1 : // Copyright 2012 Google Inc. All Rights Reserved.
2 : //
3 : // Licensed under the Apache License, Version 2.0 (the "License");
4 : // you may not use this file except in compliance with the License.
5 : // You may obtain a copy of the License at
6 : //
7 : // http://www.apache.org/licenses/LICENSE-2.0
8 : //
9 : // Unless required by applicable law or agreed to in writing, software
10 : // distributed under the License is distributed on an "AS IS" BASIS,
11 : // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 : // See the License for the specific language governing permissions and
13 : // limitations under the License.
14 :
15 : #include "syzygy/pe/decomposer.h"
16 :
17 : #include "base/strings/string_split.h"
18 : #include "base/strings/string_util.h"
19 : #include "gmock/gmock.h"
20 : #include "gtest/gtest.h"
21 : #include "syzygy/block_graph/block_graph_serializer.h"
22 : #include "syzygy/block_graph/typed_block.h"
23 : #include "syzygy/block_graph/unittest_util.h"
24 : #include "syzygy/core/unittest_util.h"
25 : #include "syzygy/pdb/pdb_byte_stream.h"
26 : #include "syzygy/pdb/pdb_file.h"
27 : #include "syzygy/pdb/pdb_reader.h"
28 : #include "syzygy/pdb/pdb_util.h"
29 : #include "syzygy/pe/pe_relinker.h"
30 : #include "syzygy/pe/pe_utils.h"
31 : #include "syzygy/pe/unittest_util.h"
32 :
33 : namespace pe {
34 :
35 : namespace {
36 :
37 : using block_graph::BlockGraph;
38 : using block_graph::ConstTypedBlock;
39 : using core::RelativeAddress;
40 : using testing::ContainerEq;
41 :
42 : static const BlockGraph::BlockAttributes kGapOrPadding =
43 : BlockGraph::GAP_BLOCK | BlockGraph::PADDING_BLOCK;
44 :
45 : // Exposes the protected methods for testing.
46 : class TestDecomposer : public Decomposer {
47 : public:
48 : explicit TestDecomposer(const PEFile& image_file)
49 : : Decomposer(image_file) {
50 : }
51 :
52 : // Expose as public for testing.
53 : using Decomposer::LoadBlockGraphFromPdbStream;
54 : using Decomposer::LoadBlockGraphFromPdb;
55 : };
56 :
57 : class DecomposerTest : public testing::PELibUnitTest {
58 : typedef testing::PELibUnitTest Super;
59 :
60 : public:
61 E : void SetUp() {
62 E : Super::SetUp();
63 :
64 E : ASSERT_NO_FATAL_FAILURE(CreateTemporaryDir(&temp_dir_));
65 E : }
66 :
67 : base::FilePath temp_dir_;
68 : };
69 :
70 : } // namespace
71 :
72 E : TEST_F(DecomposerTest, MutatorsAndAccessors) {
73 E : base::FilePath image_path(testing::GetExeRelativePath(testing::kTestDllName));
74 : base::FilePath pdb_path(
75 E : testing::GetExeRelativePath(testing::kTestDllPdbName));
76 :
77 E : PEFile image_file;
78 E : ASSERT_TRUE(image_file.Init(image_path));
79 :
80 E : Decomposer decomposer(image_file);
81 E : EXPECT_TRUE(decomposer.pdb_path().empty());
82 :
83 E : decomposer.set_pdb_path(pdb_path);
84 E : EXPECT_EQ(pdb_path, decomposer.pdb_path());
85 E : }
86 :
87 E : TEST_F(DecomposerTest, Decompose) {
88 E : base::FilePath image_path(testing::GetExeRelativePath(testing::kTestDllName));
89 E : PEFile image_file;
90 :
91 E : ASSERT_TRUE(image_file.Init(image_path));
92 :
93 : // Decompose the test image.
94 E : Decomposer decomposer(image_file);
95 E : EXPECT_TRUE(decomposer.pdb_path().empty());
96 :
97 E : BlockGraph block_graph;
98 E : ImageLayout image_layout(&block_graph);
99 E : EXPECT_TRUE(decomposer.Decompose(&image_layout));
100 E : EXPECT_FALSE(decomposer.pdb_path().empty());
101 :
102 E : EXPECT_EQ(BlockGraph::PE_IMAGE, block_graph.image_format());
103 :
104 : // Retrieve and validate the DOS header.
105 : BlockGraph::Block* dos_header_block =
106 E : image_layout.blocks.GetBlockByAddress(RelativeAddress(0));
107 E : ASSERT_TRUE(dos_header_block != NULL);
108 E : ASSERT_TRUE(IsValidDosHeaderBlock(dos_header_block));
109 :
110 : // Retrieve and validate the NT header.
