1*9712c20fSFrederick Mayle // Copyright 2013 Google LLC 2*9712c20fSFrederick Mayle // 3*9712c20fSFrederick Mayle // Redistribution and use in source and binary forms, with or without 4*9712c20fSFrederick Mayle // modification, are permitted provided that the following conditions are 5*9712c20fSFrederick Mayle // met: 6*9712c20fSFrederick Mayle // 7*9712c20fSFrederick Mayle // * Redistributions of source code must retain the above copyright 8*9712c20fSFrederick Mayle // notice, this list of conditions and the following disclaimer. 9*9712c20fSFrederick Mayle // * Redistributions in binary form must reproduce the above 10*9712c20fSFrederick Mayle // copyright notice, this list of conditions and the following disclaimer 11*9712c20fSFrederick Mayle // in the documentation and/or other materials provided with the 12*9712c20fSFrederick Mayle // distribution. 13*9712c20fSFrederick Mayle // * Neither the name of Google LLC nor the names of its 14*9712c20fSFrederick Mayle // contributors may be used to endorse or promote products derived from 15*9712c20fSFrederick Mayle // this software without specific prior written permission. 16*9712c20fSFrederick Mayle // 17*9712c20fSFrederick Mayle // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18*9712c20fSFrederick Mayle // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19*9712c20fSFrederick Mayle // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20*9712c20fSFrederick Mayle // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21*9712c20fSFrederick Mayle // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22*9712c20fSFrederick Mayle // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23*9712c20fSFrederick Mayle // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24*9712c20fSFrederick Mayle // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25*9712c20fSFrederick Mayle // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26*9712c20fSFrederick Mayle // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27*9712c20fSFrederick Mayle // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28*9712c20fSFrederick Mayle 29*9712c20fSFrederick Mayle // Declares internal implementation details for functionality in omap.h and 30*9712c20fSFrederick Mayle // omap.cc. 31*9712c20fSFrederick Mayle 32*9712c20fSFrederick Mayle #ifndef COMMON_WINDOWS_OMAP_INTERNAL_H_ 33*9712c20fSFrederick Mayle #define COMMON_WINDOWS_OMAP_INTERNAL_H_ 34*9712c20fSFrederick Mayle 35*9712c20fSFrederick Mayle #include <windows.h> 36*9712c20fSFrederick Mayle #include <dia2.h> 37*9712c20fSFrederick Mayle 38*9712c20fSFrederick Mayle #include <map> 39*9712c20fSFrederick Mayle #include <vector> 40*9712c20fSFrederick Mayle 41*9712c20fSFrederick Mayle namespace google_breakpad { 42*9712c20fSFrederick Mayle 43*9712c20fSFrederick Mayle // The OMAP struct is defined by debughlp.h, which doesn't play nicely with 44*9712c20fSFrederick Mayle // imagehlp.h. We simply redefine it. 45*9712c20fSFrederick Mayle struct OMAP { 46*9712c20fSFrederick Mayle DWORD rva; 47*9712c20fSFrederick Mayle DWORD rvaTo; 48*9712c20fSFrederick Mayle }; 49*9712c20fSFrederick Mayle static_assert(sizeof(OMAP) == 8, "Wrong size for OMAP structure."); 50*9712c20fSFrederick Mayle typedef std::vector<OMAP> OmapTable; 51*9712c20fSFrederick Mayle 52*9712c20fSFrederick Mayle // This contains the OMAP data extracted from an image. 53*9712c20fSFrederick Mayle struct OmapData { 54*9712c20fSFrederick Mayle // The table of OMAP entries describing the transformation from the 55*9712c20fSFrederick Mayle // original image to the transformed image. 56*9712c20fSFrederick Mayle OmapTable omap_from; 57*9712c20fSFrederick Mayle // The table of OMAP entries describing the transformation from the 58*9712c20fSFrederick Mayle // instrumented image to the original image. 59*9712c20fSFrederick Mayle OmapTable omap_to; 60*9712c20fSFrederick Mayle // The length of the original untransformed image. 61*9712c20fSFrederick Mayle DWORD length_original; 62*9712c20fSFrederick Mayle OmapDataOmapData63*9712c20fSFrederick Mayle OmapData() : length_original(0) { } 64*9712c20fSFrederick Mayle }; 65*9712c20fSFrederick Mayle 66*9712c20fSFrederick Mayle // This represents a range of addresses in an image. 