Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3b7c584f authored by Elliott Hughes's avatar Elliott Hughes Committed by Android Git Automerger
Browse files

am 910b7a8b: am 17361134: Merge "Add a "smash-stack" option to crasher." 

# Via Android Git Automerger (1) and others
* commit '910b7a8b':
  Add a "smash-stack" option to crasher.
parents 4869a68d 910b7a8b

debuggerd/Android.mk

+1 −0
Original line number Diff line number Diff line
@@ -37,6 +37,7 @@ LOCAL_SRC_FILES += $(TARGET_ARCH)/crashglue.S 
LOCAL_MODULE := crasher

LOCAL_MODULE_PATH := $(TARGET_OUT_OPTIONAL_EXECUTABLES)

LOCAL_MODULE_TAGS := optional

LOCAL_CFLAGS += -fstack-protector-all

#LOCAL_FORCE_STATIC_EXECUTABLE := true

LOCAL_SHARED_LIBRARIES := libcutils libc

include $(BUILD_EXECUTABLE)

debuggerd/crasher.c

+13 −0
Original line number Diff line number Diff line
@@ -35,6 +35,18 @@ static void debuggerd_connect() 
    }

}



int smash_stack(int i) {

    printf("crasher: deliberately corrupting stack...\n");

    // Unless there's a "big enough" buffer on the stack, gcc

    // doesn't bother inserting checks.

    char buf[8];

    // If we don't write something relatively unpredicatable

    // into the buffer and then do something with it, gcc

    // optimizes everything away and just returns a constant.

    *(int*)(&buf[7]) = (uintptr_t) &buf[0];

    return *(int*)(&buf[0]);

}



void test_call1()

{

    *((int*) 32) = 1;
@@ -95,6 +107,7 @@ int do_action(const char* arg) 
        return do_action_on_thread(arg + strlen("thread-"));

    }



    if(!strcmp(arg,"smash-stack")) return smash_stack(42);

    if(!strcmp(arg,"nostack")) crashnostack();

    if(!strcmp(arg,"ctest")) return ctest();

    if(!strcmp(arg,"exit")) exit(1);