Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / google-breakpad / e1b5fef027efbd56063736ed56da73dc0caf6b92 / . / src / common / windows / pe_util.cc
blob: 6fa63fa3b5699b79d3479c6d4a37a1c68553223f [file] [log] [blame]
// Copyright (c) 2019, Google Inc.
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
// met:
//
// * Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
// * Redistributions in binary form must reproduce the above
// copyright notice, this list of conditions and the following disclaimer
// in the documentation and/or other materials provided with the
// distribution.
// * Neither the name of Google Inc. nor the names of its
// contributors may be used to endorse or promote products derived from
// this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include "pe_util.h"
#include <windows.h>
#include <winnt.h>
#include <atlbase.h>
#include <ImageHlp.h>
#include <functional>
#include "common/windows/string_utils-inl.h"
#include "common/windows/guid_string.h"
namespace {
/*
* Not defined in WinNT.h for some reason. Definitions taken from:
* http://uninformed.org/index.cgi?v=4&a=1&p=13
*
*/
typedef unsigned char UBYTE;
#if !defined(_WIN64)
#define UNW_FLAG_EHANDLER 0x01
#define UNW_FLAG_UHANDLER 0x02
#define UNW_FLAG_CHAININFO 0x04
#endif
union UnwindCode {
struct {
UBYTE offset_in_prolog;
UBYTE unwind_operation_code : 4;
UBYTE operation_info : 4;
};
USHORT frame_offset;
};
enum UnwindOperationCodes {
UWOP_PUSH_NONVOL = 0, /* info == register number */
UWOP_ALLOC_LARGE, /* no info, alloc size in next 2 slots */
UWOP_ALLOC_SMALL, /* info == size of allocation / 8 - 1 */
UWOP_SET_FPREG, /* no info, FP = RSP + UNWIND_INFO.FPRegOffset*16 */
UWOP_SAVE_NONVOL, /* info == register number, offset in next slot */
UWOP_SAVE_NONVOL_FAR, /* info == register number, offset in next 2 slots */
// XXX: these are missing from MSDN!
// See: http://www.osronline.com/ddkx/kmarch/64bitamd_4rs7.htm
UWOP_SAVE_XMM,
UWOP_SAVE_XMM_FAR,
UWOP_SAVE_XMM128, /* info == XMM reg number, offset in next slot */
UWOP_SAVE_XMM128_FAR, /* info == XMM reg number, offset in next 2 slots */
UWOP_PUSH_MACHFRAME /* info == 0: no error-code, 1: error-code */
};
// See: http://msdn.microsoft.com/en-us/library/ddssxxy8.aspx
// Note: some fields removed as we don't use them.
struct UnwindInfo {
UBYTE version : 3;
UBYTE flags : 5;
UBYTE size_of_prolog;
UBYTE count_of_codes;
UBYTE frame_register : 4;
UBYTE frame_offset : 4;
UnwindCode unwind_code[1];
};
struct CV_INFO_PDB70 {
ULONG cv_signature;
GUID signature;
ULONG age;
CHAR pdb_filename[ANYSIZE_ARRAY];
};
#define CV_SIGNATURE_RSDS 'SDSR'
// A helper class to scope a PLOADED_IMAGE.
class AutoImage {
public:
explicit AutoImage(PLOADED_IMAGE img) : img_(img) {}
~AutoImage() {
if (img_)
ImageUnload(img_);
}
operator PLOADED_IMAGE() { return img_; }
PLOADED_IMAGE operator->() { return img_; }
private:
PLOADED_IMAGE img_;
};
} // namespace
namespace google_breakpad {
using std::unique_ptr;
using google_breakpad::GUIDString;
bool ReadModuleInfo(const wstring & pe_file, PDBModuleInfo * info) {
// Convert wchar to native charset because ImageLoad only takes
// a PSTR as input.