111 : BlockGraph::Block* nt_headers_block =
112 E : GetNtHeadersBlockFromDosHeaderBlock(dos_header_block);
113 E : ASSERT_TRUE(nt_headers_block != NULL);
114 E : ASSERT_TRUE(IsValidNtHeadersBlock(nt_headers_block));
115 :
116 : // There should be some blocks in the graph and in the layout, and the same
117 : // number in the block-graph and image layout.
118 E : EXPECT_LT(0u, block_graph.blocks().size());
119 E : EXPECT_LT(0u, image_layout.blocks.size());
120 E : EXPECT_EQ(block_graph.blocks().size(), image_layout.blocks.size());
121 :
122 E : EXPECT_EQ(6u, block_graph.sections().size());
123 E : EXPECT_EQ(6u, image_layout.sections.size());
124 :
125 E : EXPECT_EQ(".text", image_layout.sections[0].name);
126 E : EXPECT_NE(0U, image_layout.sections[0].addr.value());
127 E : EXPECT_NE(0U, image_layout.sections[0].size);
128 E : EXPECT_NE(0U, image_layout.sections[0].data_size);
129 : EXPECT_EQ(IMAGE_SCN_CNT_CODE | IMAGE_SCN_MEM_EXECUTE | IMAGE_SCN_MEM_READ,
130 E : image_layout.sections[0].characteristics);
131 :
132 E : EXPECT_EQ(".rdata", image_layout.sections[1].name);
133 E : EXPECT_NE(0U, image_layout.sections[1].addr.value());
134 E : EXPECT_NE(0U, image_layout.sections[1].size);
135 E : EXPECT_NE(0U, image_layout.sections[1].data_size);
136 : EXPECT_EQ(IMAGE_SCN_CNT_INITIALIZED_DATA | IMAGE_SCN_MEM_READ,
137 E : image_layout.sections[1].characteristics);
138 :
139 E : EXPECT_EQ(".data", image_layout.sections[2].name);
140 E : EXPECT_NE(0U, image_layout.sections[2].addr.value());
141 E : EXPECT_NE(0U, image_layout.sections[2].size);
142 E : EXPECT_NE(0U, image_layout.sections[2].data_size);
143 : EXPECT_EQ(
144 : IMAGE_SCN_CNT_INITIALIZED_DATA | IMAGE_SCN_MEM_READ | IMAGE_SCN_MEM_WRITE,
145 E : image_layout.sections[2].characteristics);
146 :
147 E : EXPECT_EQ(".tls", image_layout.sections[3].name);
148 E : EXPECT_NE(0U, image_layout.sections[3].addr.value());
149 E : EXPECT_NE(0U, image_layout.sections[3].size);
150 E : EXPECT_NE(0U, image_layout.sections[3].data_size);
151 : EXPECT_EQ(
152 : IMAGE_SCN_CNT_INITIALIZED_DATA | IMAGE_SCN_MEM_READ | IMAGE_SCN_MEM_WRITE,
153 E : image_layout.sections[3].characteristics);
154 :
155 E : EXPECT_EQ(".rsrc", image_layout.sections[4].name);
156 E : EXPECT_NE(0U, image_layout.sections[4].addr.value());
157 E : EXPECT_NE(0U, image_layout.sections[4].size);
158 E : EXPECT_NE(0U, image_layout.sections[4].data_size);
159 : EXPECT_EQ(IMAGE_SCN_CNT_INITIALIZED_DATA | IMAGE_SCN_MEM_READ,
160 E : image_layout.sections[4].characteristics);
161 :
162 E : EXPECT_EQ(".reloc", image_layout.sections[5].name);
163 E : EXPECT_NE(0U, image_layout.sections[5].addr.value());
164 E : EXPECT_NE(0U, image_layout.sections[5].size);
165 E : EXPECT_NE(0U, image_layout.sections[5].data_size);
166 : EXPECT_EQ(IMAGE_SCN_CNT_INITIALIZED_DATA | IMAGE_SCN_MEM_DISCARDABLE |
167 E : IMAGE_SCN_MEM_READ, image_layout.sections[5].characteristics);
168 :
169 : // We expect the ImageLayout sections to agree with the BlockGraph sections
170 : // in number, id, name and characteristics.
171 E : EXPECT_EQ(block_graph.sections().size(), image_layout.sections.size());
172 E : for (size_t i = 0; i < image_layout.sections.size(); ++i) {
173 : const BlockGraph::Section* section =
174 E : block_graph.GetSectionById(i);
175 E : ASSERT_TRUE(section != NULL);
176 E : EXPECT_EQ(section->id(), i);
177 E : EXPECT_EQ(section->name(), image_layout.sections[i].name);
178 : EXPECT_EQ(section->characteristics(),
179 E : image_layout.sections[i].characteristics);
180 E : }
181 :
182 : typedef std::map<BlockGraph::SectionId, size_t> SectionCountMap;
183 : typedef std::map<BlockGraph::BlockType, size_t> BlockTypeCountMap;
184 :
185 : // We expect every block to be associated with a section, and only two blocks
186 : // should not be assigned to a section--the two header blocks. Similarly, set
187 : // expectations on the number of blocks per section, and the number of blocks
188 : // by type.
