1    :  // Copyright 2015 Google Inc. All Rights Reserved.
   2    :  //
   3    :  // Licensed under the Apache License, Version 2.0 (the "License");
   4    :  // you may not use this file except in compliance with the License.
   5    :  // You may obtain a copy of the License at
   6    :  //
   7    :  //     http://www.apache.org/licenses/LICENSE-2.0
   8    :  //
   9    :  // Unless required by applicable law or agreed to in writing, software
  10    :  // distributed under the License is distributed on an "AS IS" BASIS,
  11    :  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12    :  // See the License for the specific language governing permissions and
  13    :  // limitations under the License.
  14    :  
  15    :  #include "syzygy/refinery/analyzers/module_analyzer.h"
  16    :  
  17    :  #include <stdint.h>
  18    :  
  19    :  #include <vector>
  20    :  
  21    :  #include "base/files/scoped_temp_dir.h"
  22    :  #include "gtest/gtest.h"
  23    :  #include "syzygy/minidump/minidump.h"
  24    :  #include "syzygy/minidump/unittest_util.h"
  25    :  #include "syzygy/refinery/unittest_util.h"
  26    :  #include "syzygy/refinery/process_state/process_state.h"
  27    :  #include "syzygy/refinery/process_state/process_state_util.h"
  28    :  #include "syzygy/refinery/process_state/refinery.pb.h"
  29    :  
  30    :  namespace refinery {
  31    :  
  32  E :  TEST(ModuleAnalyzerTest, AnalyzeMinidump) {
  33  E :    minidump::Minidump minidump;
  34  E :    ASSERT_TRUE(minidump.Open(testing::TestMinidumps::GetNotepad32Dump()));
  35    :  
  36  E :    ProcessState process_state;
  37    :  
  38  E :    ModuleAnalyzer analyzer;
  39    :    ASSERT_EQ(Analyzer::ANALYSIS_COMPLETE,
  40  E :              analyzer.Analyze(minidump, &process_state));
  41    :  
  42  E :    ModuleLayerPtr module_layer;
  43  E :    ASSERT_TRUE(process_state.FindLayer(&module_layer));
  44  E :    ASSERT_LE(1, module_layer->size());
  45  E :  }
  46    :  
  47    :  class ModuleAnalyzerSyntheticTest : public testing::SyntheticMinidumpTest {
  48    :  };
  49    :  
  50  E :  TEST_F(ModuleAnalyzerSyntheticTest, BasicTest) {
  51    :    // Create a minidump with a single module.
  52  E :    testing::MinidumpSpecification::ModuleSpecification module_spec;
  53  E :    testing::MinidumpSpecification spec;
  54  E :    spec.AddModule(module_spec);
  55  E :    ASSERT_NO_FATAL_FAILURE(Serialize(spec));
  56    :  
  57    :    // Analyze it for modules.
  58  E :    minidump::Minidump minidump;
  59  E :    ASSERT_TRUE(minidump.Open(dump_file()));
  60  E :    ProcessState process_state;
  61  E :    ModuleAnalyzer analyzer;
  62    :    ASSERT_EQ(Analyzer::ANALYSIS_COMPLETE,
  63  E :              analyzer.Analyze(minidump, &process_state));
  64    :  
  65    :    // Validate recovered module.
  66  E :    ModuleLayerPtr module_layer;
  67  E :    ASSERT_TRUE(process_state.FindLayer(&module_layer));
  68  E :    ASSERT_EQ(1, module_layer->size());
  69    :  
  70  E :    std::vector<ModuleRecordPtr> matching_records;
  71  E :    module_layer->GetRecordsAt(module_spec.addr, &matching_records);
  72  E :    ASSERT_EQ(1, matching_records.size());
  73    :    ASSERT_EQ(AddressRange(module_spec.addr, module_spec.size),
  74  E :              matching_records[0]->range());
  75  E :    const Module& module = matching_records[0]->data();
  76  E :    ASSERT_NE(kNoModuleId, module.module_id());
  77    :  
  78    :    // Validate the layer data contains the module information.
  79  E :    pe::PEFile::Signature signature;
  80  E :    ASSERT_TRUE(module_layer->data().Find(module.module_id(), &signature));
  81  E :    ASSERT_NE(kNoModuleId, module_layer->data().Find(signature));
  82  E :  }
  83    :  
  84    :  }  // namespace refinery