7 #define DEFAULT_SECURITY_COOKIE 0x00002B992DDFA232ll
9 #define DEFAULT_SECURITY_COOKIE 0xBB40E64E
14 PRUNTIME_FUNCTION
RtlLookupFunctionEntry (ULONG64
, PULONG64
, PVOID
);
15 PVOID
RtlVirtualUnwind (ULONG HandlerType
, ULONG64
, ULONG64
, PRUNTIME_FUNCTION
,
16 PCONTEXT
, PVOID
*, PULONG64
, PKNONVOLATILE_CONTEXT_POINTERS
);
19 typedef LONG NTSTATUS
;
21 #define STATUS_STACK_BUFFER_OVERRUN ((NTSTATUS)0xC0000409L)
25 unsigned __int64 ft_scalar
;
29 static EXCEPTION_RECORD GS_ExceptionRecord
;
30 static CONTEXT GS_ContextRecord
;
32 static const EXCEPTION_POINTERS GS_ExceptionPointers
= {
33 &GS_ExceptionRecord
,&GS_ContextRecord
36 __declspec(selectany
) UINT_PTR __security_cookie
= DEFAULT_SECURITY_COOKIE
;
37 __declspec(selectany
) UINT_PTR __security_cookie_complement
= ~(DEFAULT_SECURITY_COOKIE
);
40 __security_init_cookie (void)
44 LARGE_INTEGER perfctr
;
46 if (__security_cookie
!= DEFAULT_SECURITY_COOKIE
)
48 __security_cookie_complement
= ~__security_cookie
;
52 GetSystemTimeAsFileTime (&systime
.ft_struct
);
54 cookie
= systime
.ft_scalar
;
56 cookie
= systime
.ft_struct
.dwLowDateTime
;
57 cookie
^= systime
.ft_struct
.dwHighDateTime
;
60 cookie
^= GetCurrentProcessId ();
61 cookie
^= GetCurrentThreadId ();
62 cookie
^= GetTickCount ();
64 QueryPerformanceCounter (&perfctr
);
66 cookie
^= perfctr
.QuadPart
;
68 cookie
^= perfctr
.LowPart
;
69 cookie
^= perfctr
.HighPart
;
73 cookie
&= 0x0000ffffffffffffll
;
76 if (cookie
== DEFAULT_SECURITY_COOKIE
)
77 cookie
= DEFAULT_SECURITY_COOKIE
+ 1;
78 __security_cookie
= cookie
;
79 __security_cookie_complement
= ~cookie
;
82 __declspec(noreturn
) void __cdecl
83 __report_gsfailure (ULONGLONG StackCookie
)
85 volatile UINT_PTR cookie
[2];
87 ULONG64 controlPC
, imgBase
, establisherFrame
;
88 PRUNTIME_FUNCTION fctEntry
;
94 RtlCaptureContext (&GS_ContextRecord
);
95 controlPC
= GS_ContextRecord
.Rip
;
96 fctEntry
= RtlLookupFunctionEntry (controlPC
, &imgBase
, NULL
);
99 RtlVirtualUnwind (UNW_FLAG_NHANDLER
, imgBase
, controlPC
, fctEntry
,
100 &GS_ContextRecord
, &hndData
, &establisherFrame
, NULL
);
106 GS_ContextRecord
.Rip
= (ULONGLONG
) __builtin_return_address (0);
107 GS_ContextRecord
.Rsp
= (ULONGLONG
) __builtin_frame_address (0) + 8;
109 GS_ContextRecord
.Eip
= (DWORD
) __builtin_return_address (0);
110 GS_ContextRecord
.Esp
= (DWORD
) __builtin_frame_address (0) + 4;
115 GS_ExceptionRecord
.ExceptionAddress
= (PVOID
) GS_ContextRecord
.Rip
;
116 GS_ContextRecord
.Rcx
= StackCookie
;
118 GS_ExceptionRecord
.ExceptionAddress
= (PVOID
) GS_ContextRecord
.Eip
;
119 GS_ContextRecord
.Ecx
= StackCookie
;
121 GS_ExceptionRecord
.ExceptionCode
= STATUS_STACK_BUFFER_OVERRUN
;
122 GS_ExceptionRecord
.ExceptionFlags
= EXCEPTION_NONCONTINUABLE
;
123 cookie
[0] = __security_cookie
;
124 cookie
[1] = __security_cookie_complement
;
125 SetUnhandledExceptionFilter (NULL
);
126 UnhandledExceptionFilter ((EXCEPTION_POINTERS
*) &GS_ExceptionPointers
);
127 TerminateProcess (GetCurrentProcess (), STATUS_STACK_BUFFER_OVERRUN
);