189 E : SectionCountMap section_counts;
190 E : BlockTypeCountMap block_type_counts;
191 : BlockGraph::BlockMap::const_iterator it =
192 E : block_graph.blocks().begin();
193 E : for (; it != block_graph.blocks().end(); ++it) {
194 E : const BlockGraph::Block& block = it->second;
195 :
196 : // We can't count gap or padding blocks, as more or less of these can appear
197 : // based on the directory in which the user performed the build.
198 E : if (block.attributes() & kGapOrPadding)
199 E : continue;
200 :
201 E : ++section_counts[block.section()];
202 E : ++block_type_counts[block.type()];
203 E : }
204 :
205 E : SectionCountMap expected_section_counts;
206 : #ifndef NDEBUG
207 : // Debug build.
208 E : expected_section_counts[static_cast<unsigned>(-1)] = 2;
209 E : expected_section_counts[0] = 323;
210 E : expected_section_counts[1] = 747;
211 E : expected_section_counts[2] = 91;
212 E : expected_section_counts[3] = 1;
213 E : expected_section_counts[4] = 1;
214 E : expected_section_counts[5] = 1;
215 : #else
216 : #ifndef OFFICIAL_BUILD
217 : // Release build.
218 : expected_section_counts[static_cast<unsigned>(-1)] = 2;
219 : expected_section_counts[0] = 298;
220 : expected_section_counts[1] = 724;
221 : expected_section_counts[2] = 85;
222 : expected_section_counts[3] = 1;
223 : expected_section_counts[4] = 1;
224 : expected_section_counts[5] = 1;
225 : #else
226 : // Official build.
227 : expected_section_counts[static_cast<unsigned>(-1)] = 2;
228 : expected_section_counts[0] = 297;
229 : expected_section_counts[1] = 724;
230 : expected_section_counts[2] = 85;
231 : expected_section_counts[3] = 1;
232 : expected_section_counts[4] = 1;
233 : expected_section_counts[5] = 1;
234 : #endif
235 : #endif
236 E : EXPECT_THAT(section_counts, ContainerEq(expected_section_counts));
237 :
238 E : BlockTypeCountMap expected_block_type_counts;
239 : #ifndef NDEBUG
240 : // Debug build.
241 E : expected_block_type_counts[BlockGraph::CODE_BLOCK] = 323;
242 E : expected_block_type_counts[BlockGraph::DATA_BLOCK] = 843;
243 : #else
244 : #ifndef OFFICIAL_BUILD
245 : // Release build.
246 : expected_block_type_counts[BlockGraph::CODE_BLOCK] = 298;
247 : expected_block_type_counts[BlockGraph::DATA_BLOCK] = 814;
248 : #else
249 : // Official build.
250 : expected_block_type_counts[BlockGraph::CODE_BLOCK] = 297;
251 : expected_block_type_counts[BlockGraph::DATA_BLOCK] = 814;
252 : #endif
253 : #endif
254 E : EXPECT_THAT(block_type_counts, ContainerEq(expected_block_type_counts));
255 :
256 : // Every byte of each section must be accounted for by all of the non-header
257 : // blocks.
258 E : size_t section_blocks = 0;
259 E : for (size_t i = 0; i < image_layout.sections.size(); ++i) {
260 : BlockGraph::AddressSpace::RangeMapConstIterPair it_pair =
261 : image_layout.blocks.GetIntersectingBlocks(
262 : image_layout.sections[i].addr,
263 E : image_layout.sections[i].size);
264 :
265 : // Make sure the first iterator is dereferenceable.
266 E : ASSERT_TRUE(it_pair.first != image_layout.blocks.end());
267 :
268 : // The first and last iterators should not be the same.
269 E : EXPECT_TRUE(it_pair.first != it_pair.second);
270 :
271 : // The first iterator should start at the beginning of the section.
272 E : EXPECT_EQ(image_layout.sections[i].addr, it_pair.first->first.start());
273 :
274 : // Ensure the blocks are contiguous, and count the number of blocks as we
275 : // go.
276 E : BlockGraph::AddressSpace::RangeMapConstIter it_old = it_pair.first;
277 E : BlockGraph::AddressSpace::RangeMapConstIter it_cur = it_pair.first;
278 E : ++it_cur;
279 E : ++section_blocks;
280 E : while (it_cur != it_pair.second) {
281 E : EXPECT_EQ(it_old->first.end(), it_cur->first.start());
282 E : it_old = it_cur;
283 E : ++it_cur;
284 E : ++section_blocks;
285 E : }
286 :
287 : // Make sure the last block perfectly covers the section.