string img_file;
if (!WindowsStringUtils::safe_wcstombs(pe_file, &img_file)) {
fprintf(stderr, "Image path '%S' contains unrecognized characters.\n",
pe_file.c_str());
return false;
}
AutoImage img(ImageLoad((PSTR)img_file.c_str(), NULL));
if (!img) {
fprintf(stderr, "Failed to load %s\n", img_file.c_str());
return false;
}
info->cpu = FileHeaderMachineToCpuString(
img->FileHeader->FileHeader.Machine);
PIMAGE_OPTIONAL_HEADER64 optional_header =
&(reinterpret_cast<PIMAGE_NT_HEADERS64>(img->FileHeader))->OptionalHeader;
// Search debug directories for a guid signature & age
DWORD debug_rva = optional_header->
DataDirectory[IMAGE_DIRECTORY_ENTRY_DEBUG].VirtualAddress;
DWORD debug_size = optional_header->
DataDirectory[IMAGE_DIRECTORY_ENTRY_DEBUG].Size;
PIMAGE_DEBUG_DIRECTORY debug_directories =
static_cast<PIMAGE_DEBUG_DIRECTORY>(
ImageRvaToVa(img->FileHeader,
img->MappedAddress,
debug_rva,
&img->LastRvaSection));
for (DWORD i = 0; i < debug_size / sizeof(*debug_directories); i++) {
if (debug_directories[i].Type != IMAGE_DEBUG_TYPE_CODEVIEW ||
debug_directories[i].SizeOfData < sizeof(CV_INFO_PDB70)) {
continue;
}
struct CV_INFO_PDB70* cv_info = static_cast<CV_INFO_PDB70*>(ImageRvaToVa(
img->FileHeader,
img->MappedAddress,
debug_directories[i].AddressOfRawData,
&img->LastRvaSection));
if (cv_info->cv_signature != CV_SIGNATURE_RSDS) {
continue;
}
info->debug_identifier = GenerateDebugIdentifier(cv_info->age,
cv_info->signature);
// This code assumes that the pdb_filename is stored as ASCII without
// multibyte characters, but it's not clear if that's true.
size_t debug_file_length = strnlen_s(cv_info->pdb_filename, MAX_PATH);
if (debug_file_length < 0 || debug_file_length >= MAX_PATH) {
fprintf(stderr, "PE debug directory is corrupt.\n");
return false;
}
std::string debug_file(cv_info->pdb_filename, debug_file_length);
if (!WindowsStringUtils::safe_mbstowcs(debug_file, &info->debug_file)) {
fprintf(stderr, "PDB filename '%s' contains unrecognized characters.\n",
debug_file.c_str());
return false;
}
info->debug_file = WindowsStringUtils::GetBaseName(info->debug_file);
return true;
}
fprintf(stderr, "Image is missing debug information.\n");
return false;
}
bool ReadPEInfo(const wstring & pe_file, PEModuleInfo * info) {
// Convert wchar to native charset because ImageLoad only takes
// a PSTR as input.
string img_file;
if (!WindowsStringUtils::safe_wcstombs(pe_file, &img_file)) {
fprintf(stderr, "Image path '%S' contains unrecognized characters.\n",
pe_file.c_str());
return false;
}
AutoImage img(ImageLoad((PSTR)img_file.c_str(), NULL));
if (!img) {
fprintf(stderr, "Failed to open PE file: %S\n", pe_file.c_str());
return false;
}
info->code_file = WindowsStringUtils::GetBaseName(pe_file);
// The date and time that the file was created by the linker.
DWORD TimeDateStamp = img->FileHeader->FileHeader.TimeDateStamp;
// The size of the file in bytes, including all headers.
DWORD SizeOfImage = 0;
PIMAGE_OPTIONAL_HEADER64 opt =
&((PIMAGE_NT_HEADERS64)img->FileHeader)->OptionalHeader;
if (opt->Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
// 64-bit PE file.
SizeOfImage = opt->SizeOfImage;
}
else {
// 32-bit PE file.
SizeOfImage = img->FileHeader->OptionalHeader.SizeOfImage;
}
wchar_t code_identifier[32];
swprintf(code_identifier,
sizeof(code_identifier) / sizeof(code_identifier[0]),
L"%08X%X", TimeDateStamp, SizeOfImage);
info->code_identifier = code_identifier;
return true;
}
bool PrintPEFrameData(const wstring & pe_file, FILE * out_file)
{
// Convert wchar to native charset because ImageLoad only takes
// a PSTR as input.
