Issue 189001: Added the base exploitability module for windows. This only adds the very bas...

Issue 189001: Added the base exploitability module for windows. This only adds the very bas... (Closed)

Can't Edit
Can't Publish+Mail
Start Review

Created:
13 years, 7 months ago by Cris Neckar

Modified:
13 years, 7 months ago

Reviewers:
mochalatte, Ted Mielczarek

CC:
google-breakpad-dev_googlegroups.com

Base URL:
http://google-breakpad.googlecode.com/svn/trunk/

Visibility:
Public.

Description

Added the base exploitability module for windows. This only adds the very basic
exception type based analysis for now.

BUG=NONE
TEST=MinidumpProcessorTest.TestExploitilityEngine


Committed: http://code.google.com/p/google-breakpad/source/detail?r=698

Patch Set 3 : '' #

Created: 13 years, 7 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats			Patch
M	Makefile.am	View		5 chunks	+6 lines, -0 lines	0 comments	Download
M	Makefile.in	View		13 chunks	+24 lines, -4 lines	0 comments	Download
M	src/google_breakpad/common/minidump_exception_win32.h	View	1	2 chunks	+8 lines, -1 line	0 comments	Download
M	src/google_breakpad/processor/exploitability.h	View		1 chunk	+3 lines, -3 lines	0 comments	Download
M	src/processor/exploitability.cc	View		2 chunks	+7 lines, -2 lines	0 comments	Download
A	src/processor/exploitability_win.cc	View	1	1 chunk	+168 lines, -0 lines	0 comments	Download
A	src/processor/exploitability_win.h	View		1 chunk	+55 lines, -0 lines	0 comments	Download
M	src/processor/minidump_processor.cc	View		5 chunks	+13 lines, -11 lines	0 comments	Download
M	src/processor/minidump_processor_unittest.cc	View	1	4 chunks	+7 lines, -9 lines	0 comments	Download

Messages

Total messages: 4

Expand All Messages | Collapse All Messages

Cris Neckar

This issue addresses the requested changes from http://breakpad.appspot.com/188001/show

13 years, 7 months ago #1

mochalatte

LGTM http://breakpad.appspot.com/189001/diff/1/3 File src/google_breakpad/common/minidump_exception_win32.h (right): http://breakpad.appspot.com/189001/diff/1/3#newcode108 Line 108: typedef enum { it seems to me ...

13 years, 7 months ago #2

Ted Mielczarek

http://breakpad.appspot.com/189001/diff/1/2 File Makefile.in (right): http://breakpad.appspot.com/189001/diff/1/2#newcode1 Line 1: # Makefile.in generated by automake 1.11.1 from Makefile.am. ...

13 years, 7 months ago #3

Thanks guys. 

Ted if you have a patch you think might help with testing I would love to see
it. Currently the best way I can see (for testing windows dumps on a linux
build) is to included pre-generated dumps.

http://breakpad.appspot.com/189001/diff/1/2
File Makefile.in (right):

http://breakpad.appspot.com/189001/diff/1/2#newcode1
Line 1: # Makefile.in generated by automake 1.11.1 from Makefile.am.
On 2010/09/21 12:43:06, Ted Mielczarek wrote:
> You actually need to edit Makefile.am. Makefile.in is generated from
Makefile.am
> by automake, so your changes will be lost if someone re-runs automake.

Done.

http://breakpad.appspot.com/189001/diff/1/3
File src/google_breakpad/common/minidump_exception_win32.h (right):

http://breakpad.appspot.com/189001/diff/1/3#newcode108
Line 108: typedef enum {
On 2010/09/20 18:05:55, mochalatte wrote:
> it seems to me that the constants in this enum are actually set by the Windows
> minidump writer but they aren't defined in the Windows SDK (or at least I
could
> not find them on MSDN) - can you add a clarifying comment indicating where you
> got them from?

Done.

http://breakpad.appspot.com/189001/diff/1/6
File src/processor/exploitability_win.cc (right):

http://breakpad.appspot.com/189001/diff/1/6#newcode38
Line 38: #include "processor/exploitability_win.h"
On 2010/09/20 18:05:55, mochalatte wrote:
> move this guy up and into it's own section, according to style guide

Done.

http://breakpad.appspot.com/189001/diff/1/9
File src/processor/minidump_processor_unittest.cc (right):

http://breakpad.appspot.com/189001/diff/1/9#newcode259
Line 259: // Test that exploitability module correctly fails to supply
On 2010/09/21 12:43:06, Ted Mielczarek wrote:
> Fix the comment here. Might also want to expound on why this test dump gets
> classified as EXPLOITABILITY_HIGH.
> 
> Do you have plans to add more interesting tests here? I have a patch in my
local
> patch queue that adds a test to the windows client similar to the one I added
> here:
>
http://code.google.com/p/google-breakpad/source/browse/trunk/src/client/linux...
> 
> So you could intentionally crash in interesting ways and verify the
> exploitability ratings from the minidump that was produced. If you're
interested
> I can get the patch up for review.

Done.

Yeah I do plan to add tests once I get the rule sets more flushed out. I was
going to ask you guys what the preferred way of doing this. It seems like
committing a bunch of pregenerated minidump files is ugly but aside from that
the only option I see is building and testing on the platform you want to
generate dumps for.

Expand All Messages | Collapse All Messages