288 : EXPECT_EQ(image_layout.sections[i].addr + image_layout.sections[i].size,
289 E : it_old->first.end());
290 E : }
291 :
292 : // All of the blocks should have been covered, save the 2 header blocks.
293 E : EXPECT_EQ(section_blocks + 2, image_layout.blocks.size());
294 :
295 : // Make sure that all bracketed COFF groups have been parsed. There are 8
296 : // of them that we currently know of:
297 : // .CRT$XCA -> .CRT$XCZ: C initializers
298 : // .CRT$XIA -> .CRT$XLZ: C++ initializers
299 : // .CRT$XLA -> .CRT$XLZ: TLS callbacks
300 : // .CRT$XPA -> .CRT$XPZ: CRT pre-termination functions.
301 : // .CRT$XTA -> .CRT$XTZ: CRT termination functions.
302 : // .rtc$IAA -> .rtc$IZZ: Run-time checking initializers.
303 : // .rtc$TAA -> .rtc$TZZ: Run-time checking termination functions.
304 : // .tls -> .tls$ZZZ: TLS data.
305 E : size_t coff_group_blocks = 0;
306 E : it = block_graph.blocks().begin();
307 E : for (; it != block_graph.blocks().end(); ++it) {
308 E : const BlockGraph::Block& block = it->second;
309 E : if (block.attributes() & BlockGraph::COFF_GROUP)
310 E : ++coff_group_blocks;
311 E : }
312 E : EXPECT_EQ(8u, coff_group_blocks);
313 E : }
314 :
315 E : TEST_F(DecomposerTest, DecomposeFailsWithNonexistentPdb) {
316 E : base::FilePath image_path(testing::GetExeRelativePath(testing::kTestDllName));
317 E : PEFile image_file;
318 :
319 E : ASSERT_TRUE(image_file.Init(image_path));
320 :
321 E : Decomposer decomposer(image_file);
322 E : decomposer.set_pdb_path(testing::GetExeRelativePath(L"nonexistent.pdb"));
323 :
324 E : BlockGraph block_graph;
325 E : ImageLayout image_layout(&block_graph);
326 E : EXPECT_FALSE(decomposer.Decompose(&image_layout));
327 E : }
328 :
329 E : TEST_F(DecomposerTest, LabelsAndAttributes) {
330 E : base::FilePath image_path(testing::GetExeRelativePath(testing::kTestDllName));
331 E : PEFile image_file;
332 :
333 E : ASSERT_TRUE(image_file.Init(image_path));
334 :
335 : // Decompose the test image and look at the result.
336 E : Decomposer decomposer(image_file);
337 E : BlockGraph block_graph;
338 E : ImageLayout image_layout(&block_graph);
339 E : ASSERT_TRUE(decomposer.Decompose(&image_layout));
340 :
341 : // Locate various specific function blocks in the block-graph.
342 E : const BlockGraph::Block* dll_main_block = NULL;
343 E : const BlockGraph::Block* func_with_inl_asm_block = NULL;
344 E : const BlockGraph::Block* strchr_block = NULL;
345 E : const BlockGraph::Block* imp_load_block = NULL;
346 E : const BlockGraph::Block* no_private_symbols_block = NULL;
347 E : const BlockGraph::Block* test_string_block = NULL;
348 :
349 : typedef std::map<BlockGraph::BlockAttributeEnum, size_t> AttribCountMap;
350 E : AttribCountMap attrib_counts;
351 : {
352 : typedef std::map<std::string, const BlockGraph::Block**> TestBlockMap;
353 :
354 E : TestBlockMap test_blocks;
355 E : test_blocks.insert(std::make_pair("DllMain", &dll_main_block));
356 : test_blocks.insert(std::make_pair("FunctionWithInlineAssembly",
357 E : &func_with_inl_asm_block));
358 E : test_blocks.insert(std::make_pair("strchr", &strchr_block));
359 : test_blocks.insert(std::make_pair("__imp_load_CoCreateGuid",
360 E : &imp_load_block));
361 : test_blocks.insert(std::make_pair("TestFunctionWithNoPrivateSymbols",
362 E : &no_private_symbols_block));
363 : test_blocks.insert(std::make_pair("kTestString",
364 E : &test_string_block));
365 :
366 E : BlockGraph::BlockMap::const_iterator it = block_graph.blocks().begin();
367 E : for (; it != block_graph.blocks().end(); ++it) {
368 E : const BlockGraph::Block& block = it->second;
369 :
370 : // Count the attributes across the entire block-graph.
