3party/crashpad
0
0
Fork 0
mirror of https://github.com/chromium/crashpad.git synced 2024-12-26 23:01:05 +08:00
Code Issues Projects Releases Wiki Activity

Add support for matching with key allowlist

Browse Source 
WebView makes use of this allowlist. We are hoping to
include switches and features in our crash keys as users
can enable these with an easily available developer UI.

These crash keys follow a pattern of "switch-<index>" so
it is impractical to indefinitely add a larger list of switch
keys. Adding this matcher lets us rather add "switch-*".

Bug: 1484644
Change-Id: I667cef70cce1efb0710b4a2f009d8d80a1eeae5a
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/4894239
Commit-Queue: Rupert Wiser <bewise@chromium.org>
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
This commit is contained in:
Rupert Ben Wiser 2023-09-29 15:54:13 +00:00 committed by Crashpad LUCI CQ
parent ac0c27a923
commit 7f6d9e9c7f
4 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
DEPS
View File

@ -47,7 +47,7 @@ deps = {
'9719c1e1e676814c456b55f5f070eabad6709d31', '9719c1e1e676814c456b55f5f070eabad6709d31',
'crashpad/third_party/mini_chromium/mini_chromium': 'crashpad/third_party/mini_chromium/mini_chromium':
Var('chromium_git') + '/chromium/mini_chromium@' + Var('chromium_git') + '/chromium/mini_chromium@' +
'10f39a97650a0fe0b305415c15434443c0690a20', '076bcf6a916171c180f46c3487ee3e5c7bca5f20',
'crashpad/third_party/libfuzzer/src': 'crashpad/third_party/libfuzzer/src':
Var('chromium_git') + '/chromium/llvm-project/compiler-rt/lib/fuzzer.git@' + Var('chromium_git') + '/chromium/llvm-project/compiler-rt/lib/fuzzer.git@' +
'fda403cf93ecb8792cb1d061564d89a6553ca020', 'fda403cf93ecb8792cb1d061564d89a6553ca020',

4
snapshot/sanitized/module_snapshot_sanitized.cc
View File

@ -14,6 +14,8 @@
#include "snapshot/sanitized/module_snapshot_sanitized.h" #include "snapshot/sanitized/module_snapshot_sanitized.h"
#include "base/strings/pattern.h"
namespace crashpad { namespace crashpad {
namespace internal { namespace internal {
@ -22,7 +24,7 @@ namespace {
bool KeyIsAllowed(const std::string& name, bool KeyIsAllowed(const std::string& name,
const std::vector<std::string>& allowed_keys) { const std::vector<std::string>& allowed_keys) {
for (const auto& key : allowed_keys) { for (const auto& key : allowed_keys) {
if (name == key) { if (base::MatchPattern(name, key)) {
return true; return true;
} }
} }

1
snapshot/sanitized/process_snapshot_sanitized.h
View File

@ -53,6 +53,7 @@ class ProcessSnapshotSanitized final : public ProcessSnapshot {
//! \param[in] allowed_annotations A list of annotations names to allow to //! \param[in] allowed_annotations A list of annotations names to allow to
//! be returned by AnnotationsSimpleMap() or from this object's module //! be returned by AnnotationsSimpleMap() or from this object's module
//! snapshots. If `nullptr`, all annotations will be returned. //! snapshots. If `nullptr`, all annotations will be returned.
// These annotation names support pattern matching, eg: "switch-*"
//! \param[in] allowed_memory_ranges A list of memory ranges to allow to be //! \param[in] allowed_memory_ranges A list of memory ranges to allow to be
//! accessible via Memory(), or `nullptr` to allow all ranges. //! accessible via Memory(), or `nullptr` to allow all ranges.
//! \param[in] target_module_address An address in the target process' //! \param[in] target_module_address An address in the target process'

