Handle program strings with the assignment operator smashed against the next

token. Patch by Benjamin Smedberg <bsmedberg@gmail.com> git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@926 4c0a9323-5329-0410-9bdc-e9ce6186880e
2025-02-02 08:51:00 +00:00 · 2012-02-23 22:41:36 +00:00 · 2012-02-23 22:41:36 +00:00 · 26c31918f7
parent 907f95c5bd
commit 26c31918f7
3 changed files with 152 additions and 121 deletions
--- a/src/processor/postfix_evaluator-inl.h
+++ b/src/processor/postfix_evaluator-inl.h
@ -67,13 +67,10 @@ class AutoStackClearer {


 template<typename ValueType>
-bool PostfixEvaluator<ValueType>::EvaluateInternal(
+bool PostfixEvaluator<ValueType>::EvaluateToken(
+    const string &token,
    const string &expression,
    DictionaryValidityType *assigned) {
-  // Tokenize, splitting on whitespace.
-  istringstream stream(expression);
-  string token;
-  while (stream >> token) {
  // There are enough binary operations that do exactly the same thing
  // (other than the specific operation, of course) that it makes sense
  // to share as much code as possible.
@ -201,6 +198,33 @@ bool PostfixEvaluator<ValueType>::EvaluateInternal(
    // a string.
    stack_.push_back(token);
  }
+  return true;
+}
+
+template<typename ValueType>
+bool PostfixEvaluator<ValueType>::EvaluateInternal(
+    const string &expression,
+    DictionaryValidityType *assigned) {
+  // Tokenize, splitting on whitespace.
+  istringstream stream(expression);
+  string token;
+  while (stream >> token) {
+    // Normally, tokens are whitespace-separated, but occasionally, the
+    // assignment operator is smashed up against the next token, i.e.
+    // $T0 $ebp 128 + =$eip $T0 4 + ^ =$ebp $T0 ^ =
+    // This has been observed in program strings produced by MSVS 2010 in LTO
+    // mode.
+    if (token.size() > 1 && token[0] == '=') {
+      if (!EvaluateToken("=", expression, assigned)) {
+        return false;
+      }
+
+      if (!EvaluateToken(token.substr(1), expression, assigned)) {
+        return false;
+      }
+    } else if (!EvaluateToken(token, expression, assigned)) {
+      return false;
+    }
  }

  return true;
--- a/src/processor/postfix_evaluator.h
+++ b/src/processor/postfix_evaluator.h
@ -153,6 +153,10 @@ class PostfixEvaluator {
  bool EvaluateInternal(const string &expression,
                        DictionaryValidityType *assigned);

+  bool EvaluateToken(const string &token,
+                     const string &expression,
+                     DictionaryValidityType *assigned);
+
  // The dictionary mapping constant and variable identifiers (strings) to
  // values.  Keys beginning with '$' are treated as variable names, and
  // PostfixEvaluator is free to create and modify these keys.  Weak pointer.
--- a/src/processor/postfix_evaluator_unittest.cc
+++ b/src/processor/postfix_evaluator_unittest.cc
@ -150,6 +150,7 @@ static bool RunTests() {
    { "$rDivM 9 6 % =",    true },   // $rDivM = 9 % 6 = 3
    { "$rDeref 9 ^ =",     true },   // $rDeref = ^9 = 10 (FakeMemoryRegion)
    { "$rAlign 36 8 @ =",  true },   // $rAlign = 36 @ 8
+    { "$rAdd3 2 2 + =$rMul2 9 6 * =", true } // smashed-equals tokenization
  };
  map<string, unsigned int> validate_data_0;
  validate_data_0["$rAdd"]   = 8;
@ -160,6 +161,8 @@ static bool RunTests() {
  validate_data_0["$rDivM"]  = 3;
  validate_data_0["$rDeref"] = 10;
  validate_data_0["$rAlign"] = 32;
+  validate_data_0["$rAdd3"]  = 4;
+  validate_data_0["$rMul2"]  = 54;

  // The second test set simulates a couple of MSVC program strings.
  // The data is fudged a little bit because the tests use FakeMemoryRegion