371 E : for (size_t i = 0; i < BlockGraph::BLOCK_ATTRIBUTES_MAX_BIT; ++i) {
372 : BlockGraph::BlockAttributeEnum attr =
373 E : static_cast<BlockGraph::BlockAttributeEnum>(1 << i);
374 :
375 : // We don't count gap or padding blocks as they vary from machine to
376 : // machine depending on lengths of certain strings.
377 E : if (attr & kGapOrPadding)
378 E : continue;
379 :
380 E : if (block.attributes() & attr)
381 E : ++attrib_counts[attr];
382 E : }
383 :
384 E : TestBlockMap::const_iterator test_it = test_blocks.find(block.name());
385 E : if (test_it == test_blocks.end())
386 E : continue;
387 :
388 E : ASSERT_TRUE(*test_it->second == NULL);
389 E : *test_it->second = █
390 E : }
391 E : }
392 :
393 E : ASSERT_TRUE(dll_main_block != NULL);
394 E : ASSERT_TRUE(func_with_inl_asm_block != NULL);
395 E : ASSERT_TRUE(strchr_block != NULL);
396 E : ASSERT_TRUE(imp_load_block != NULL);
397 E : ASSERT_TRUE(no_private_symbols_block != NULL);
398 :
399 : // Check the attribute counts.
400 E : AttribCountMap expected_attrib_counts;
401 :
402 : #ifndef NDEBUG
403 : // Debug build.
404 E : expected_attrib_counts[BlockGraph::NON_RETURN_FUNCTION] = 10;
405 E : expected_attrib_counts[BlockGraph::PE_PARSED] = 89;
406 E : expected_attrib_counts[BlockGraph::SECTION_CONTRIB] = 1162;
407 E : expected_attrib_counts[BlockGraph::HAS_INLINE_ASSEMBLY] = 15;
408 E : expected_attrib_counts[BlockGraph::BUILT_BY_UNSUPPORTED_COMPILER] = 136;
409 E : expected_attrib_counts[BlockGraph::HAS_EXCEPTION_HANDLING] = 26;
410 E : expected_attrib_counts[BlockGraph::THUNK] = 7;
411 E : expected_attrib_counts[BlockGraph::COFF_GROUP] = 8;
412 : #else
413 : #ifndef OFFICIAL_BUILD
414 : // Release build.
415 : expected_attrib_counts[BlockGraph::NON_RETURN_FUNCTION] = 8;
416 : expected_attrib_counts[BlockGraph::PE_PARSED] = 88;
417 : expected_attrib_counts[BlockGraph::SECTION_CONTRIB] = 1108;
418 : expected_attrib_counts[BlockGraph::BUILT_BY_UNSUPPORTED_COMPILER] = 135;
419 : expected_attrib_counts[BlockGraph::HAS_INLINE_ASSEMBLY] = 13;
420 : expected_attrib_counts[BlockGraph::HAS_EXCEPTION_HANDLING] = 24;
421 : expected_attrib_counts[BlockGraph::THUNK] = 7;
422 : expected_attrib_counts[BlockGraph::COFF_GROUP] = 8;
423 : #else
424 : // Official build.
425 : expected_attrib_counts[BlockGraph::NON_RETURN_FUNCTION] = 8;
426 : expected_attrib_counts[BlockGraph::PE_PARSED] = 88;
427 : expected_attrib_counts[BlockGraph::SECTION_CONTRIB] = 1107;
428 : expected_attrib_counts[BlockGraph::BUILT_BY_UNSUPPORTED_COMPILER] = 136;
429 : expected_attrib_counts[BlockGraph::HAS_INLINE_ASSEMBLY] = 13;
430 : expected_attrib_counts[BlockGraph::HAS_EXCEPTION_HANDLING] = 24;
431 : expected_attrib_counts[BlockGraph::THUNK] = 7;
432 : expected_attrib_counts[BlockGraph::COFF_GROUP] = 8;
433 : #endif
434 : #endif
435 E : EXPECT_THAT(attrib_counts, ContainerEq(expected_attrib_counts));
436 :
437 : // The kTestString block should have alignment >= 64.
438 E : ASSERT_FALSE(test_string_block == NULL);
439 E : EXPECT_LE(64u, test_string_block->alignment());
440 :
441 : // The block with no private symbols should only have a single public symbol
442 : // label.
443 E : ASSERT_FALSE(no_private_symbols_block == NULL);
444 E : EXPECT_EQ(1u, no_private_symbols_block->labels().size());
445 : BlockGraph::Block::LabelMap::const_iterator label_it =
446 E : no_private_symbols_block->labels().begin();
447 E : EXPECT_EQ(0, label_it->first);
448 E : EXPECT_EQ(BlockGraph::PUBLIC_SYMBOL_LABEL, label_it->second.attributes());
449 :
450 : // The imp_load block should be a thunk.