12
snapshot/sanitized/process_snapshot_sanitized_test.cc
View File

@ -79,6 +79,8 @@ class ExceptionGenerator {
}; };
constexpr char kAllowedAnnotationName[] = "name_of_allowed_anno"; constexpr char kAllowedAnnotationName[] = "name_of_allowed_anno";
constexpr char kAllowedAnnotationNamePattern[] = "name_of_another_*";
constexpr char kAllowedAnnotationNamePatternActual[] = "name_of_another_anno";
constexpr char kAllowedAnnotationValue[] = "some_value"; constexpr char kAllowedAnnotationValue[] = "some_value";
constexpr char kNonAllowedAnnotationName[] = "non_allowed_anno"; constexpr char kNonAllowedAnnotationName[] = "non_allowed_anno";
constexpr char kNonAllowedAnnotationValue[] = "private_annotation"; constexpr char kNonAllowedAnnotationValue[] = "private_annotation";
@ -99,6 +101,10 @@ void ChildTestFunction() {
static StringAnnotation<32> allowed_annotation(kAllowedAnnotationName); static StringAnnotation<32> allowed_annotation(kAllowedAnnotationName);
allowed_annotation.Set(kAllowedAnnotationValue); allowed_annotation.Set(kAllowedAnnotationValue);
static StringAnnotation<32> allowed_matched_annotation(
kAllowedAnnotationNamePatternActual);
allowed_matched_annotation.Set(kAllowedAnnotationValue);
static StringAnnotation<32> non_allowed_annotation(kNonAllowedAnnotationName); static StringAnnotation<32> non_allowed_annotation(kNonAllowedAnnotationName);
non_allowed_annotation.Set(kNonAllowedAnnotationValue); non_allowed_annotation.Set(kNonAllowedAnnotationValue);
@ -129,11 +135,15 @@ CRASHPAD_CHILD_TEST_MAIN(ChildToBeSanitized) {
void ExpectAnnotations(ProcessSnapshot* snapshot, bool sanitized) { void ExpectAnnotations(ProcessSnapshot* snapshot, bool sanitized) {
bool found_allowed = false; bool found_allowed = false;
bool found_matched_allowed = false;
bool found_non_allowed = false; bool found_non_allowed = false;
for (auto module : snapshot->Modules()) { for (auto module : snapshot->Modules()) {
for (const auto& anno : module->AnnotationObjects()) { for (const auto& anno : module->AnnotationObjects()) {
if (anno.name == kAllowedAnnotationName) { if (anno.name == kAllowedAnnotationName) {
found_allowed = true; found_allowed = true;
}
if (anno.name == kAllowedAnnotationNamePatternActual) {
found_matched_allowed = true;
} else if (anno.name == kNonAllowedAnnotationName) { } else if (anno.name == kNonAllowedAnnotationName) {
found_non_allowed = true; found_non_allowed = true;
} }
@ -141,6 +151,7 @@ void ExpectAnnotations(ProcessSnapshot* snapshot, bool sanitized) {
} }
EXPECT_TRUE(found_allowed); EXPECT_TRUE(found_allowed);
EXPECT_TRUE(found_matched_allowed);
if (sanitized) { if (sanitized) {
EXPECT_FALSE(found_non_allowed); EXPECT_FALSE(found_non_allowed);
} else { } else {
@ -279,6 +290,7 @@ class SanitizeTest : public MultiprocessExec {
auto allowed_annotations = std::make_unique<std::vector<std::string>>(); auto allowed_annotations = std::make_unique<std::vector<std::string>>();
allowed_annotations->push_back(kAllowedAnnotationName); allowed_annotations->push_back(kAllowedAnnotationName);
allowed_annotations->push_back(kAllowedAnnotationNamePattern);
auto allowed_memory_ranges = auto allowed_memory_ranges =
std::make_unique<std::vector<std::pair<VMAddress, VMAddress>>>(); std::make_unique<std::vector<std::pair<VMAddress, VMAddress>>>();