From dc07b92e9f0f5e7f87acca995ce36f3d4ee03553 Mon Sep 17 00:00:00 2001
From: an7s <an7s@git.zephyr-software.com>
Date: Mon, 1 May 2017 19:38:38 +0000
Subject: [PATCH] pre-refactoring

---
 .gitattributes                        |   1 +
 datashadow/datashadow_callbacks.c.sav | 189 ++++++++++++++++++++++++++
 2 files changed, 190 insertions(+)
 create mode 100644 datashadow/datashadow_callbacks.c.sav

diff --git a/.gitattributes b/.gitattributes
index 2f1d8b6..bda4898 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -21,6 +21,7 @@ datashadow/catch.hpp -text
 datashadow/datashadow.c -text
 datashadow/datashadow.h -text
 datashadow/datashadow_callbacks.c -text
+datashadow/datashadow_callbacks.c.sav -text
 datashadow/test_datashadow.cpp -text
 example/Makefile.in -text
 example/callback.c -text
diff --git a/datashadow/datashadow_callbacks.c.sav b/datashadow/datashadow_callbacks.c.sav
new file mode 100644
index 0000000..858d777
--- /dev/null
+++ b/datashadow/datashadow_callbacks.c.sav
@@ -0,0 +1,189 @@
+/*
+ * Function pointer/data shadowing
+ */
+
+#include <stdlib.h>
+
+#ifdef STRATA
+#include "all.h"
+#include "../insn.h"
+
+// possible policies expressed as strings passed on the strata command line
+#define DETECTOR_POLICY_EXIT_STRING         "exit"
+#define DETECTOR_POLICY_CONTINUE_STRING     "continue"
+static char strata_detector_policy_str[128]; // "exit" or "continue"
+
+// specifies policy when detector triggers
+static int strata_detector_policy = P_CONTROLLED_EXIT; 
+
+__attribute__ ((externally_visible)) __attribute((used)) void fptr_shadow_define_64(void *p_retAddress, reg_values_t *p_rv, void *p_instrumented, int p_shadowIndex, void *p_shadowValue);
+__attribute__ ((externally_visible)) __attribute((used)) void fptr_shadow_check_64(void *p_retAddress, reg_values_t *p_rv, void *p_instrumented, int p_shadowIndex, void **p_shadowValue); 
+
+#endif
+
+//
+// When writing a callback handler/detector
+//
+// argument #1   :  return address
+// argument #2   :  register data structure
+// argument #3..#6:  optional set of args specific to the callback handler 
+//
+
+#define MAX_DIAGNOSTIC_SIZE 1024
+
+/*
+typedef struct
+{
+        int edi;
+        int esi;
+        int ebp;
+        int esp_dummy;
+        int ebx;
+        int edx;
+        int ecx; 
+        int eax;
+        int flags;
+} reg_values_t;
+*/
+
+/*  the registers are saved onto the stack in this order */
+typedef struct reg_values reg_values_t;
+struct reg_values
+{
+    size_t flags;
+    size_t r15;
+    size_t r14;
+    size_t r13;
+    size_t r12;
+    size_t r11;
+    size_t r10;
+    size_t r9;
+    size_t r8;
+    size_t rax;
+    size_t rbx;
+    size_t rcx;
+    size_t rdx;
+    size_t rsi;
+    size_t rdi;
+    size_t rbp;
+    size_t rsp;
+};
+
+#ifdef STRATA
+// leave this function so that the linker includes this file
+void data_shadow_init()
+{
+}
+
+static void getDiagnostics(char *p_diagnostic, int p_shadowIndex, void* p_shadow, char *p_msg) 
+{
+        strata_sprintf(p_msg, "diagnosis:%s shadowid:%d shadowval:0x%p",
+                p_diagnostic,
+                p_shadowIndex,
+                p_shadow);
+}
+#endif
+
+static void my_strcpy(char *dest, char *src)
+{
+	if (!src) return;
+	while(*dest++ = *src++); 
+}
+
+
+// void signedness_detector_signed(void *p_retAddress, reg_values_t *p_rv, void* p_addressTruncated, volatile long int p_policy)
+// shadowMap[p_shadowIndex] = p_shadowValue
