| huangs | 062026a1 | 2017-10-05 16:26:05 | [diff] [blame^] | 1 | // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #include "chrome/installer/zucchini/reloc_utils.h" |
| 6 | |
| 7 | #include <algorithm> |
| 8 | #include <tuple> |
| 9 | #include <utility> |
| 10 | |
| 11 | #include "base/numerics/safe_conversions.h" |
| 12 | #include "chrome/installer/zucchini/algorithm.h" |
| 13 | #include "chrome/installer/zucchini/io_utils.h" |
| 14 | #include "chrome/installer/zucchini/type_win_pe.h" |
| 15 | |
| 16 | #include "base/logging.h" |
| 17 | |
| 18 | namespace zucchini { |
| 19 | |
| 20 | /******** RelocUnitWin32 ********/ |
| 21 | |
| 22 | RelocUnitWin32::RelocUnitWin32() = default; |
| 23 | RelocUnitWin32::RelocUnitWin32(uint8_t type_in, |
| 24 | offset_t location_in, |
| 25 | rva_t target_rva_in) |
| 26 | : type(type_in), location(location_in), target_rva(target_rva_in) {} |
| 27 | |
| 28 | bool operator==(const RelocUnitWin32& a, const RelocUnitWin32& b) { |
| 29 | return std::tie(a.type, a.location, a.target_rva) == |
| 30 | std::tie(b.type, b.location, b.target_rva); |
| 31 | } |
| 32 | |
| 33 | /******** RelocRvaReaderWin32 ********/ |
| 34 | |
| 35 | // static |
| 36 | bool RelocRvaReaderWin32::FindRelocBlocks( |
| 37 | ConstBufferView image, |
| 38 | BufferRegion reloc_region, |
| 39 | std::vector<offset_t>* reloc_block_offsets) { |
| 40 | CHECK_LT(reloc_region.size, kOffsetBound); |
| 41 | ConstBufferView reloc_data = image[reloc_region]; |
| 42 | reloc_block_offsets->clear(); |
| 43 | while (reloc_data.size() >= sizeof(pe::RelocHeader)) { |
| 44 | reloc_block_offsets->push_back(reloc_data.begin() - image.begin()); |
| 45 | auto size = reloc_data.read<pe::RelocHeader>(0).size; |
| 46 | // |size| must be aligned to 4-bytes. |
| 47 | if (size < sizeof(pe::RelocHeader) || size % 4 || size > reloc_data.size()) |
| 48 | return false; |
| 49 | reloc_data.remove_prefix(size); |
| 50 | } |
| 51 | return reloc_data.empty(); // Fail if trailing data exist. |
| 52 | } |
| 53 | |
| 54 | RelocRvaReaderWin32::RelocRvaReaderWin32( |
| 55 | ConstBufferView image, |
| 56 | BufferRegion reloc_region, |
| 57 | const std::vector<offset_t>& reloc_block_offsets, |
| 58 | offset_t lo, |
| 59 | offset_t hi) |
| 60 | : image_(image) { |
| 61 | CHECK_LE(lo, hi); |
| 62 | lo = base::checked_cast<offset_t>(reloc_region.InclusiveClamp(lo)); |
| 63 | hi = base::checked_cast<offset_t>(reloc_region.InclusiveClamp(hi)); |
| 64 | end_it_ = image_.begin() + hi; |
| 65 | |
| 66 | // By default, get GetNext() to produce empty output. |
| 67 | cur_reloc_units_ = BufferSource(end_it_, 0); |
| 68 | if (reloc_block_offsets.empty()) |
| 69 | return; |
| 70 | |
| 71 | // Find the block that contains |lo|. |
| 72 | auto block_it = std::upper_bound(reloc_block_offsets.begin(), |
| 73 | reloc_block_offsets.end(), lo); |
| 74 | DCHECK(block_it != reloc_block_offsets.begin()); |
| 75 | --block_it; |
| 76 | |
| 77 | // Initialize |cur_reloc_units_| and |rva_hi_bits_|. |
| 78 | if (!LoadRelocBlock(image_.begin() + *block_it)) |
| 79 | return; // Nothing left. |
| 80 | |
| 81 | // Skip |cur_reloc_units_| to |lo|, truncating up. |
| 82 | offset_t cur_reloc_units_offset = cur_reloc_units_.begin() - image_.begin(); |
| 83 | if (lo > cur_reloc_units_offset) { |
| 84 | offset_t delta = |
| 85 | ceil<offset_t>(lo - cur_reloc_units_offset, kRelocUnitSize); |
| 86 | cur_reloc_units_.Skip(delta); |
| 87 | } |
| 88 | } |
| 89 | |
| 90 | RelocRvaReaderWin32::RelocRvaReaderWin32(RelocRvaReaderWin32&&) = default; |
| 91 | |
| 92 | RelocRvaReaderWin32::~RelocRvaReaderWin32() = default; |
| 93 | |
| 94 | // Unrolls a nested loop: outer = reloc blocks and inner = reloc entries. |
| 95 | base::Optional<RelocUnitWin32> RelocRvaReaderWin32::GetNext() { |
| 96 | // "Outer loop" to find non-empty reloc block. |
| 97 | while (cur_reloc_units_.Remaining() < kRelocUnitSize) { |
| 98 | if (!LoadRelocBlock(cur_reloc_units_.end())) |
| 99 | return base::nullopt; |
| 100 | } |
