Handle out of memory in GrowableIOBuffer more gracefully....

net/http/http_stream_parser.cc

Index: net/http/http_stream_parser.cc
===================================================================
--- net/http/http_stream_parser.cc	(revision 30229)
+++ net/http/http_stream_parser.cc	(working copy)
@@ -208,8 +208,10 @@
   io_state_ = STATE_READ_HEADERS_COMPLETE;
 
   // Grow the read buffer if necessary.
-  if (read_buf_->RemainingCapacity() == 0)
-    read_buf_->set_capacity(read_buf_->capacity() + kHeaderBufInitialSize);
+  if (read_buf_->RemainingCapacity() == 0) {
+    if (!read_buf_->SetCapacity(read_buf_->capacity() + kHeaderBufInitialSize))
+      return ERR_OUT_OF_MEMORY;
+  }
 
   // http://crbug.com/16371: We're seeing |user_buf_->data()| return NULL.
   // See if the user is passing in an IOBuffer with a NULL |data_|.
@@ -300,7 +302,8 @@
                   read_buf_->StartOfBuffer() + read_buf_unused_offset_,
                   extra_bytes);
         }
-        read_buf_->set_capacity(extra_bytes);
+        // Ok if this fails, since it only shrinks the buffer.

[wtc, 2009/10/27 22:42:10]

Sorry, I just realized that if this fails, the original
capacity will be wrong.  So please change the comment back
to your orignal comment.

[wtc, 2009/10/28 01:38:44]

The memmove call at line 301 above moves extra_bytes of data
to the beginning of read_buf_.

This suggests to me that the first extra_bytes of data in
read_buf_ will be used later.  How do we know how many
of bytes of extra data are in read_buf_?

Do we call read_buf_->capacity()?  If so,
read_buf_->capacity() needs to return extra_bytes,
and a read_buf_->SetCapacity(extra_bytes) failure
will be problematic.

Or do we compute read_buf_->offset() - read_buf_unused_offset_?
If so, then it seems that we should also call
  read_buf_->set_offset(extra_bytes);
here so that read_buf_->offset() - read_buf_unused_offset_
will be extra_bytes.

[vandebo (ex-Chrome), 2009/10/28 01:44:54]

Ahh, indeed you are correct.  I will change it back to the previous comment.

[wtc, 2009/10/28 01:55:29]

I found that the
  read_buf_->set_offset(extra_bytes);
call that I suggested is taken care of by
read_buf_->SetCapacity(extra_bytes).

I have to admit I don't know the code very well.

+        read_buf_->SetCapacity(extra_bytes);
         read_buf_unused_offset_ = 0;
         return OK;
       }
@@ -324,12 +327,12 @@
              bytes_read);
       read_buf_unused_offset_ += bytes_read;
       if (bytes_read == available) {
-        read_buf_->set_capacity(0);
+        read_buf_->SetCapacity(0);
         read_buf_unused_offset_ = 0;
       }
       return bytes_read;
     } else {
-      read_buf_->set_capacity(0);
+      read_buf_->SetCapacity(0);
       read_buf_unused_offset_ = 0;
     }
   }
@@ -384,11 +387,18 @@
         result -= save_amount;
     }
     if (read_buf_->capacity() < save_amount + additional_save_amount) {
-      read_buf_->set_capacity(save_amount + additional_save_amount);
+      if (!read_buf_->SetCapacity(save_amount + additional_save_amount)) {
+        // This response is ok, but we weren't able to copy the extra data,
+        // so close the connection so that it is not reused.
+        connection_->socket()->Disconnect();
+        connection_->Reset();
+        read_buf_unused_offset_ = -1;  // So that IsMoreDataBuffered works.
+        return result;
+      }
     }
     if (save_amount) {
       memcpy(read_buf_->StartOfBuffer(), user_read_buf_->data() + result,
-              save_amount);
+             save_amount);
       read_buf_->set_offset(save_amount);
     }
     if (additional_save_amount) {