xref: /aosp_15_r20/external/google-breakpad/src/client/linux/minidump_writer/pe_file.cc (revision 9712c20fc9bbfbac4935993a2ca0b3958c5adad2) 
1 // Copyright 2022 Google LLC
2 //
3 // Redistribution and use in source and binary forms, with or without
4 // modification, are permitted provided that the following conditions are
5 // met:
6 //
7 //     * Redistributions of source code must retain the above copyright
8 // notice, this list of conditions and the following disclaimer.
9 //     * Redistributions in binary form must reproduce the above
10 // copyright notice, this list of conditions and the following disclaimer
11 // in the documentation and/or other materials provided with the
12 // distribution.
13 //     * Neither the name of Google LLC nor the names of its
14 // contributors may be used to endorse or promote products derived from
15 // this software without specific prior written permission.
16 //
17 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
18 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
19 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
20 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
21 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
22 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
23 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
27 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 
29 #ifdef HAVE_CONFIG_H
30 #include <config.h>  // Must come first
31 #endif
32 
33 #include <string.h>
34 
35 #include "client/linux/minidump_writer/pe_file.h"
36 #include "client/linux/minidump_writer/pe_structs.h"
37 #include "common/linux/memory_mapped_file.h"
38 
39 namespace google_breakpad {
40 
TryGetDebugInfo(const char * filename,PRSDS_DEBUG_FORMAT debug_info)41 PEFileFormat PEFile::TryGetDebugInfo(const char* filename,
42                                       PRSDS_DEBUG_FORMAT debug_info) {
43   MemoryMappedFile mapped_file(filename, 0);
44   if (!mapped_file.data())
45     return PEFileFormat::notPeCoff;
46   const void* base = mapped_file.data();
47   const size_t file_size = mapped_file.size();
48 
49   const IMAGE_DOS_HEADER* header =
50       TryReadStruct<IMAGE_DOS_HEADER>(base, 0, file_size);
51   if (!header || (header->e_magic != IMAGE_DOS_SIGNATURE)) {
52     return PEFileFormat::notPeCoff;
53   }
54 
55   // NTHeader is at position 'e_lfanew'.
56   DWORD nt_header_offset = header->e_lfanew;
57   // First, read a common IMAGE_NT_HEADERS structure. It should contain a
58   // special flag marking whether PE module is x64 (OptionalHeader.Magic)
59   // and so-called NT_SIGNATURE in Signature field.
60   const IMAGE_NT_HEADERS* nt_header =
61       TryReadStruct<IMAGE_NT_HEADERS>(base, nt_header_offset, file_size);
62   if (!nt_header || (nt_header->Signature != IMAGE_NT_SIGNATURE)
63      || ((nt_header->OptionalHeader.Magic != IMAGE_NT_OPTIONAL_HDR64_MAGIC)
64      &&  (nt_header->OptionalHeader.Magic != IMAGE_NT_OPTIONAL_HDR32_MAGIC)))
65     return PEFileFormat::notPeCoff;
66 
67   bool x64 = nt_header->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC;
68   WORD sections_number = nt_header->FileHeader.NumberOfSections;
69   DWORD debug_offset;
70   DWORD debug_size;
71   DWORD section_offset;
72   if (x64) {
73     const IMAGE_NT_HEADERS64* header_64 =
74         TryReadStruct<IMAGE_NT_HEADERS64>(base, nt_header_offset, file_size);
75     if (!header_64)
76       return PEFileFormat::peWithoutBuildId;
77     debug_offset =
78         header_64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_DEBUG]
79             .VirtualAddress;
80     debug_size =
81         header_64->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_DEBUG]
82             .Size;
83     section_offset = nt_header_offset + sizeof(IMAGE_NT_HEADERS64);
84   } else {
85     const IMAGE_NT_HEADERS32* header_32 =
86         TryReadStruct<IMAGE_NT_HEADERS32>(base, nt_header_offset, file_size);
87     if (!header_32)
88       return PEFileFormat::peWithoutBuildId;
89     debug_offset =
90         header_32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_DEBUG]
91             .VirtualAddress;
92     debug_size =
93         header_32->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_DEBUG]
94             .Size;
95     section_offset = nt_header_offset + sizeof(IMAGE_NT_HEADERS32);
96   }
97 
98   DWORD debug_end_pos = debug_offset + debug_size;
99   while (debug_offset < debug_end_pos) {
100     for (WORD i = 0; i < sections_number; ++i) {
101       // Section headers are placed sequentially after the NT_HEADER (32/64).
102       const IMAGE_SECTION_HEADER* section =
103           TryReadStruct<IMAGE_SECTION_HEADER>(base, section_offset, file_size);
104       if (!section)
105         return PEFileFormat::peWithoutBuildId;
106 
107       section_offset += sizeof(IMAGE_SECTION_HEADER);
108 
109       // Current `debug_offset` should be inside a section, stop if we find
110       // a suitable one (we don't consider any malformed sections here).
111       if ((section->VirtualAddress <= debug_offset) &&
112           (debug_offset < section->VirtualAddress + section->SizeOfRawData)) {
113         DWORD offset =
114             section->PointerToRawData + debug_offset - section->VirtualAddress;
115         // Go to the position of current ImageDebugDirectory (offset).
116         const IMAGE_DEBUG_DIRECTORY* debug_directory =
117             TryReadStruct<IMAGE_DEBUG_DIRECTORY>(base, offset, file_size);
118         if (!debug_directory)
119           return PEFileFormat::peWithoutBuildId;
120         // Process ImageDebugDirectory with CodeViewRecord type and skip
121         // all others.
122         if (debug_directory->Type == IMAGE_DEBUG_TYPE_CODEVIEW) {
123           DWORD debug_directory_size = debug_directory->SizeOfData;
124           if (debug_directory_size < sizeof(RSDS_DEBUG_FORMAT))
125             // RSDS section is malformed.
126             return PEFileFormat::peWithoutBuildId;
127           // Go to the position of current ImageDebugDirectory Raw Data
128           // (debug_directory->PointerToRawData) and read the RSDS section.
129           const RSDS_DEBUG_FORMAT* rsds =
130               TryReadStruct<RSDS_DEBUG_FORMAT>(
131                 base, debug_directory->PointerToRawData, file_size);
132 
133           if (!rsds)
134             return PEFileFormat::peWithoutBuildId;
135 
136           memcpy(debug_info->guid, rsds->guid, sizeof(rsds->guid));
137           memcpy(debug_info->age, rsds->age, sizeof(rsds->age));
138           return PEFileFormat::peWithBuildId;
139         }
140 
141         break;
142       }
143     }
144 
145     debug_offset += sizeof(IMAGE_DEBUG_DIRECTORY);
146   }
147 
148   return PEFileFormat::peWithoutBuildId;
149 }
150 
151 } // namespace google_breakpad