451 E : ASSERT_NE(0UL, imp_load_block->attributes() & BlockGraph::THUNK);
452 :
453 : // DllMain has a jump table so it should have pointer alignment.
454 E : ASSERT_EQ(kPointerSize, dll_main_block->alignment());
455 :
456 : // Validate that the FunctionWithInlineAssembly block has the appropriate
457 : // attributes.
458 : ASSERT_TRUE(func_with_inl_asm_block->attributes() &
459 E : BlockGraph::HAS_INLINE_ASSEMBLY);
460 :
461 : // Validate that the strchr block has the appropriate attributes.
462 : ASSERT_TRUE(strchr_block->attributes() &
463 E : BlockGraph::BUILT_BY_UNSUPPORTED_COMPILER);
464 :
465 : #ifdef OFFICIAL_BUILD
466 : static const size_t kDllMainLabelCount = 44;
467 : static const size_t kCallSiteLabelCount = 26;
468 : #else
469 : #ifndef NDEBUG
470 : // Debug build.
471 : static const size_t kDllMainLabelCount = 32;
472 : static const size_t kCallSiteLabelCount = 10;
473 : #else
474 : // Release build.
475 : static const size_t kDllMainLabelCount = 33;
476 : static const size_t kCallSiteLabelCount = 10;
477 : #endif
478 : #endif
479 :
480 : // Validate compiland names.
481 : // MSVS produces files named test_dll.obj and Ninja build produces files
482 : // named test_dll.test_dll.obj.
483 : EXPECT_TRUE(base::EndsWith(dll_main_block->compiland_name(), "test_dll.obj",
484 E : base::CompareCase::SENSITIVE));
485 : EXPECT_TRUE(base::EndsWith(func_with_inl_asm_block->compiland_name(),
486 E : "test_dll.obj", base::CompareCase::SENSITIVE));
487 : EXPECT_TRUE(base::EndsWith(strchr_block->compiland_name(), "strchr.obj",
488 E : base::CompareCase::SENSITIVE));
489 :
490 : // Validate that the DllMain block has the expected population of labels.
491 E : EXPECT_EQ(kDllMainLabelCount, dll_main_block->labels().size());
492 :
493 E : std::map<BlockGraph::LabelAttributes, size_t> label_attr_counts;
494 : {
495 : BlockGraph::Block::LabelMap::const_iterator it =
496 E : dll_main_block->labels().begin();
497 E : for (; it != dll_main_block->labels().end(); ++it) {
498 E : BlockGraph::LabelAttributes attr_mask = 1;
499 E : for (; attr_mask != BlockGraph::LABEL_ATTRIBUTES_MAX; attr_mask <<= 1) {
500 E : if (it->second.has_attributes(attr_mask))
501 E : label_attr_counts[attr_mask]++;
502 E : }
503 E : }
504 : }
505 :
506 E : EXPECT_EQ(19, label_attr_counts[BlockGraph::CODE_LABEL]);
507 : EXPECT_EQ(kCallSiteLabelCount,
508 E : label_attr_counts[BlockGraph::CALL_SITE_LABEL]);
509 E : EXPECT_EQ(5, label_attr_counts[BlockGraph::DATA_LABEL]);
510 E : EXPECT_EQ(3, label_attr_counts[BlockGraph::JUMP_TABLE_LABEL]);
511 E : EXPECT_EQ(2, label_attr_counts[BlockGraph::CASE_TABLE_LABEL]);
512 E : EXPECT_EQ(1, label_attr_counts[BlockGraph::DEBUG_START_LABEL]);
513 E : EXPECT_EQ(1, label_attr_counts[BlockGraph::DEBUG_END_LABEL]);
514 E : }
515 :
516 E : TEST_F(DecomposerTest, DecomposeTestDllMSVS2010) {
517 : base::FilePath dll_path = testing::GetSrcRelativePath(
518 E : L"syzygy\\pe\\test_data\\test_dll_vs2010.dll");
519 : base::FilePath pdb_path = testing::GetSrcRelativePath(
520 E : L"syzygy\\pe\\test_data\\test_dll_vs2010.dll.pdb");
521 :
522 E : PEFile pe_file;
523 E : ASSERT_TRUE(pe_file.Init(dll_path));
524 :
525 E : Decomposer decomposer(pe_file);
526 E : BlockGraph block_graph;
527 E : ImageLayout image_layout(&block_graph);
528 E : decomposer.set_pdb_path(pdb_path);
529 E : ASSERT_TRUE(decomposer.Decompose(&image_layout));
530 E : }
531 :
532 E : TEST_F(DecomposerTest, DecomposeTestDllMSVS2013) {
533 : base::FilePath dll_path = testing::GetSrcRelativePath(
