1 // Copyright 2006 Google LLC 2 // 3 // Redistribution and use in source and binary forms, with or without 4 // modification, are permitted provided that the following conditions are 5 // met: 6 // 7 // * Redistributions of source code must retain the above copyright 8 // notice, this list of conditions and the following disclaimer. 9 // * Redistributions in binary form must reproduce the above 10 // copyright notice, this list of conditions and the following disclaimer 11 // in the documentation and/or other materials provided with the 12 // distribution. 13 // * Neither the name of Google LLC nor the names of its 14 // contributors may be used to endorse or promote products derived from 15 // this software without specific prior written permission. 16 // 17 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 29 #ifndef GOOGLE_BREAKPAD_PROCESSOR_MINIDUMP_PROCESSOR_H__ 30 #define GOOGLE_BREAKPAD_PROCESSOR_MINIDUMP_PROCESSOR_H__ 31 32 #include <assert.h> 33 #include <string> 34 35 #include "common/using_std_string.h" 36 #include "google_breakpad/common/breakpad_types.h" 37 #include "google_breakpad/processor/process_result.h" 38 39 namespace google_breakpad { 40 41 class Minidump; 42 class ProcessState; 43 class StackFrameSymbolizer; 44 class SourceLineResolverInterface; 45 class SymbolSupplier; 46 struct SystemInfo; 47 48 class MinidumpProcessor { 49 public: 50 // Initializes this MinidumpProcessor. supplier should be an 51 // implementation of the SymbolSupplier abstract base class. 52 MinidumpProcessor(SymbolSupplier* supplier, 53 SourceLineResolverInterface* resolver); 54 55 // Initializes the MinidumpProcessor with the option of 56 // enabling the exploitability framework to analyze dumps 57 // for probable security relevance. 58 MinidumpProcessor(SymbolSupplier* supplier, 59 SourceLineResolverInterface* resolver, 60 bool enable_exploitability); 61 62 // Initializes the MinidumpProcessor with source line resolver helper, and 63 // the option of enabling the exploitability framework to analyze dumps 64 // for probable security relevance. 65 // Does not take ownership of resolver_helper, which must NOT be NULL. 66 MinidumpProcessor(StackFrameSymbolizer* stack_frame_symbolizer, 67 bool enable_exploitability); 68 69 ~MinidumpProcessor(); 70 71 // Processes the minidump file and fills process_state with the result. 72 ProcessResult Process(const string& minidump_file, 73 ProcessState* process_state); 74 75 // Processes the minidump structure and fills process_state with the 76 // result. 77 ProcessResult Process(Minidump* minidump, 78 ProcessState* process_state); 79 // Populates the cpu_* fields of the |info| parameter with textual 80 // representations of the CPU type that the minidump in |dump| was 81 // produced on. Returns false if this information is not available in 82 // the minidump. 83 static bool GetCPUInfo(Minidump* dump, SystemInfo* info); 84 85 // Populates the os_* fields of the |info| parameter with textual 86 // representations of the operating system that the minidump in |dump| 87 // was produced on. Returns false if this information is not available in 88 // the minidump. 89 static bool GetOSInfo(Minidump* dump, SystemInfo* info); 90 91 // Populates the |process_create_time| parameter with the create time of the 92 // crashed process. Returns false if this information is not available in 93 // the minidump |dump|. 94 static bool GetProcessCreateTime(Minidump* dump, 95 uint32_t* process_create_time); 96 97 // Returns a textual representation of the reason that a crash occurred, 98 // if the minidump in dump was produced as a result of a crash. Returns 99 // an empty string if this information cannot be determined. If address 100 // is non-NULL, it will be set to contain the address that caused the 101 // exception, if this information is available. This will be a code 102 // address when the crash was caused by problems such as illegal 103 // instructions or divisions by zero, or a data address when the crash 104 // was caused by a memory access violation. If enable_objdump is set, this 105 // may use disassembly to compute the faulting address. 106 static string GetCrashReason(Minidump* dump, uint64_t* address, 107 bool enable_objdump); 108 109 // This function returns true if the passed-in error code is 110 // something unrecoverable(i.e. retry should not happen). For 111 // instance, if the minidump is corrupt, then it makes no sense to 112 // retry as we won't be able to glean additional information. 113 // However, as an example of the other case, the symbol supplier can 114 // return an error code indicating it was 'interrupted', which can 115 // happen of the symbols are fetched from a remote store, and a 116 // retry might be successful later on. 117 // You should not call this method with PROCESS_OK! Test for 118 // that separately before calling this. IsErrorUnrecoverable(ProcessResult p)119 static bool IsErrorUnrecoverable(ProcessResult p) { 120 assert(p != PROCESS_OK); 121 return (p != PROCESS_SYMBOL_SUPPLIER_INTERRUPTED); 122 } 123 124 // Returns a textual representation of an assertion included 125 // in the minidump. Returns an empty string if this information 126 // does not exist or cannot be determined. 127 static string GetAssertion(Minidump* dump); 128 129 // Sets the flag to enable/disable use of objdump during normal crash 130 // processing. This is independent from the flag for use of objdump during 131 // exploitability analysis. set_enable_objdump(bool enabled)132 void set_enable_objdump(bool enabled) { enable_objdump_ = enabled; } 133 134 // Sets the flag to enable/disable use of objdump during exploitability 135 // analysis. This is independent from the flag for use of objdump during 136 // normal crash processing. set_enable_objdump_for_exploitability(bool enabled)137 void set_enable_objdump_for_exploitability(bool enabled) { 138 enable_objdump_for_exploitability_ = enabled; 139 } 140 141 private: 142 StackFrameSymbolizer* frame_symbolizer_; 143 // Indicate whether resolver_helper_ is owned by this instance. 144 bool own_frame_symbolizer_; 145 146 // This flag enables the exploitability scanner which attempts to 147 // guess how likely it is that the crash represents an exploitable 148 // memory corruption issue. 149 bool enable_exploitability_; 150 151 // This flag permits the processor to shell out to objdump for purposes of 152 // disassembly during normal crash processing, but not during exploitability 153 // analysis. 154 bool enable_objdump_; 155 156 // This flag permits the exploitability scanner to shell out to objdump for 157 // purposes of disassembly. This results in significantly more overhead than 158 // the enable_objdump_ flag. 159 bool enable_objdump_for_exploitability_; 160 }; 161 162 } // namespace google_breakpad 163 164 #endif // GOOGLE_BREAKPAD_PROCESSOR_MINIDUMP_PROCESSOR_H__ 165