| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "webkit/plugins/ppapi/quota_file_io.h" | 5 #include "webkit/plugins/ppapi/quota_file_io.h" |
| 6 | 6 |
| 7 #include <algorithm> |
| 8 |
| 7 #include "base/stl_util.h" | 9 #include "base/stl_util.h" |
| 8 #include "base/message_loop_proxy.h" | 10 #include "base/message_loop_proxy.h" |
| 9 #include "base/task.h" | 11 #include "base/task.h" |
| 10 #include "webkit/plugins/ppapi/ppapi_plugin_instance.h" | 12 #include "webkit/plugins/ppapi/ppapi_plugin_instance.h" |
| 11 | 13 |
| 12 using base::PlatformFile; | 14 using base::PlatformFile; |
| 13 using base::PlatformFileError; | 15 using base::PlatformFileError; |
| 14 using quota::StorageType; | 16 using quota::StorageType; |
| 15 | 17 |
| 16 namespace webkit { | 18 namespace webkit { |
| (...skipping 198 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 215 // Note that this doesn't dispatch pending callbacks. | 217 // Note that this doesn't dispatch pending callbacks. |
| 216 STLDeleteContainerPointers(pending_operations_.begin(), | 218 STLDeleteContainerPointers(pending_operations_.begin(), |
| 217 pending_operations_.end()); | 219 pending_operations_.end()); |
| 218 STLDeleteContainerPointers(pending_callbacks_.begin(), | 220 STLDeleteContainerPointers(pending_callbacks_.begin(), |
| 219 pending_callbacks_.end()); | 221 pending_callbacks_.end()); |
| 220 } | 222 } |
| 221 | 223 |
| 222 bool QuotaFileIO::Write( | 224 bool QuotaFileIO::Write( |
| 223 int64_t offset, const char* buffer, int32_t bytes_to_write, | 225 int64_t offset, const char* buffer, int32_t bytes_to_write, |
| 224 WriteCallback* callback) { | 226 WriteCallback* callback) { |
| 227 if (bytes_to_write <= 0) |
| 228 return false; |
| 225 WriteOperation* op = new WriteOperation( | 229 WriteOperation* op = new WriteOperation( |
| 226 this, false, offset, buffer, bytes_to_write, callback); | 230 this, false, offset, buffer, bytes_to_write, callback); |
| 227 return RegisterOperationForQuotaChecks(op); | 231 return RegisterOperationForQuotaChecks(op); |
| 228 } | 232 } |
| 229 | 233 |
| 230 bool QuotaFileIO::SetLength(int64_t length, StatusCallback* callback) { | 234 bool QuotaFileIO::SetLength(int64_t length, StatusCallback* callback) { |
| 231 DCHECK(pending_operations_.empty()); | 235 DCHECK(pending_operations_.empty()); |
| 232 SetLengthOperation* op = new SetLengthOperation( | 236 SetLengthOperation* op = new SetLengthOperation( |
| 233 this, false, length, callback); | 237 this, false, length, callback); |
| 234 return RegisterOperationForQuotaChecks(op); | 238 return RegisterOperationForQuotaChecks(op); |
| (...skipping 118 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 353 pending_callbacks_.pop_front(); | 357 pending_callbacks_.pop_front(); |
| 354 DCHECK(pending_callbacks_.empty()); | 358 DCHECK(pending_callbacks_.empty()); |
| 355 int64_t delta = (error != base::PLATFORM_FILE_OK) ? 0 : | 359 int64_t delta = (error != base::PLATFORM_FILE_OK) ? 0 : |
| 356 new_file_size - cached_file_size_; | 360 new_file_size - cached_file_size_; |
| 357 instance_->delegate()->DidUpdateFile(file_url_, delta); | 361 instance_->delegate()->DidUpdateFile(file_url_, delta); |
| 358 inflight_operations_ = 0; | 362 inflight_operations_ = 0; |
| 359 } | 363 } |
| 360 | 364 |
| 361 } // namespace ppapi | 365 } // namespace ppapi |
| 362 } // namespace webkit | 366 } // namespace webkit |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7651002:
Adding checks to guard against buffer overruns in QuotaFileIO::Write and base::FileUtilProxy::Write (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/