534 E : L"syzygy\\pe\\test_data\\test_dll_vs2013.dll");
535 : base::FilePath pdb_path = testing::GetSrcRelativePath(
536 E : L"syzygy\\pe\\test_data\\test_dll_vs2013.dll.pdb");
537 :
538 E : PEFile pe_file;
539 E : ASSERT_TRUE(pe_file.Init(dll_path));
540 :
541 E : Decomposer decomposer(pe_file);
542 E : BlockGraph block_graph;
543 E : ImageLayout image_layout(&block_graph);
544 E : decomposer.set_pdb_path(pdb_path);
545 E : ASSERT_TRUE(decomposer.Decompose(&image_layout));
546 E : }
547 :
548 E : TEST_F(DecomposerTest, DecomposeSyzyAsanRtlDllWithPGO) {
549 : base::FilePath dll_path = testing::GetSrcRelativePath(
550 E : L"syzygy\\pe\\test_data\\syzyasan_rtl.dll");
551 : base::FilePath pdb_path = testing::GetSrcRelativePath(
552 E : L"syzygy\\pe\\test_data\\syzyasan_rtl.dll.pdb");
553 :
554 E : PEFile pe_file;
555 E : ASSERT_TRUE(pe_file.Init(dll_path));
556 :
557 E : Decomposer decomposer(pe_file);
558 E : BlockGraph block_graph;
559 E : ImageLayout image_layout(&block_graph);
560 E : decomposer.set_pdb_path(pdb_path);
561 E : ASSERT_TRUE(decomposer.Decompose(&image_layout));
562 E : }
563 :
564 : namespace {
565 :
566 : void GetNtHeadersBlock(const BlockGraph::Block* dos_header_block,
567 E : BlockGraph::Block** out_nt_headers_block) {
568 E : DCHECK(out_nt_headers_block != NULL);
569 :
570 E : ConstTypedBlock<IMAGE_DOS_HEADER> dos_header;
571 E : ASSERT_TRUE(dos_header.Init(0, dos_header_block));
572 E : ConstTypedBlock<IMAGE_NT_HEADERS> nt_headers;
573 E : ASSERT_TRUE(dos_header.Dereference(dos_header->e_lfanew, &nt_headers));
574 E : ASSERT_TRUE(nt_headers.block() != NULL);
575 E : *out_nt_headers_block = const_cast<BlockGraph::Block*>(nt_headers.block());
576 E : }
577 :
578 : // This test fixture class contains all the tests that need files generated by
579 : // the relinker (the new image and its corresponding PDB).
580 : class DecomposerAfterRelinkTest : public DecomposerTest {
581 : public:
582 : typedef DecomposerTest Super;
583 :
584 E : DecomposerAfterRelinkTest() : relinker_(&policy_) { }
585 :
586 E : virtual void SetUp() override { Super::SetUp(); }
587 :
588 E : void Relink(bool compress_pdb) {
589 : // Initialize a relinker and generate a pdb that contains a block-graph
590 : // stream.
591 E : relinked_dll_ = temp_dir_.Append(testing::kTestDllName);
592 E : relinked_pdb_ = temp_dir_.Append(testing::kTestDllPdbName);
593 :
594 : relinker_.set_input_path(testing::GetExeRelativePath(
595 E : testing::kTestDllName));
596 : relinker_.set_input_pdb_path(testing::GetExeRelativePath(
597 E : testing::kTestDllPdbName));
598 E : relinker_.set_allow_overwrite(true);
599 E : relinker_.set_augment_pdb(true);
600 E : relinker_.set_compress_pdb(compress_pdb);
601 E : relinker_.set_output_path(relinked_dll_);
602 E : relinker_.set_output_pdb_path(relinked_pdb_);
603 E : ASSERT_TRUE(relinker_.Init());
604 E : ASSERT_TRUE(relinker_.Relink());
605 E : }
606 :
607 : // Given a decomposed image this checks its NT headers against those
608 : // contained in the transformed image stored in the relinker.
609 E : void ReconcileNtHeaders(ImageLayout* image_layout) {
610 E : DCHECK(image_layout != NULL);
611 :
612 : // Get the NT headers block associated with the in-memory representation of
613 : // the relinked image.
614 E : BlockGraph::Block* nt1 = NULL;
615 E : ASSERT_NO_FATAL_FAILURE(GetNtHeadersBlock(relinker_.headers_block(), &nt1));
616 E : ASSERT_TRUE(nt1 != NULL);
617 :
618 : // Get the NT headers block associated with the decomposition just performed
619 : // on the relinked image.
