Fix some VS2017 issues

- Add support for the new SDK LoadConfigDirectory struct definition. - Workaround for a bug in distorm (gdabah/distorm#120) Review-Url: https://codereview.chromium.org/2980263002
google · Jul 18, 2017 · 0cc169a · 0cc169a
1 parent f61ad74
commit 0cc169a
Show file tree

Hide file tree

Showing 5 changed files with 76 additions and 33 deletions.
diff --git a/syzygy/core/disassembler_util.cc b/syzygy/core/disassembler_util.cc
@@ -469,6 +469,12 @@ _DecodeResult DistormDecompose(_CodeInfo* ci,
         DCHECK_EQ(0U, result[i].ops[0].size);
         result[i].ops[0].size = 64;
         break;
+      // There's a similar issue with I_STMXCSR which has a size of 0 instead
+      // of 32, reported in https://github.com/gdabah/distorm/issues/120.
+      case I_STMXCSR:
+        DCHECK_EQ(0U, result[i].ops[0].size);
+        result[i].ops[0].size = 32;
+        break;
       default:
         break;
     }

diff --git a/syzygy/core/disassembler_util_unittest.cc b/syzygy/core/disassembler_util_unittest.cc
@@ -71,6 +71,7 @@ const uint8_t kVxorps[] = {0xC5, 0xFC, 0x57, 0xC0};
 // operand size.
 const uint8_t kFxsave[] = {0x0F, 0xAE, 0x00};
 const uint8_t kFxrstor[] = {0x0F, 0xAE, 0x08};
+const uint8_t kStmxcsr[] = {0x0F, 0xAE, 0x5D, 0xEC};
 
 // FPU instructions for which distorm had some decoding issues in the past.
 // fnstcw m16
@@ -352,6 +353,27 @@ TEST(DisassemblerUtilTest, DistormDecomposeFxrstor) {
   EXPECT_EQ(64, results[0].ops[0].size);
 }
 
+TEST(DisassemblerUtilTest, WrongAccessSizeOnRawDistormDecomposeStmxcsr) {
+  const unsigned int kMaxResults = 16;
+  unsigned int result_count = 0;
+  _DInst results[kMaxResults];
+  EXPECT_EQ(DECRES_SUCCESS,
+            RawDecomposeCode(kStmxcsr, sizeof(kStmxcsr), results, kMaxResults,
+                             &result_count));
+  EXPECT_EQ(1U, result_count);
+  EXPECT_EQ(0U, results[0].ops[0].size);
+}
+
+TEST(DisassemblerUtilTest, DistormDecomposeStmxcsr) {
+  const unsigned int kMaxResults = 16;
+  unsigned int result_count = 0;
+  _DInst results[kMaxResults];
+  EXPECT_EQ(DECRES_SUCCESS, DecomposeCode(kStmxcsr, sizeof(kStmxcsr), results,
+                                          kMaxResults, &result_count));
+  EXPECT_EQ(1, result_count);
+  EXPECT_EQ(32, results[0].ops[0].size);
+}
+
 // If this test starts failing then Distorm now properly handles the AVX2
 // instructions. Please remove the workaround in disassembler_util.cc.
 TEST(DisassemblerUtilTest, TestBadlyDecodedVexInstructions) {

diff --git a/syzygy/instrument/transforms/asan_intercepts.cc b/syzygy/instrument/transforms/asan_intercepts.cc
@@ -94,6 +94,7 @@ const MD5Hash kHashes_wcsrchr[] = {
     {"e1d33ebe81f646a5b6941fbc3bad43b1"},  // Win SDK 10.0.10586.0.
     {"f1f7d1a3c28ea37e4d297bce5bc095bd"},  // Win SDK 10.0.10586.0 debug.
     {"bfb15ac56c29c1dd8c68e9ba25d264a8"},  // Win SDK 10.0.14393.0+.
+    {"b674a88ebfec05ac1525819eae9ef09f"},  // Win SDK 10.0.15063.468.
     {""}};
 const MD5Hash kHashes_wcschr[] = {
     {"8206e006eac1d4e9ef3dd85c70563af3"},  // VS2010.

diff --git a/syzygy/pe/pe_file_parser.cc b/syzygy/pe/pe_file_parser.cc
@@ -1166,7 +1166,8 @@ BlockGraph::Block* PEFileParser::ParseLoadConfigDir(
     case kLoadConfigDirectorySize81:
     // case kLoadConfigDirectorySize100NoCodeIntegrity:
     case kLoadConfigDirectorySize100NoCFG:
-    case kLoadConfigDirectorySize100:
+    case kLoadConfigDirectorySize10010586:
+    case kLoadConfigDirectorySize10015063:
       load_config_version =
           static_cast<LoadConfigDirectoryVersion>(*load_config_len.ptr());
       break;

diff --git a/syzygy/pe/pe_structs.h b/syzygy/pe/pe_structs.h
@@ -32,45 +32,55 @@ struct IMAGE_LOAD_CONFIG_CODE_INTEGRITY {
 };
 