+// add to multi-valued table
+//void fptr_shadow_define_64(void *p_retAddress, reg_values_t *p_rv, void *p_instrumented, int p_shadowIndex, void *p_shadowValue) 
+void fptr_shadow_define_64(void *p_retAddress, void *p_instrumented, int p_shadowIndex, void *p_shadowValue) 
+{
+	char msg[MAX_DIAGNOSTIC_SIZE];
+
+	add_shadow_entry(p_shadowIndex, p_shadowValue);		
+
+#ifdef STRATA
+	strata_sprintf(msg,"FPTRSHADOW:DEFINE shadowid[%d] shadowvalue[0x%p]\n", p_shadowIndex, p_shadowValue);
+
+	detected_error(CWE_NONE, CWE_NONE, E_FPTR_OVERWRITE, msg, D_BUFFER, P_CONTINUE_EXECUTION);
+#else
+	// @todo: print first and last element of p_rv and see what we get
+	// verify against pushed values in the transform
+#ifdef DEBUG
+	my_strcpy(msg, "FPTRSHADOW:DEFINE "); 
+	my_strcpy(&msg[strlen(msg)], " retaddress: ");
+	itox(p_retAddress, &msg[strlen(msg)]);
+	my_strcpy(&msg[strlen(msg)], " instrumented: ");
+	itox(p_instrumented, &msg[strlen(msg)]);
+	my_strcpy(&msg[strlen(msg)], "  shadowid: ");
+	itox(p_shadowIndex, &msg[strlen(msg)]);
+	my_strcpy(&msg[strlen(msg)], "  value: ");
+	itox(p_shadowValue, &msg[strlen(msg)]);
+	my_strcpy(&msg[strlen(msg)], " \n");
+	write(2, msg, strlen(msg));
+#endif
+
+#endif
+}
+
+// check to make sure values match
+//void fptr_shadow_check_64(void *p_retAddress, reg_values_t *p_rv, void *p_instrumented, int p_shadowIndex, void **p_shadow)
+void fptr_shadow_check_64(void *p_retAddress, void *p_instrumented, int p_shadowIndex, void **p_shadow)
+{
+	char msg[MAX_DIAGNOSTIC_SIZE];
+	void *restored;
+	int count = 0;
+
+#ifdef STRATA
+	strata_sprintf(msg, "FPTRSHADOW:CHECK shadowid[%d] value[0x%p]\n", p_shadowIndex, *p_shadow);
+	detected_error(CWE_NONE, CWE_NONE, E_FPTR_OVERWRITE, msg, D_BUFFER, P_CONTINUE_EXECUTION);
+#else
+
+#ifdef DEBUG
+	my_strcpy(msg, "FPTRSHADOW:CHECK: ");
+	my_strcpy(&msg[strlen(msg)], " retaddress: ");
+	itox(p_retAddress, &msg[strlen(msg)]);
+	my_strcpy(&msg[strlen(msg)], " instrumented: ");
+	itox(p_instrumented, &msg[strlen(msg)]);
+	my_strcpy(&msg[strlen(msg)], "  shadowid: ");
+	itox(p_shadowIndex, &msg[strlen(msg)]);
+	my_strcpy(&msg[strlen(msg)], "  shadowValue: ");
+	itox(*p_shadow, &msg[strlen(msg)]);
+	my_strcpy(&msg[strlen(msg)], " \n");
+	write(2, msg, strlen(msg));
+#endif
+
+#endif
+
+	int success = check_shadow_value(p_shadowIndex, *p_shadow, &restored, &count);
+	if (!success) {
+		// oh oh, need to restore
+#ifdef STRATA
+		strata_sprintf(msg,"FPTRSHADOW:CHECK shadowid[%d] value[0x%p] restored[0x%p] #[%d]", p_shadowIndex, *p_shadow, restored, count);
+#endif
+		*p_shadow = restored; 
+#ifdef STRATA
+		detected_error(CWE_NONE, CWE_NONE, E_FPTR_OVERWRITE, msg, D_BUFFER, P_CONTINUE_EXECUTION);
+#else
+		my_strcpy(msg, "Warning: overwrite of function pointer detected -- restoring saved value: 0x");
+		itox(*p_shadow, &msg[strlen(msg)]);
+		my_strcpy(&msg[strlen(msg)], " \n");
+		write(2, msg, strlen(msg));
+#endif
+	}
+	else
+	{
+#ifdef STRATA
+		strata_sprintf(msg,"FPTRSHADOW:OK shadowid[%d] value[0x%p] shadow[0x%p] #[%d]", p_shadowIndex, *p_shadow, restored, count);
+		detected_error(CWE_NONE, CWE_NONE, E_FPTR_OVERWRITE, msg, D_BUFFER, P_CONTINUE_EXECUTION);
+#else
+#ifdef DEBUG
+	my_strcpy(msg, "FPTRSHADOW: OK: ");
+	my_strcpy(&msg[strlen(msg)], " shadowValue: ");
+	itox(*p_shadow, &msg[strlen(msg)]);
+	my_strcpy(&msg[strlen(msg)], " \n");
+	write(2, msg, strlen(msg));
+#endif
+#endif
+	}
+}
+
-- 
GitLab