From f215e02bf85f68d3a6106c2a1f4f7f063f819064 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Thu, 11 Apr 2024 10:17:27 +0200
Subject: Adding upstream version 7.0.14-dfsg.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 .../common/compiler/vcc/stack-except-vcc.cpp       | 106 +++++++++++++++++++++
 1 file changed, 106 insertions(+)
 create mode 100644 src/VBox/Runtime/common/compiler/vcc/stack-except-vcc.cpp

(limited to 'src/VBox/Runtime/common/compiler/vcc/stack-except-vcc.cpp')

diff --git a/src/VBox/Runtime/common/compiler/vcc/stack-except-vcc.cpp b/src/VBox/Runtime/common/compiler/vcc/stack-except-vcc.cpp
new file mode 100644
index 00000000..13ea35b1
--- /dev/null
+++ b/src/VBox/Runtime/common/compiler/vcc/stack-except-vcc.cpp
@@ -0,0 +1,106 @@
+/* $Id: stack-except-vcc.cpp $ */
+/** @file
+ * IPRT - Visual C++ Compiler - Stack Checking, __GSHandlerCheck.
+ */
+
+/*
+ * Copyright (C) 2022-2023 Oracle and/or its affiliates.
+ *
+ * This file is part of VirtualBox base platform packages, as
+ * available from https://www.virtualbox.org.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation, in version 3 of the
+ * License.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <https://www.gnu.org/licenses>.
+ *
+ * The contents of this file may alternatively be used under the terms
+ * of the Common Development and Distribution License Version 1.0
+ * (CDDL), a copy of it is provided in the "COPYING.CDDL" file included
+ * in the VirtualBox distribution, in which case the provisions of the
+ * CDDL are applicable instead of those of the GPL.
+ *
+ * You may elect to license modified versions of this file under the
+ * terms and conditions of either the GPL or the CDDL or both.
+ *
+ * SPDX-License-Identifier: GPL-3.0-only OR CDDL-1.0
+ */
+
+
+/*********************************************************************************************************************************
+*   Header Files                                                                                                                 *
+*********************************************************************************************************************************/
+#include "internal/nocrt.h"
+
+#include "except-vcc.h"
+
+
+#if !defined(RT_ARCH_AMD64)
+# error "This file is for AMD64 (and probably ARM, but needs porting)"
+#endif
+
+
+
+/**
+ * Check the stack cookie before calling the exception handler.
+ *
+ * This is to prevent attackers from bypassing stack cookie checking by
+ * triggering an exception.
+ *
+ * This does not call any C++ exception handlers, as it's probably (still
+ * figuring this stuff out) only used when C++ exceptions are disabled.
+ *
+ * @returns Exception disposition.
+ * @param   pXcptRec    The exception record.
+ * @param   pXcptRegRec The exception registration record, taken to be the frame
+ *                      address.
+ * @param   pCpuCtx     The CPU context for the exception.
+ * @param   pDispCtx    Dispatcher context.
+ */
+extern "C" __declspec(guard(suppress))
+EXCEPTION_DISPOSITION __GSHandlerCheck(PEXCEPTION_RECORD pXcptRec, PEXCEPTION_REGISTRATION_RECORD pXcptRegRec,
+                                       PCONTEXT pCpuCtx, PDISPATCHER_CONTEXT pDispCtx)
+{
+    RT_NOREF(pXcptRec, pCpuCtx);
+
+    /*
+     * Only GS handler data here.
+     */
+    PCGS_HANDLER_DATA pHandlerData = (PCGS_HANDLER_DATA)pDispCtx->HandlerData;
+
+    /*
+     * Locate the stack cookie and call the regular stack cookie checker routine.
+     * (Same code as in __GSHandlerCheck_SEH, fixes applies both places.)
+     */
+    /* Calculate the cookie address and read it. */
+    uintptr_t uPtrFrame = (uintptr_t)pXcptRegRec;
+    uint32_t  offCookie = pHandlerData->u.offCookie;
+    if (offCookie & GS_HANDLER_OFF_COOKIE_HAS_ALIGNMENT)
+    {
+        uPtrFrame += pHandlerData->offAlignedBase;
+        uPtrFrame &= ~(uintptr_t)pHandlerData->uAlignmentMask;
+    }
+    uintptr_t uCookie = *(uintptr_t const *)(uPtrFrame + (int32_t)(offCookie & GS_HANDLER_OFF_COOKIE_MASK));
+
+    /* The stored cookie is xor'ed with the frame / registration record address
+       or with the frame pointer register if one is being used.  In the latter
+       case, we have to add the frame offset to get the correct address. */
+    uintptr_t uXorAddr = (uintptr_t)pXcptRegRec;
+    PCIMAGE_UNWIND_INFO pUnwindInfo = (PCIMAGE_UNWIND_INFO)(pDispCtx->ImageBase + pDispCtx->FunctionEntry->UnwindInfoAddress);
+    if (pUnwindInfo->FrameRegister != 0)
+        uXorAddr += pUnwindInfo->FrameOffset << 4;
+
+    /* This call will not return on failure. */
+    __security_check_cookie(uCookie ^ uXorAddr);
+
+    return ExceptionContinueSearch;
+}
+
-- 
cgit v1.2.3