mirror of
https://github.com/chromium/crashpad.git
synced 2025-01-15 01:57:58 +08:00
34aef02cc7
Calling std::vector<>::operator[]() with an out-of-range index argument is undefined behavior. In two cases, Crashpad used &v[0] in situations where it was known that the address would not be used. These calls were wrapped in conditions guarding against vector emptiness. While s[0] is valid on an empty string, in two cases, Crashpad used &s[0] as an argument to a system call that would be a no-op. These calls were wrapped in similar conditions to avoid the system call. The two uses of vector with undefined behavior were caught by the following tests in crashpad_snapshot_test with UndefinedBehaviorSanitizer: [ RUN ] CrashpadInfoClientOptions.OneModule /Users/mark/compilatorium/llvm.build/bin/../include/c++/v1/vector:1493:12: runtime error: reference binding to null pointer of type 'crashpad::process_types::section' [ OK ] CrashpadInfoClientOptions.OneModule (72 ms) [ RUN ] ProcessSnapshotMinidump.Empty /Users/mark/compilatorium/llvm.build/bin/../include/c++/v1/vector:1493:12: runtime error: reference binding to null pointer of type 'MINIDUMP_DIRECTORY' [ OK ] ProcessSnapshotMinidump.Empty (1 ms) The Crashpad codebase was audited by searching for resize() calls and analyzing how resized strings and vectors are used. TEST=* BUG= R=rsesek@chromium.org Review URL: https://codereview.chromium.org/1283243004 .
327 lines
10 KiB
C++
327 lines
10 KiB
C++
// Copyright 2015 The Crashpad Authors. All rights reserved.
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
#include "snapshot/minidump/process_snapshot_minidump.h"
|
|
|
|
#include <utility>
|
|
|
|
#include "base/memory/scoped_ptr.h"
|
|
#include "util/file/file_io.h"
|
|
#include "snapshot/minidump/minidump_simple_string_dictionary_reader.h"
|
|
|
|
namespace crashpad {
|
|
|
|
ProcessSnapshotMinidump::ProcessSnapshotMinidump()
|
|
: ProcessSnapshot(),
|
|
header_(),
|
|
stream_directory_(),
|
|
stream_map_(),
|
|
modules_(),
|
|
crashpad_info_(),
|
|
annotations_simple_map_(),
|
|
file_reader_(nullptr),
|
|
initialized_() {
|
|
}
|
|
|
|
ProcessSnapshotMinidump::~ProcessSnapshotMinidump() {
|
|
}
|
|
|
|
bool ProcessSnapshotMinidump::Initialize(FileReaderInterface* file_reader) {
|
|
INITIALIZATION_STATE_SET_INITIALIZING(initialized_);
|
|
|
|
file_reader_ = file_reader;
|
|
|
|
if (!file_reader_->SeekSet(0)) {
|
|
return false;
|
|
}
|
|
|
|
if (!file_reader_->ReadExactly(&header_, sizeof(header_))) {
|
|
return false;
|
|
}
|
|
|
|
if (header_.Signature != MINIDUMP_SIGNATURE) {
|
|
LOG(ERROR) << "minidump signature mismatch";
|
|
return false;
|
|
}
|
|
|
|
if (header_.Version != MINIDUMP_VERSION) {
|
|
LOG(ERROR) << "minidump version mismatch";
|
|
return false;
|
|
}
|
|
|
|
if (!file_reader->SeekSet(header_.StreamDirectoryRva)) {
|
|
return false;
|
|
}
|
|
|
|
stream_directory_.resize(header_.NumberOfStreams);
|
|
if (!stream_directory_.empty() &&
|
|
!file_reader_->ReadExactly(
|
|
&stream_directory_[0],
|
|
header_.NumberOfStreams * sizeof(stream_directory_[0]))) {
|
|
return false;
|
|
}
|
|
|
|
for (const MINIDUMP_DIRECTORY& directory : stream_directory_) {
|
|
const MinidumpStreamType stream_type =
|
|
static_cast<MinidumpStreamType>(directory.StreamType);
|
|
if (stream_map_.find(stream_type) != stream_map_.end()) {
|
|
LOG(ERROR) << "duplicate streams for type " << directory.StreamType;
|
|
return false;
|
|
}
|
|
|
|
stream_map_[stream_type] = &directory.Location;
|
|
}
|
|
|
|
INITIALIZATION_STATE_SET_VALID(initialized_);
|
|
|
|
if (!InitializeCrashpadInfo()) {
|
|
return false;
|
|
}
|
|
|
|
return InitializeModules();
|
|
}
|
|
|
|
pid_t ProcessSnapshotMinidump::ProcessID() const {
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
NOTREACHED(); // https://code.google.com/p/crashpad/issues/detail?id=10
