0 | 93 | string *symbol_file, |
| michael@0 | 94 | string *symbol_data); |
| michael@0 | 95 | |
| michael@0 | 96 | virtual SymbolResult GetCStringSymbolData(const CodeModule *module, |
| michael@0 | 97 | const SystemInfo *system_info, |
| michael@0 | 98 | string *symbol_file, |
| michael@0 | 99 | char **symbol_data); |
| michael@0 | 100 | |
| michael@0 | 101 | virtual void FreeSymbolData(const CodeModule *module) { } |
| michael@0 | 102 | // When set to true, causes the SymbolSupplier to return INTERRUPT |
| michael@0 | 103 | void set_interrupt(bool interrupt) { interrupt_ = interrupt; } |
| michael@0 | 104 | |
| michael@0 | 105 | private: |
| michael@0 | 106 | bool interrupt_; |
| michael@0 | 107 | }; |
| michael@0 | 108 | |
| michael@0 | 109 | SymbolSupplier::SymbolResult TestSymbolSupplier::GetSymbolFile( |
| michael@0 | 110 | const CodeModule *module, |
| michael@0 | 111 | const SystemInfo *system_info, |
| michael@0 | 112 | string *symbol_file) { |
| michael@0 | 113 | |
| michael@0 | 114 | if (interrupt_) { |
| michael@0 | 115 | return INTERRUPT; |
| michael@0 | 116 | } |
| michael@0 | 117 | |
| michael@0 | 118 | return NOT_FOUND; |
| michael@0 | 119 | } |
| michael@0 | 120 | |
| michael@0 | 121 | SymbolSupplier::SymbolResult TestSymbolSupplier::GetCStringSymbolData( |
| michael@0 | 122 | const CodeModule *module, |
| michael@0 | 123 | const SystemInfo *system_info, |
| michael@0 | 124 | string *symbol_file, |
| michael@0 | 125 | char **symbol_data) { |
| michael@0 | 126 | return GetSymbolFile(module, system_info, symbol_file); |
| michael@0 | 127 | } |
| michael@0 | 128 | |
| michael@0 | 129 | SymbolSupplier::SymbolResult TestSymbolSupplier::GetSymbolFile( |
| michael@0 | 130 | const CodeModule *module, |
| michael@0 | 131 | const SystemInfo *system_info, |
| michael@0 | 132 | string *symbol_file, |
| michael@0 | 133 | string *symbol_data) { |
| michael@0 | 134 | return GetSymbolFile(module, system_info, symbol_file); |
| michael@0 | 135 | } |
| michael@0 | 136 | |
| michael@0 | 137 | TEST(ExploitabilityTest, TestWindowsEngine) { |
| michael@0 | 138 | TestSymbolSupplier supplier; |
| michael@0 | 139 | BasicSourceLineResolver resolver; |
| michael@0 | 140 | MinidumpProcessor processor(&supplier, &resolver, true); |
| michael@0 | 141 | ProcessState state; |
| michael@0 | 142 | |
| michael@0 | 143 | string minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 144 | "/src/processor/testdata/ascii_read_av.dmp"; |
| michael@0 | 145 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 146 | google_breakpad::PROCESS_OK); |
| michael@0 | 147 | ASSERT_EQ(google_breakpad::EXPLOITABILITY_HIGH, |
| michael@0 | 148 | state.exploitability()); |
| michael@0 | 149 | |
| michael@0 | 150 | minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 151 | "/src/processor/testdata/ascii_read_av_block_write.dmp"; |
| michael@0 | 152 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 153 | google_breakpad::PROCESS_OK); |
| michael@0 | 154 | ASSERT_EQ(google_breakpad::EXPLOITABILITY_HIGH, |
| michael@0 | 155 | state.exploitability()); |
| michael@0 | 156 | |
| michael@0 | 157 | minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 158 | "/src/processor/testdata/ascii_read_av_clobber_write.dmp"; |
| michael@0 | 159 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 160 | google_breakpad::PROCESS_OK); |
| michael@0 | 161 | ASSERT_EQ(google_breakpad::EXPLOITABILITY_HIGH, |
| michael@0 | 162 | state.exploitability()); |
| michael@0 | 163 | |
| michael@0 | 164 | minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 165 | "/src/processor/testdata/ascii_read_av_conditional.dmp"; |
| michael@0 | 166 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 167 | google_breakpad::PROCESS_OK); |
| michael@0 | 168 | ASSERT_EQ(google_breakpad::EXPLOITABILITY_HIGH, |
| michael@0 | 169 | state.exploitability()); |
| michael@0 | 170 | |
| michael@0 | 171 | minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 172 | "/src/processor/testdata/ascii_read_av_then_jmp.dmp"; |
| michael@0 | 173 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 174 | google_breakpad::PROCESS_OK); |
| michael@0 | 175 | ASSERT_EQ(google_breakpad::EXPLOITABILITY_HIGH, |
| michael@0 | 176 | state.exploitability()); |
| michael@0 | 177 | |
