Mark Mentovai | 4febb34 | 2022-09-07 10:34:05 -0400 | [diff] [blame^] | 1 | // Copyright 2010 Google LLC |
nealsid | 8d2c518 | 2010-08-24 14:28:10 +0000 | [diff] [blame] | 2 | // |
| 3 | // Redistribution and use in source and binary forms, with or without |
| 4 | // modification, are permitted provided that the following conditions are |
| 5 | // met: |
| 6 | // |
| 7 | // * Redistributions of source code must retain the above copyright |
| 8 | // notice, this list of conditions and the following disclaimer. |
| 9 | // * Redistributions in binary form must reproduce the above |
| 10 | // copyright notice, this list of conditions and the following disclaimer |
| 11 | // in the documentation and/or other materials provided with the |
| 12 | // distribution. |
Mark Mentovai | 4febb34 | 2022-09-07 10:34:05 -0400 | [diff] [blame^] | 13 | // * Neither the name of Google LLC nor the names of its |
nealsid | 8d2c518 | 2010-08-24 14:28:10 +0000 | [diff] [blame] | 14 | // contributors may be used to endorse or promote products derived from |
| 15 | // this software without specific prior written permission. |
| 16 | // |
| 17 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| 18 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| 19 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| 20 | // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| 21 | // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| 22 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| 23 | // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 24 | // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 25 | // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 26 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 27 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 28 | |
| 29 | // exploitability_engine.cc: Generic exploitability engine. |
| 30 | // |
| 31 | // See exploitable_engine.h for documentation. |
| 32 | // |
| 33 | // Author: Cris Neckar |
| 34 | |
| 35 | |
| 36 | #include <cassert> |
| 37 | |
ted.mielczarek@gmail.com | 63c5d98 | 2013-01-17 15:53:56 +0000 | [diff] [blame] | 38 | #include "common/scoped_ptr.h" |
nealsid | 8d2c518 | 2010-08-24 14:28:10 +0000 | [diff] [blame] | 39 | #include "google_breakpad/processor/exploitability.h" |
| 40 | #include "google_breakpad/processor/minidump.h" |
| 41 | #include "google_breakpad/processor/process_state.h" |
mattdr.breakpad@gmail.com | 502f232 | 2013-10-29 20:03:39 +0000 | [diff] [blame] | 42 | #include "processor/exploitability_linux.h" |
cdn@chromium.org | cec1287 | 2010-09-22 02:37:19 +0000 | [diff] [blame] | 43 | #include "processor/exploitability_win.h" |
nealsid | 8d2c518 | 2010-08-24 14:28:10 +0000 | [diff] [blame] | 44 | #include "processor/logging.h" |
nealsid | 8d2c518 | 2010-08-24 14:28:10 +0000 | [diff] [blame] | 45 | |
| 46 | namespace google_breakpad { |
| 47 | |
| 48 | Exploitability::Exploitability(Minidump *dump, |
| 49 | ProcessState *process_state) |
| 50 | : dump_(dump), |
| 51 | process_state_(process_state) {} |
| 52 | |
| 53 | ExploitabilityRating Exploitability::CheckExploitability() { |
| 54 | return CheckPlatformExploitability(); |
| 55 | } |
| 56 | |
| 57 | Exploitability *Exploitability::ExploitabilityForPlatform( |
| 58 | Minidump *dump, |