string img_file;
if (!WindowsStringUtils::safe_wcstombs(pe_file, &img_file)) {
fprintf(stderr, "Image path '%S' contains unrecognized characters.\n",
pe_file.c_str());
return false;
}
AutoImage img(ImageLoad((PSTR)img_file.c_str(), NULL));
if (!img) {
fprintf(stderr, "Failed to load %s\n", img_file.c_str());
return false;
}
PIMAGE_OPTIONAL_HEADER64 optional_header =
&(reinterpret_cast<PIMAGE_NT_HEADERS64>(img->FileHeader))->OptionalHeader;
if (optional_header->Magic != IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
fprintf(stderr, "Not a PE32+ image\n");
return false;
}
// Read Exception Directory
DWORD exception_rva = optional_header->
DataDirectory[IMAGE_DIRECTORY_ENTRY_EXCEPTION].VirtualAddress;
DWORD exception_size = optional_header->
DataDirectory[IMAGE_DIRECTORY_ENTRY_EXCEPTION].Size;
PIMAGE_RUNTIME_FUNCTION_ENTRY funcs =
static_cast<PIMAGE_RUNTIME_FUNCTION_ENTRY>(
ImageRvaToVa(img->FileHeader,
img->MappedAddress,
exception_rva,
&img->LastRvaSection));
for (DWORD i = 0; i < exception_size / sizeof(*funcs); i++) {
DWORD unwind_rva = funcs[i].UnwindInfoAddress;
// handle chaining
while (unwind_rva & 0x1) {
unwind_rva ^= 0x1;
PIMAGE_RUNTIME_FUNCTION_ENTRY chained_func =
static_cast<PIMAGE_RUNTIME_FUNCTION_ENTRY>(
ImageRvaToVa(img->FileHeader,
img->MappedAddress,
unwind_rva,
&img->LastRvaSection));
unwind_rva = chained_func->UnwindInfoAddress;
}
UnwindInfo *unwind_info = static_cast<UnwindInfo *>(
ImageRvaToVa(img->FileHeader,
img->MappedAddress,
unwind_rva,
&img->LastRvaSection));
DWORD stack_size = 8; // minimal stack size is 8 for RIP
DWORD rip_offset = 8;
do {
for (UBYTE c = 0; c < unwind_info->count_of_codes; c++) {
UnwindCode *unwind_code = &unwind_info->unwind_code[c];
switch (unwind_code->unwind_operation_code) {
case UWOP_PUSH_NONVOL: {
stack_size += 8;
break;
}
case UWOP_ALLOC_LARGE: {
if (unwind_code->operation_info == 0) {
c++;
if (c < unwind_info->count_of_codes)
stack_size += (unwind_code + 1)->frame_offset * 8;
}
else {
c += 2;
if (c < unwind_info->count_of_codes)
stack_size += (unwind_code + 1)->frame_offset |
((unwind_code + 2)->frame_offset << 16);
}
break;
}
case UWOP_ALLOC_SMALL: {
stack_size += unwind_code->operation_info * 8 + 8;
break;
}
case UWOP_SET_FPREG:
case UWOP_SAVE_XMM:
case UWOP_SAVE_XMM_FAR:
break;
case UWOP_SAVE_NONVOL:
case UWOP_SAVE_XMM128: {
c++; // skip slot with offset
break;
}
case UWOP_SAVE_NONVOL_FAR:
case UWOP_SAVE_XMM128_FAR: {
c += 2; // skip 2 slots with offset
break;
}
case UWOP_PUSH_MACHFRAME: {
if (unwind_code->operation_info) {
stack_size += 88;
}
else {
stack_size += 80;
}
rip_offset += 80;
break;
}
}
}
if (unwind_info->flags & UNW_FLAG_CHAININFO) {
PIMAGE_RUNTIME_FUNCTION_ENTRY chained_func =
reinterpret_cast<PIMAGE_RUNTIME_FUNCTION_ENTRY>(
(unwind_info->unwind_code +
((unwind_info->count_of_codes + 1) & ~1)));
unwind_info = static_cast<UnwindInfo *>(
ImageRvaToVa(img->FileHeader,
img->MappedAddress,
chained_func->UnwindInfoAddress,
&img->LastRvaSection));
}
else {
unwind_info = NULL;
}
} while (unwind_info);
fprintf(out_file, "STACK CFI INIT %lx %lx .cfa: $rsp .ra: .cfa %lu - ^\n",
funcs[i].BeginAddress,
funcs[i].EndAddress - funcs[i].BeginAddress, rip_offset);
fprintf(out_file, "STACK CFI %lx .cfa: $rsp %lu +\n",
funcs[i].BeginAddress, stack_size);
}
return true;
}
wstring GenerateDebugIdentifier(DWORD age, GUID signature)
{
// Use the same format that the MS symbol server uses in filesystem
// hierarchies.
wchar_t age_string[9];
swprintf(age_string, sizeof(age_string) / sizeof(age_string[0]),
L"%x", age);
// remove when VC++7.1 is no longer supported
age_string[sizeof(age_string) / sizeof(age_string[0]) - 1] = L'\0';
wstring debug_identifier = GUIDString::GUIDToSymbolServerWString(&signature);
debug_identifier.append(age_string);
return debug_identifier;
}
wstring GenerateDebugIdentifier(DWORD age, DWORD signature)
{
// Use the same format that the MS symbol server uses in filesystem
// hierarchies.
wchar_t identifier_string[17];
swprintf(identifier_string,
sizeof(identifier_string) / sizeof(identifier_string[0]),
L"%08X%x", signature, age);
// remove when VC++7.1 is no longer supported
identifier_string[sizeof(identifier_string) /
sizeof(identifier_string[0]) - 1] = L'\0';
return wstring(identifier_string);
}
} // namespace google_breakpad