| michael@0 | 178 | minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 179 | "/src/processor/testdata/ascii_read_av_xchg_write.dmp"; |
| michael@0 | 180 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 181 | google_breakpad::PROCESS_OK); |
| michael@0 | 182 | ASSERT_EQ(google_breakpad::EXPLOITABILITY_HIGH, |
| michael@0 | 183 | state.exploitability()); |
| michael@0 | 184 | |
| michael@0 | 185 | minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 186 | "/src/processor/testdata/ascii_write_av.dmp"; |
| michael@0 | 187 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 188 | google_breakpad::PROCESS_OK); |
| michael@0 | 189 | ASSERT_EQ(google_breakpad::EXPLOITABILITY_HIGH, |
| michael@0 | 190 | state.exploitability()); |
| michael@0 | 191 | |
| michael@0 | 192 | minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 193 | "/src/processor/testdata/ascii_write_av_arg_to_call.dmp"; |
| michael@0 | 194 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 195 | google_breakpad::PROCESS_OK); |
| michael@0 | 196 | ASSERT_EQ(google_breakpad::EXPLOITABILITY_HIGH, |
| michael@0 | 197 | state.exploitability()); |
| michael@0 | 198 | |
| michael@0 | 199 | minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 200 | "/src/processor/testdata/null_read_av.dmp"; |
| michael@0 | 201 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 202 | google_breakpad::PROCESS_OK); |
| michael@0 | 203 | ASSERT_EQ(google_breakpad::EXPLOITABILITY_NONE, |
| michael@0 | 204 | state.exploitability()); |
| michael@0 | 205 | |
| michael@0 | 206 | minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 207 | "/src/processor/testdata/null_write_av.dmp"; |
| michael@0 | 208 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 209 | google_breakpad::PROCESS_OK); |
| michael@0 | 210 | ASSERT_EQ(google_breakpad::EXPLOITABILITY_NONE, |
| michael@0 | 211 | state.exploitability()); |
| michael@0 | 212 | |
| michael@0 | 213 | minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 214 | "/src/processor/testdata/stack_exhaustion.dmp"; |
| michael@0 | 215 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 216 | google_breakpad::PROCESS_OK); |
| michael@0 | 217 | ASSERT_EQ(google_breakpad::EXPLOITABILITY_NONE, |
| michael@0 | 218 | state.exploitability()); |
| michael@0 | 219 | |
| michael@0 | 220 | minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 221 | "/src/processor/testdata/exec_av_on_stack.dmp"; |
| michael@0 | 222 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 223 | google_breakpad::PROCESS_OK); |
| michael@0 | 224 | ASSERT_EQ(google_breakpad::EXPLOITABILITY_HIGH, |
| michael@0 | 225 | state.exploitability()); |
| michael@0 | 226 | |
| michael@0 | 227 | minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 228 | "/src/processor/testdata/write_av_non_null.dmp"; |
| michael@0 | 229 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 230 | google_breakpad::PROCESS_OK); |
| michael@0 | 231 | ASSERT_EQ(google_breakpad::EXPLOITABLITY_MEDIUM, |
| michael@0 | 232 | state.exploitability()); |
| michael@0 | 233 | |
| michael@0 | 234 | minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 235 | "/src/processor/testdata/read_av_non_null.dmp"; |
| michael@0 | 236 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 237 | google_breakpad::PROCESS_OK); |
| michael@0 | 238 | ASSERT_EQ(google_breakpad::EXPLOITABILITY_LOW, |
| michael@0 | 239 | state.exploitability()); |
| michael@0 | 240 | |
| michael@0 | 241 | minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 242 | "/src/processor/testdata/read_av_clobber_write.dmp"; |
| michael@0 | 243 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 244 | google_breakpad::PROCESS_OK); |
| michael@0 | 245 | ASSERT_EQ(google_breakpad::EXPLOITABILITY_LOW, |
| michael@0 | 246 | state.exploitability()); |
| michael@0 | 247 | |
| michael@0 | 248 | minidump_file = string(getenv("srcdir") ? getenv("srcdir") : ".") + |
| michael@0 | 249 | "/src/processor/testdata/read_av_conditional.dmp"; |
| michael@0 | 250 | ASSERT_EQ(processor.Process(minidump_file, &state), |
| michael@0 | 251 | google_breakpad::PROCESS_OK); |
| michael@0 | 252 | ASSERT_EQ(google_breakpad::EXPLOITABILITY_LOW, |
| michael@0 | 253 | state.exploitability()); |
| michael@0 | 254 | } |
| michael@0 | 255 | } |