| 59 | ProcessState *process_state) { |
Liu.andrew.x@gmail.com | f073540 | 2015-08-21 16:22:19 +0000 | [diff] [blame] | 60 | return ExploitabilityForPlatform(dump, process_state, false); |
| 61 | } |
| 62 | |
| 63 | Exploitability *Exploitability::ExploitabilityForPlatform( |
| 64 | Minidump *dump, |
| 65 | ProcessState *process_state, |
| 66 | bool enable_objdump) { |
nealsid | 8d2c518 | 2010-08-24 14:28:10 +0000 | [diff] [blame] | 67 | Exploitability *platform_exploitability = NULL; |
| 68 | MinidumpSystemInfo *minidump_system_info = dump->GetSystemInfo(); |
| 69 | if (!minidump_system_info) |
| 70 | return NULL; |
| 71 | |
| 72 | const MDRawSystemInfo *raw_system_info = |
| 73 | minidump_system_info->system_info(); |
| 74 | if (!raw_system_info) |
| 75 | return NULL; |
| 76 | |
| 77 | switch (raw_system_info->platform_id) { |
| 78 | case MD_OS_WIN32_NT: |
cdn@chromium.org | cec1287 | 2010-09-22 02:37:19 +0000 | [diff] [blame] | 79 | case MD_OS_WIN32_WINDOWS: { |
mattdr.breakpad@gmail.com | 502f232 | 2013-10-29 20:03:39 +0000 | [diff] [blame] | 80 | platform_exploitability = new ExploitabilityWin(dump, process_state); |
| 81 | break; |
| 82 | } |
| 83 | case MD_OS_LINUX: { |
Liu.andrew.x@gmail.com | f073540 | 2015-08-21 16:22:19 +0000 | [diff] [blame] | 84 | platform_exploitability = new ExploitabilityLinux(dump, |
| 85 | process_state, |
| 86 | enable_objdump); |
cdn@chromium.org | cec1287 | 2010-09-22 02:37:19 +0000 | [diff] [blame] | 87 | break; |
| 88 | } |
nealsid | 8d2c518 | 2010-08-24 14:28:10 +0000 | [diff] [blame] | 89 | case MD_OS_MAC_OS_X: |
qsr@chromium.org | b958379 | 2011-10-11 14:17:02 +0000 | [diff] [blame] | 90 | case MD_OS_IOS: |
cdn@chromium.org | cec1287 | 2010-09-22 02:37:19 +0000 | [diff] [blame] | 91 | case MD_OS_UNIX: |
nealsid | 8d2c518 | 2010-08-24 14:28:10 +0000 | [diff] [blame] | 92 | case MD_OS_SOLARIS: |
digit@chromium.org | 8d96707 | 2012-07-04 11:56:26 +0000 | [diff] [blame] | 93 | case MD_OS_ANDROID: |
thestig@chromium.org | 0bdc714 | 2013-04-25 20:36:31 +0000 | [diff] [blame] | 94 | case MD_OS_PS3: |
Ivan Penkov | 4a6d7c7 | 2019-07-11 18:34:48 -0700 | [diff] [blame] | 95 | case MD_OS_FUCHSIA: |
nealsid | 8d2c518 | 2010-08-24 14:28:10 +0000 | [diff] [blame] | 96 | default: { |
| 97 | platform_exploitability = NULL; |
| 98 | break; |
| 99 | } |
| 100 | } |
| 101 | |
| 102 | BPLOG_IF(ERROR, !platform_exploitability) << |
| 103 | "No Exploitability module for platform: " << |
| 104 | process_state->system_info()->os; |
| 105 | return platform_exploitability; |
| 106 | } |
| 107 | |
ted.mielczarek@gmail.com | aeffe10 | 2013-03-06 14:04:42 +0000 | [diff] [blame] | 108 | bool Exploitability::AddressIsAscii(uint64_t address) { |
cdn@chromium.org | 8b2e686 | 2010-10-01 23:25:48 +0000 | [diff] [blame] | 109 | for (int i = 0; i < 8; i++) { |
ted.mielczarek@gmail.com | aeffe10 | 2013-03-06 14:04:42 +0000 | [diff] [blame] | 110 | uint8_t byte = (address >> (8*i)) & 0xff; |
cdn@chromium.org | 8b2e686 | 2010-10-01 23:25:48 +0000 | [diff] [blame] | 111 | if ((byte >= ' ' && byte <= '~') || byte == 0) |
| 112 | continue; |
| 113 | return false; |
| 114 | } |
| 115 | return true; |
| 116 | } |
| 117 | |
nealsid | 8d2c518 | 2010-08-24 14:28:10 +0000 | [diff] [blame] | 118 | } // namespace google_breakpad |
| 119 | |