| 101 | if (end_it_ - cur_reloc_units_.begin() < kRelocUnitSize) |
| 102 | return base::nullopt; |
| 103 | // "Inner loop" to extract single reloc unit. |
| 104 | offset_t location = cur_reloc_units_.begin() - image_.begin(); |
| 105 | uint16_t entry = cur_reloc_units_.read<uint16_t>(0); |
| 106 | uint8_t type = static_cast<uint8_t>(entry >> 12); |
| 107 | rva_t rva = rva_hi_bits_ + (entry & 0xFFF); |
| 108 | cur_reloc_units_.Skip(kRelocUnitSize); |
| 109 | return RelocUnitWin32{type, location, rva}; |
| 110 | } |
| 111 | |
| 112 | bool RelocRvaReaderWin32::LoadRelocBlock( |
| 113 | ConstBufferView::const_iterator block_begin) { |
| 114 | ConstBufferView header_buf(block_begin, sizeof(pe::RelocHeader)); |
| 115 | if (header_buf.end() >= end_it_ || |
| 116 | end_it_ - header_buf.end() < kRelocUnitSize) { |
| 117 | return false; |
| 118 | } |
| 119 | const auto& header = header_buf.read<pe::RelocHeader>(0); |
| 120 | rva_hi_bits_ = header.rva_hi; |
| 121 | uint32_t block_size = header.size; |
| 122 | DCHECK_GE(block_size, sizeof(pe::RelocHeader)); |
| 123 | cur_reloc_units_ = BufferSource(block_begin, block_size); |
| 124 | cur_reloc_units_.Skip(sizeof(pe::RelocHeader)); |
| 125 | return true; |
| 126 | } |
| 127 | |
| 128 | /******** RelocReaderWin32 ********/ |
| 129 | |
| 130 | RelocReaderWin32::RelocReaderWin32(RelocRvaReaderWin32&& reloc_rva_reader, |
| 131 | uint16_t reloc_type, |
| 132 | offset_t offset_bound, |
| 133 | const AddressTranslator& translator) |
| 134 | : reloc_rva_reader_(std::move(reloc_rva_reader)), |
| 135 | reloc_type_(reloc_type), |
| 136 | offset_bound_(offset_bound), |
| 137 | entry_rva_to_offset_(translator) {} |
| 138 | |
| 139 | RelocReaderWin32::~RelocReaderWin32() = default; |
| 140 | |
| 141 | // ReferenceReader: |
| 142 | base::Optional<Reference> RelocReaderWin32::GetNext() { |
| 143 | for (base::Optional<RelocUnitWin32> unit = reloc_rva_reader_.GetNext(); |
| 144 | unit.has_value(); unit = reloc_rva_reader_.GetNext()) { |
| 145 | if (unit->type != reloc_type_) |
| 146 | continue; |
| 147 | offset_t target = entry_rva_to_offset_.Convert(unit->target_rva); |
| 148 | if (target == kInvalidOffset) |
| 149 | continue; |
| 150 | offset_t location = unit->location; |
| 151 | if (IsMarked(target)) { |
| 152 | LOG(WARNING) << "Warning: Skipping mark-aliased reloc target: " |
| 153 | << AsHex<8>(location) << " -> " << AsHex<8>(target) << "."; |
| 154 | continue; |
| 155 | } |
| 156 | // Ensures the target (abs32 reference) lies entirely within the image. |
| 157 | if (target >= offset_bound_) |
| 158 | continue; |
| 159 | return Reference{location, target}; |
| 160 | } |
| 161 | return base::nullopt; |
| 162 | } |
| 163 | |
| 164 | /******** RelocWriterWin32 ********/ |
| 165 | |
| 166 | RelocWriterWin32::RelocWriterWin32( |
| 167 | uint16_t reloc_type, |
| 168 | MutableBufferView image, |
| 169 | BufferRegion reloc_region, |
| 170 | const std::vector<offset_t>& reloc_block_offsets, |
| 171 | const AddressTranslator& translator) |
| 172 | : reloc_type_(reloc_type), |
| 173 | image_(image), |
| 174 | reloc_region_(reloc_region), |
| 175 | reloc_block_offsets_(reloc_block_offsets), |
| 176 | target_offset_to_rva_(translator) {} |
| 177 | |
| 178 | RelocWriterWin32::~RelocWriterWin32() = default; |
| 179 | |
| 180 | void RelocWriterWin32::PutNext(Reference ref) { |
| 181 | DCHECK_GE(ref.location, reloc_region_.lo()); |
| 182 | DCHECK_LT(ref.location, reloc_region_.hi()); |
| 183 | auto block_it = std::upper_bound(reloc_block_offsets_.begin(), |
| 184 | reloc_block_offsets_.end(), ref.location); |
| 185 | --block_it; |
| 186 | rva_t rva_hi_bits = image_.read<pe::RelocHeader>(*block_it).rva_hi; |
| 187 | rva_t target_rva = target_offset_to_rva_.Convert(ref.target); |
| 188 | rva_t rva_lo_bits = target_rva - rva_hi_bits; |
| 189 | DCHECK_EQ(rva_lo_bits & 0xFFF, rva_lo_bits); |
| 190 | image_.write<uint16_t>(ref.location, |
| 191 | (rva_lo_bits & 0xFFF) | (reloc_type_ << 12)); |
| 192 | } |
| 193 | |
| 194 | } // namespace zucchini |
