From 463ae7cd60d14594b29ec88831ce8374eabbf601 Mon Sep 17 00:00:00 2001 From: Mark Brand Date: Tue, 9 May 2023 14:31:56 +0200 Subject: [PATCH] Add new flag to allow granular control over the use of objdump. This adds a new flag `enable_objdump_for_exploitability_` to the MinidumpProcessor, which allows enabling objdump separately for crash address fixups and for exploitability analysis, as the performance cost of the exploitability analysis is significantly higher. Change-Id: I667ffdce7cc0a970793f91413c3d2e3af93f4247 Reviewed-on: https://chromium-review.googlesource.com/c/breakpad/breakpad/+/4507067 Reviewed-by: Ivan Penkov Reviewed-by: Ivan Penkov --- .../processor/minidump_processor.h | 20 +++++++++++++++++-- src/processor/exploitability_unittest.cc | 2 +- src/processor/minidump_processor.cc | 5 ++--- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/src/google_breakpad/processor/minidump_processor.h b/src/google_breakpad/processor/minidump_processor.h index 137ef444..8475407e 100644 --- a/src/google_breakpad/processor/minidump_processor.h +++ b/src/google_breakpad/processor/minidump_processor.h @@ -126,8 +126,18 @@ class MinidumpProcessor { // does not exist or cannot be determined. static string GetAssertion(Minidump* dump); + // Sets the flag to enable/disable use of objdump during normal crash + // processing. This is independent from the flag for use of objdump during + // exploitability analysis. void set_enable_objdump(bool enabled) { enable_objdump_ = enabled; } + // Sets the flag to enable/disable use of objdump during exploitability + // analysis. This is independent from the flag for use of objdump during + // normal crash processing. + void set_enable_objdump_for_exploitability(bool enabled) { + enable_objdump_for_exploitability_ = enabled; + } + private: StackFrameSymbolizer* frame_symbolizer_; // Indicate whether resolver_helper_ is owned by this instance. @@ -138,9 +148,15 @@ class MinidumpProcessor { // memory corruption issue. bool enable_exploitability_; - // This flag permits the exploitability scanner to shell out to objdump - // for purposes of disassembly. + // This flag permits the processor to shell out to objdump for purposes of + // disassembly during normal crash processing, but not during exploitability + // analysis. bool enable_objdump_; + + // This flag permits the exploitability scanner to shell out to objdump for + // purposes of disassembly. This results in significantly more overhead than + // the enable_objdump_ flag. + bool enable_objdump_for_exploitability_; }; } // namespace google_breakpad diff --git a/src/processor/exploitability_unittest.cc b/src/processor/exploitability_unittest.cc index 5f8cee0a..09e4690d 100644 --- a/src/processor/exploitability_unittest.cc +++ b/src/processor/exploitability_unittest.cc @@ -84,7 +84,7 @@ ExploitabilityFor(const string& filename) { SimpleSymbolSupplier supplier(TestDataDir() + "/symbols"); BasicSourceLineResolver resolver; MinidumpProcessor processor(&supplier, &resolver, true); - processor.set_enable_objdump(true); + processor.set_enable_objdump_for_exploitability(true); ProcessState state; string minidump_file = TestDataDir() + "/" + filename; diff --git a/src/processor/minidump_processor.cc b/src/processor/minidump_processor.cc index 5ba6ff4f..f7d877c6 100644 --- a/src/processor/minidump_processor.cc +++ b/src/processor/minidump_processor.cc @@ -375,9 +375,8 @@ ProcessResult MinidumpProcessor::Process( // rating. if (enable_exploitability_) { scoped_ptr exploitability( - Exploitability::ExploitabilityForPlatform(dump, - process_state, - enable_objdump_)); + Exploitability::ExploitabilityForPlatform( + dump, process_state, enable_objdump_for_exploitability_)); // The engine will be null if the platform is not supported if (exploitability != NULL) { process_state->exploitability_ = exploitability->CheckExploitability();