620 : BlockGraph::Block* dos_header_block =
621 E : image_layout->blocks.GetBlockByAddress(core::RelativeAddress(0));
622 E : ASSERT_TRUE(dos_header_block != NULL);
623 E : BlockGraph::Block* nt2 = NULL;
624 E : ASSERT_NO_FATAL_FAILURE(GetNtHeadersBlock(dos_header_block, &nt2));
625 E : ASSERT_TRUE(nt2 != NULL);
626 :
627 : // The NT headers don't compare equal because things like the timestamp and
628 : // checksum are filled out post-transform. We copy the old NT headers into
629 : // the new image so that we can do a simple comparison afterwards.
630 E : ASSERT_EQ(nt1->data_size(), nt2->data_size());
631 E : nt1->SetData(nt2->data(), nt2->data_size());
632 E : }
633 :
634 : // Used to ensure that round-trip decomposition works (where the image is not
635 : // decomposed, but rather deserialized from the PDB).
636 E : void LoadRedecompositionData(bool compressed) {
637 E : ASSERT_NO_FATAL_FAILURE(Relink(compressed));
638 :
639 E : PEFile image_file;
640 E : ASSERT_TRUE(image_file.Init(relinked_dll_));
641 :
642 : // Decompose the test image and look at the result.
643 E : Decomposer decomposer(image_file);
644 E : BlockGraph block_graph;
645 E : ImageLayout image_layout(&block_graph);
646 :
647 E : ASSERT_TRUE(decomposer.Decompose(&image_layout));
648 :
649 : // Certain data is written to the NT headers post-transform (checksum), so
650 : // it's not reflected in the relinker's block-graph. We reconcile the
651 : // headers prior to doing the comparison.
652 E : ASSERT_NO_FATAL_FAILURE(ReconcileNtHeaders(&image_layout));
653 :
654 : // Ensure that the post-relink block-graph and the deserialized one from the
655 : // PDB are the same.
656 E : block_graph::BlockGraphSerializer bgs;
657 E : ASSERT_TRUE(::testing::BlockGraphsEqual(relinker_.block_graph(),
658 : block_graph,
659 : bgs));
660 E : }
661 :
662 : PETransformPolicy policy_;
663 : PERelinker relinker_;
664 : base::FilePath relinked_dll_;
665 : base::FilePath relinked_pdb_;
666 : };
667 :
668 : } // namespace
669 :
670 E : TEST_F(DecomposerAfterRelinkTest, LoadRedecompositionDataUncompressed) {
671 E : ASSERT_NO_FATAL_FAILURE(LoadRedecompositionData(false));
672 E : }
673 :
674 E : TEST_F(DecomposerAfterRelinkTest, LoadRedecompositionDataCompressed) {
675 E : ASSERT_NO_FATAL_FAILURE(LoadRedecompositionData(true));
676 E : }
677 :
678 E : TEST_F(DecomposerAfterRelinkTest, FailToLoadBlockGraphWithInvalidVersion) {
679 E : ASSERT_NO_FATAL_FAILURE(Relink(true));
680 :
681 : // Get the block-graph stream from the PDB and change the version of it.
682 :
683 : // Get the stream.
684 E : pdb::PdbFile pdb_file;
685 E : pdb::PdbReader pdb_reader;
686 E : pdb_reader.Read(relinked_pdb_, &pdb_file);
687 E : scoped_refptr<pdb::PdbStream> block_graph_stream;
688 : EXPECT_TRUE(pdb::LoadNamedStreamFromPdbFile(pdb::kSyzygyBlockGraphStreamName,
689 : &pdb_file,
690 E : &block_graph_stream));
691 :
692 : // Create a copy of the stream. We need to do this to have a stream that we
693 : // can modify.
694 E : scoped_refptr<pdb::PdbByteStream> new_stream = new pdb::PdbByteStream();
695 E : ASSERT_TRUE(new_stream->Init(block_graph_stream.get()));
696 E : block_graph_stream = new_stream.get();
697 : scoped_refptr<pdb::WritablePdbStream> block_graph_writer =
698 E : block_graph_stream->GetWritableStream();
699 E : ASSERT_TRUE(block_graph_writer.get() != NULL);
700 :
701 : // Change the version of the stream.
702 E : block_graph_writer->set_pos(0);
703 E : block_graph_writer->Write(pdb::kSyzygyBlockGraphStreamVersion + 1);
704 :
705 E : BlockGraph block_graph;
706 E : ImageLayout image_layout(&block_graph);
707 :
708 : // We've invalided the version previously so this test should fail.
709 E : PEFile image_file;
710 E : ASSERT_TRUE(image_file.Init(relinked_dll_));
711 : ASSERT_FALSE(TestDecomposer::LoadBlockGraphFromPdbStream(
712 E : image_file, block_graph_stream.get(), &image_layout));
713 E : }
714 :
715 : } // namespace pe
|