67*9712c20fSFrederick Mayle struct AddressRange { 68*9712c20fSFrederick Mayle DWORD rva; 69*9712c20fSFrederick Mayle DWORD length; 70*9712c20fSFrederick Mayle AddressRangeAddressRange71*9712c20fSFrederick Mayle AddressRange() : rva(0), length(0) { } AddressRangeAddressRange72*9712c20fSFrederick Mayle AddressRange(DWORD rva, DWORD length) : rva(rva), length(length) { } 73*9712c20fSFrederick Mayle 74*9712c20fSFrederick Mayle // Returns the end address of this range. endAddressRange75*9712c20fSFrederick Mayle DWORD end() const { return rva + length; } 76*9712c20fSFrederick Mayle 77*9712c20fSFrederick Mayle // Addreses only compare as less-than or greater-than if they are not 78*9712c20fSFrederick Mayle // overlapping. Otherwise, they compare equal. 79*9712c20fSFrederick Mayle int Compare(const AddressRange& rhs) const; 80*9712c20fSFrederick Mayle bool operator<(const AddressRange& rhs) const { return Compare(rhs) == -1; } 81*9712c20fSFrederick Mayle bool operator>(const AddressRange& rhs) const { return Compare(rhs) == 1; } 82*9712c20fSFrederick Mayle 83*9712c20fSFrederick Mayle // Equality operators compare exact values. 84*9712c20fSFrederick Mayle bool operator==(const AddressRange& rhs) const { 85*9712c20fSFrederick Mayle return rva == rhs.rva && length == rhs.length; 86*9712c20fSFrederick Mayle } 87*9712c20fSFrederick Mayle bool operator!=(const AddressRange& rhs) const { return !((*this) == rhs); } 88*9712c20fSFrederick Mayle }; 89*9712c20fSFrederick Mayle 90*9712c20fSFrederick Mayle typedef std::vector<AddressRange> AddressRangeVector; 91*9712c20fSFrederick Mayle 92*9712c20fSFrederick Mayle // This represents an address range in an original image, and its corresponding 93*9712c20fSFrederick Mayle // range in the transformed image. 94*9712c20fSFrederick Mayle struct MappedRange { 95*9712c20fSFrederick Mayle // An address in the original image. 96*9712c20fSFrederick Mayle DWORD rva_original; 97*9712c20fSFrederick Mayle // The corresponding addresses in the transformed image. 98*9712c20fSFrederick Mayle DWORD rva_transformed; 99*9712c20fSFrederick Mayle // The length of the address range. 100*9712c20fSFrederick Mayle DWORD length; 101*9712c20fSFrederick Mayle // It is possible for code to be injected into a transformed image, for which 102*9712c20fSFrederick Mayle // there is no corresponding code in the original image. If this range of 103*9712c20fSFrederick Mayle // transformed image is immediately followed by such injected code we maintain 104*9712c20fSFrederick Mayle // a record of its length here. 105*9712c20fSFrederick Mayle DWORD injected; 106*9712c20fSFrederick Mayle // It is possible for code to be removed from the original image. This happens 107*9712c20fSFrederick Mayle // for things like padding between blocks. There is no actual content lost, 108*9712c20fSFrederick Mayle // but the spacing between items may be lost. This keeps track of any removed 109*9712c20fSFrederick Mayle // content immediately following the |original| range. 110*9712c20fSFrederick Mayle DWORD removed; 111*9712c20fSFrederick Mayle }; 112*9712c20fSFrederick Mayle // A vector of mapped ranges is used as a more useful representation of 113*9712c20fSFrederick Mayle // OMAP data. 114*9712c20fSFrederick Mayle typedef std::vector<MappedRange> Mapping; 115*9712c20fSFrederick Mayle 116*9712c20fSFrederick Mayle // Used as a secondary search structure accompanying a Mapping. 117*9712c20fSFrederick Mayle struct EndpointIndex { 118*9712c20fSFrederick Mayle DWORD endpoint; 119*9712c20fSFrederick Mayle size_t index; 120*9712c20fSFrederick Mayle }; 121*9712c20fSFrederick Mayle typedef std::vector<EndpointIndex> EndpointIndexMap; 122*9712c20fSFrederick Mayle 123*9712c20fSFrederick Mayle // An ImageMap is vector of mapped ranges, plus a secondary index into it for 124*9712c20fSFrederick Mayle // doing interval searches. (An interval tree would also work, but is overkill 125*9712c20fSFrederick Mayle // because we don't need insertion and deletion.) 126*9712c20fSFrederick Mayle struct ImageMap { 127*9712c20fSFrederick Mayle // This is a description of the mapping between original and transformed 128*9712c20fSFrederick Mayle // image, sorted by addresses in the original image. 129*9712c20fSFrederick Mayle Mapping mapping; 130*9712c20fSFrederick Mayle // For all interval endpoints in |mapping| this stores the minimum index of 131*9712c20fSFrederick Mayle // an interval in |mapping| that contains the endpoint. Useful for doing 132*9712c20fSFrederick Mayle // interval intersection queries. 133*9712c20fSFrederick Mayle EndpointIndexMap endpoint_index_map; 134*9712c20fSFrederick Mayle 135*9712c20fSFrederick Mayle std::map<DWORD, DWORD> subsequent_rva_block; 136*9712c20fSFrederick Mayle }; 137*9712c20fSFrederick Mayle 138*9712c20fSFrederick Mayle } // namespace google_breakpad 139*9712c20fSFrederick Mayle 140*9712c20fSFrederick Mayle #endif // COMMON_WINDOWS_OMAP_INTERNAL_H_ 141