|
|
return 0;
|
|
}
|
|
|
|
pid_t ProcessSnapshotMinidump::ParentProcessID() const {
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
NOTREACHED(); // https://code.google.com/p/crashpad/issues/detail?id=10
|
|
return 0;
|
|
}
|
|
|
|
void ProcessSnapshotMinidump::SnapshotTime(timeval* snapshot_time) const {
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
NOTREACHED(); // https://code.google.com/p/crashpad/issues/detail?id=10
|
|
snapshot_time->tv_sec = 0;
|
|
snapshot_time->tv_usec = 0;
|
|
}
|
|
|
|
void ProcessSnapshotMinidump::ProcessStartTime(timeval* start_time) const {
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
NOTREACHED(); // https://code.google.com/p/crashpad/issues/detail?id=10
|
|
start_time->tv_sec = 0;
|
|
start_time->tv_usec = 0;
|
|
}
|
|
|
|
void ProcessSnapshotMinidump::ProcessCPUTimes(timeval* user_time,
|
|
timeval* system_time) const {
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
NOTREACHED(); // https://code.google.com/p/crashpad/issues/detail?id=10
|
|
user_time->tv_sec = 0;
|
|
user_time->tv_usec = 0;
|
|
system_time->tv_sec = 0;
|
|
system_time->tv_usec = 0;
|
|
}
|
|
|
|
void ProcessSnapshotMinidump::ReportID(UUID* report_id) const {
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
*report_id = crashpad_info_.report_id;
|
|
}
|
|
|
|
void ProcessSnapshotMinidump::ClientID(UUID* client_id) const {
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
*client_id = crashpad_info_.client_id;
|
|
}
|
|
|
|
const std::map<std::string, std::string>&
|
|
ProcessSnapshotMinidump::AnnotationsSimpleMap() const {
|
|
// TODO(mark): This method should not be const, although the interface
|
|
// currently imposes this requirement. Making it non-const would allow
|
|
// annotations_simple_map_ to be lazily constructed: InitializeCrashpadInfo()
|
|
// could be called here, and from other locations that require it, rather than
|
|
// calling it from Initialize().
|
|
// https://code.google.com/p/crashpad/issues/detail?id=9
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
return annotations_simple_map_;
|
|
}
|
|
|
|
const SystemSnapshot* ProcessSnapshotMinidump::System() const {
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
NOTREACHED(); // https://code.google.com/p/crashpad/issues/detail?id=10
|
|
return nullptr;
|
|
}
|
|
|
|
std::vector<const ThreadSnapshot*> ProcessSnapshotMinidump::Threads() const {
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
NOTREACHED(); // https://code.google.com/p/crashpad/issues/detail?id=10
|
|
return std::vector<const ThreadSnapshot*>();
|
|
}
|
|
|
|
std::vector<const ModuleSnapshot*> ProcessSnapshotMinidump::Modules() const {
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
std::vector<const ModuleSnapshot*> modules;
|
|
for (internal::ModuleSnapshotMinidump* module : modules_) {
|
|
modules.push_back(module);
|
|
}
|
|
return modules;
|
|
}
|
|
|
|
const ExceptionSnapshot* ProcessSnapshotMinidump::Exception() const {
|
|
INITIALIZATION_STATE_DCHECK_VALID(initialized_);
|
|
NOTREACHED(); // https://code.google.com/p/crashpad/issues/detail?id=10
|
|
return nullptr;
|
|
}
|
|
|
|
bool ProcessSnapshotMinidump::InitializeCrashpadInfo() {
|
|
const auto& stream_it = stream_map_.find(kMinidumpStreamTypeCrashpadInfo);
|
|
if (stream_it == stream_map_.end()) {
|
|
return true;
|
|
}
|
|
|
|
if (stream_it->second->DataSize < sizeof(crashpad_info_)) {
|
|
LOG(ERROR) << "crashpad_info size mismatch";
|
|
return false;
|
|
}
|
|
|
|
if (!file_reader_->SeekSet(stream_it->second->Rva)) {
|
|
return false;
|
|
}
|
|
|
|
if (!file_reader_->ReadExactly(&crashpad_info_, sizeof(crashpad_info_))) {
|
|
return false;
|
|
}
|
|
|
|
if (crashpad_info_.version != MinidumpCrashpadInfo::kVersion) {
|
|
LOG(ERROR) << "crashpad_info version mismatch";
|
|
return false;
|
|
}
|
