Reputation: 6162
Google Chrome Crash Report Analysis
I am new to the field of crash analysis. I recently, by accident, happened to crash Google Chrome. I do not know the reason as to why the crash really happened. I'd like to know it in depth though.
When the crash happened, there was a Crash report that was generated. I have saved that report in a text file on my system, as I did not know what to do with it at the out start.
Now I have heard people in the info sec world talk about things like, analyzing and reversing a crash dump, fuzzing a crash dump etc. and trying to reproduce the crash.
I am interested in understanding how these things are done and in the first place what they actually are. I need help with resources that can help me understand how to analyze and reproduce a crash etc. I happened to come across: -Chrome: Found a crash, is it a security vulnerability? and Best way to triage crashes found via fuzzing, on Linux? but these resources seemed a bit advance and not very basic. Also googling up gave me some resources of how to analyze a BSOD in Windows, but I could not find anything relevant for Google Chrome Crash Analysis.
Please help provide some good resources where I can understand these concepts.
My Platform is Mac OSX 10.9.2 and my Google Chrome is Version 35.0.1916.153.
Upvotes: 1
Views: 1723
Answers (1)
Reputation: 1457
Im afraid this is a broad topic. For a head start, read about use after free , index out of read/write class of bugs. These are the most common in browsers.
By reproducing they mean you do the same step of things which made the browser crash and see if it is crashing again. Like lets say opening a malformed HTML/PDF/Font (or any browser input, there are many many more file types.) If you could reproduce the crash, you could attach Chrome to a debugger and check the registers at the time of crash.
To know if the crash is of any use, see this particular question on SE. For OSX, there is an amazing tool called Crashwrangler by Apple itself. If Crashwrangler reports the crash as exploitable, it is a definite security bug. Else you would need to do manual analysis to reach a conclusion. For this you need some knowledge about assembly language and software exploitation. OpenSecurityTraining has some amazing content on this. I highly recommend it. Start with x86 Assembly on the beginner section and finally MOV to reverse engineering. It is important to know how the stack is laid out in the memory and registers to understand a crash dump. I wish you all the best in the journey. Hope this helps.
Upvotes: 1
Related Questions
- How do I debug chrome extensions?
- Debugging Chrome Crashpad crash report from Mac
- Chrome profiling - how to narrow down what happened?
- Where to start debugging and analyzing crashes
- Crash Google Chrome for debugging
- How to read a google chrome crash dump with windbg
- How to debug a Chrome browser extension which is crashing?
- When debugging JavaScript using the Chrome developer tools, what information can I use to diagnose a site crash?
- Looking for an info on the chrome's debugger
- chrome developer tools, what's loading?