 // Redefinition of the IMAGE_LOAD_CONFIG_DIRECTORY structure. This corresponds
-// to the structure as encountered in the version 10.0.14393 of the Windows SDK.
+// to the structure as encountered in the version 10.0.15063.468 of the Windows
+// SDK.
 struct LoadConfigDirectory {
   // Fields available in v8.0+ of the Windows SDK.
-  DWORD   Size;
-  DWORD   TimeDateStamp;
-  WORD    MajorVersion;
-  WORD    MinorVersion;
-  DWORD   GlobalFlagsClear;
-  DWORD   GlobalFlagsSet;
-  DWORD   CriticalSectionDefaultTimeout;
-  DWORD   DeCommitFreeBlockThreshold;
-  DWORD   DeCommitTotalFreeThreshold;
-  DWORD   LockPrefixTable;                // VA
-  DWORD   MaximumAllocationSize;
-  DWORD   VirtualMemoryThreshold;
-  DWORD   ProcessHeapFlags;
-  DWORD   ProcessAffinityMask;
-  WORD    CSDVersion;
-  WORD    Reserved1;
-  DWORD   EditList;                       // VA
-  DWORD   SecurityCookie;                 // VA
-  DWORD   SEHandlerTable;                 // VA
-  DWORD   SEHandlerCount;
+  DWORD Size;
+  DWORD TimeDateStamp;
+  WORD MajorVersion;
+  WORD MinorVersion;
+  DWORD GlobalFlagsClear;
+  DWORD GlobalFlagsSet;
+  DWORD CriticalSectionDefaultTimeout;
+  DWORD DeCommitFreeBlockThreshold;
+  DWORD DeCommitTotalFreeThreshold;
+  DWORD LockPrefixTable;
+  DWORD MaximumAllocationSize;
+  DWORD VirtualMemoryThreshold;
+  DWORD ProcessHeapFlags;
+  DWORD ProcessAffinityMask;
+  WORD CSDVersion;
+  WORD Reserved1;
+  DWORD EditList;
+  DWORD SecurityCookie;
+  DWORD SEHandlerTable;
+  DWORD SEHandlerCount;
 
   // Fields available in v8.1+ of the Windows SDK.
-  DWORD   GuardCFCheckFunctionPointer;    // VA
-  DWORD   Reserved2;
-  DWORD   GuardCFFunctionTable;           // VA
-  DWORD   GuardCFFunctionCount;
-  DWORD   GuardFlags;
+  DWORD GuardCFCheckFunctionPointer;
+  DWORD GuardCFDispatchFunctionPointer;
+  DWORD GuardCFFunctionTable;
+  DWORD GuardCFFunctionCount;
+  DWORD GuardFlags;
 
-  // Fields available in v10.0+ of the Windows SDK.
+  // Fields available in v10.0.10586.0+ of the Windows SDK.
   IMAGE_LOAD_CONFIG_CODE_INTEGRITY CodeIntegrity;
-  DWORD GuardAddressTakenIatEntryTable;  // VA
+  DWORD GuardAddressTakenIatEntryTable;
   DWORD GuardAddressTakenIatEntryCount;
-  DWORD GuardLongJumpTargetTable;  // VA
+  DWORD GuardLongJumpTargetTable;
   DWORD GuardLongJumpTargetCount;
-  DWORD DynamicValueRelocTable;  // VA
-  DWORD HybridMetadataPointer;
+  DWORD DynamicValueRelocTable;
+  DWORD CHPEMetadataPointer;
+
+  // Fields available in the v10.0.15063.468+ of the SDK.
+  DWORD GuardRFFailureRoutine;
+  DWORD GuardRFFailureRoutineFunctionPointer;
+  DWORD DynamicValueRelocTableOffset;
+  WORD DynamicValueRelocTableSection;
+  WORD Reserved2;
+  DWORD GuardRFVerifyStackPointerFunctionPointer;
+  DWORD HotPatchTableOffset;
 };
 
 // An enum mapping the size of a given IMAGE_LOAD_CONFIG_DIRECTORY structure
@@ -91,7 +101,10 @@ enum LoadConfigDirectoryVersion {
   kLoadConfigDirectorySize100NoCFG =
       offsetof(LoadConfigDirectory, GuardAddressTakenIatEntryTable),
   // Corresponds to the full version 10.0 of the Windows SDK.
-  kLoadConfigDirectorySize100 = sizeof(LoadConfigDirectory),
+  kLoadConfigDirectorySize10010586 =
+      offsetof(LoadConfigDirectory, GuardRFFailureRoutine),
+  // Corresponds to the full version 10.0.10586 of the Windows SDK.
+  kLoadConfigDirectorySize10015063 = sizeof(LoadConfigDirectory),
 };
 
 };  // namespace pe