|
|
|
return internal::ReadMinidumpSimpleStringDictionary(
|
|
file_reader_,
|
|
crashpad_info_.simple_annotations,
|
|
&annotations_simple_map_);
|
|
}
|
|
|
|
bool ProcessSnapshotMinidump::InitializeModules() {
|
|
const auto& stream_it = stream_map_.find(kMinidumpStreamTypeModuleList);
|
|
if (stream_it == stream_map_.end()) {
|
|
return true;
|
|
}
|
|
|
|
std::map<uint32_t, MINIDUMP_LOCATION_DESCRIPTOR> module_crashpad_info_links;
|
|
if (!InitializeModulesCrashpadInfo(&module_crashpad_info_links)) {
|
|
return false;
|
|
}
|
|
|
|
if (stream_it->second->DataSize < sizeof(MINIDUMP_MODULE_LIST)) {
|
|
LOG(ERROR) << "module_list size mismatch";
|
|
return false;
|
|
}
|
|
|
|
if (!file_reader_->SeekSet(stream_it->second->Rva)) {
|
|
return false;
|
|
}
|
|
|
|
uint32_t module_count;
|
|
if (!file_reader_->ReadExactly(&module_count, sizeof(module_count))) {
|
|
return false;
|
|
}
|
|
|
|
if (sizeof(MINIDUMP_MODULE_LIST) + module_count * sizeof(MINIDUMP_MODULE) !=
|
|
stream_it->second->DataSize) {
|
|
LOG(ERROR) << "module_list size mismatch";
|
|
return false;
|
|
}
|
|
|
|
for (uint32_t module_index = 0; module_index < module_count; ++module_index) {
|
|
const RVA module_rva = stream_it->second->Rva + sizeof(module_count) +
|
|
module_index * sizeof(MINIDUMP_MODULE);
|
|
|
|
const auto& module_crashpad_info_it =
|
|
module_crashpad_info_links.find(module_index);
|
|
const MINIDUMP_LOCATION_DESCRIPTOR* module_crashpad_info_location =
|
|
module_crashpad_info_it != module_crashpad_info_links.end()
|
|
? &module_crashpad_info_it->second
|
|
: nullptr;
|
|
|
|
auto module = make_scoped_ptr(new internal::ModuleSnapshotMinidump());
|
|
if (!module->Initialize(
|
|
file_reader_, module_rva, module_crashpad_info_location)) {
|
|
return false;
|
|
}
|
|
|
|
modules_.push_back(module.release());
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
bool ProcessSnapshotMinidump::InitializeModulesCrashpadInfo(
|
|
std::map<uint32_t, MINIDUMP_LOCATION_DESCRIPTOR>*
|
|
module_crashpad_info_links) {
|
|
module_crashpad_info_links->clear();
|
|
|
|
if (crashpad_info_.version != MinidumpCrashpadInfo::kVersion) {
|
|
return false;
|
|
}
|
|
|
|
if (crashpad_info_.module_list.Rva == 0) {
|
|
return true;
|
|
}
|
|
|
|
if (crashpad_info_.module_list.DataSize <
|
|
sizeof(MinidumpModuleCrashpadInfoList)) {
|
|
LOG(ERROR) << "module_crashpad_info_list size mismatch";
|
|
return false;
|
|
}
|
|
|
|
if (!file_reader_->SeekSet(crashpad_info_.module_list.Rva)) {
|
|
return false;
|
|
}
|
|
|
|
uint32_t crashpad_module_count;
|
|
if (!file_reader_->ReadExactly(&crashpad_module_count,
|
|
sizeof(crashpad_module_count))) {
|
|
return false;
|
|
}
|
|
|
|
if (crashpad_info_.module_list.DataSize !=
|
|
sizeof(MinidumpModuleCrashpadInfoList) +
|
|
crashpad_module_count * sizeof(MinidumpModuleCrashpadInfoLink)) {
|
|
LOG(ERROR) << "module_crashpad_info_list size mismatch";
|
|
return false;
|
|
}
|
|
|
|
scoped_ptr<MinidumpModuleCrashpadInfoLink[]> minidump_links(
|
|
new MinidumpModuleCrashpadInfoLink[crashpad_module_count]);
|
|
if (!file_reader_->ReadExactly(
|
|
&minidump_links[0],
|
|
crashpad_module_count * sizeof(MinidumpModuleCrashpadInfoLink))) {
|
|
return false;
|
|
}
|
|
|
|
for (uint32_t crashpad_module_index = 0;
|
|
crashpad_module_index < crashpad_module_count;
|
|
++crashpad_module_index) {
|
|
const MinidumpModuleCrashpadInfoLink& minidump_link =
|
|
minidump_links[crashpad_module_index];
|
|
if (!module_crashpad_info_links
|
|
->insert(std::make_pair(minidump_link.minidump_module_list_index,
|
|
minidump_link.location)).second) {
|
|
LOG(WARNING)
|
|
<< "duplicate module_crashpad_info_list minidump_module_list_index "
|
|
<< minidump_link.minidump_module_list_index;
|
|
return false;
|
|
}
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
} // namespace crashpad
|