1    :  // Copyright 2015 Google Inc. All Rights Reserved.
   2    :  //
   3    :  // Licensed under the Apache License, Version 2.0 (the "License");
   4    :  // you may not use this file except in compliance with the License.
   5    :  // You may obtain a copy of the License at
   6    :  //
   7    :  //     http://www.apache.org/licenses/LICENSE-2.0
   8    :  //
   9    :  // Unless required by applicable law or agreed to in writing, software
  10    :  // distributed under the License is distributed on an "AS IS" BASIS,
  11    :  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12    :  // See the License for the specific language governing permissions and
  13    :  // limitations under the License.
  14    :  
  15    :  #include "syzygy/refinery/analyzers/module_analyzer.h"
  16    :  
  17    :  #include <stdint.h>
  18    :  
  19    :  #include <vector>
  20    :  
  21    :  #include "base/files/scoped_temp_dir.h"
  22    :  #include "gtest/gtest.h"
  23    :  #include "syzygy/minidump/minidump.h"
  24    :  #include "syzygy/minidump/unittest_util.h"
  25    :  #include "syzygy/refinery/unittest_util.h"
  26    :  #include "syzygy/refinery/analyzers/analyzer_util.h"
  27    :  #include "syzygy/refinery/process_state/process_state.h"
  28    :  #include "syzygy/refinery/process_state/process_state_util.h"
  29    :  #include "syzygy/refinery/process_state/refinery.pb.h"
  30    :  
  31  m :  namespace refinery {
  32    :  
  33  m :  TEST(ModuleAnalyzerTest, AnalyzeMinidump) {
  34  m :    minidump::FileMinidump minidump;
  35  m :    ASSERT_TRUE(minidump.Open(testing::TestMinidumps::GetNotepad32Dump()));
  36    :  
  37  m :    ProcessState process_state;
  38  m :    SimpleProcessAnalysis analysis(&process_state);
  39    :  
  40  m :    ModuleAnalyzer analyzer;
  41  m :    ASSERT_EQ(Analyzer::ANALYSIS_COMPLETE, analyzer.Analyze(minidump, analysis));
  42    :  
  43  m :    ModuleLayerPtr module_layer;
  44  m :    ASSERT_TRUE(process_state.FindLayer(&module_layer));
  45  m :    ASSERT_LE(1, module_layer->size());
  46  m :  }
  47    :  
  48  m :  class ModuleAnalyzerSyntheticTest : public testing::SyntheticMinidumpTest {
  49  m :  };
  50    :  
  51  m :  TEST_F(ModuleAnalyzerSyntheticTest, BasicTest) {
  52    :    // Create a minidump with a single module.
  53  m :    testing::MinidumpSpecification::ModuleSpecification module_spec;
  54  m :    testing::MinidumpSpecification spec;
  55  m :    spec.AddModule(module_spec);
  56  m :    ASSERT_NO_FATAL_FAILURE(Serialize(spec));
  57    :  
  58    :    // Analyze it for modules.
  59  m :    minidump::FileMinidump minidump;
  60  m :    ASSERT_TRUE(minidump.Open(dump_file()));
  61  m :    ProcessState process_state;
  62  m :    SimpleProcessAnalysis analysis(&process_state);
  63  m :    ModuleAnalyzer analyzer;
  64  m :    ASSERT_EQ(Analyzer::ANALYSIS_COMPLETE, analyzer.Analyze(minidump, analysis));
  65    :  
  66    :    // Validate recovered module.
  67  m :    ModuleLayerPtr module_layer;
  68  m :    ASSERT_TRUE(process_state.FindLayer(&module_layer));
  69  m :    ASSERT_EQ(1, module_layer->size());
  70    :  
  71  m :    std::vector<ModuleRecordPtr> matching_records;
  72  m :    module_layer->GetRecordsAt(module_spec.addr, &matching_records);
  73  m :    ASSERT_EQ(1, matching_records.size());
  74  m :    ASSERT_EQ(AddressRange(module_spec.addr, module_spec.size),
  75  m :              matching_records[0]->range());
  76  m :    const Module& module = matching_records[0]->data();
  77  m :    ASSERT_NE(kNoModuleId, module.module_id());
  78    :  
  79    :    // Validate the layer data contains the module information.
  80  m :    pe::PEFile::Signature signature;
  81  m :    ASSERT_TRUE(module_layer->data().Find(module.module_id(), &signature));
  82  m :    ASSERT_NE(kNoModuleId, module_layer->data().Find(signature));
  83  m :  }
  84    :  
  85  m :  }  // namespace refinery