OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <stdio.h> | 5 #include <stdio.h> |
6 #include <string> | 6 #include <string> |
7 #include <sstream> | 7 #include <sstream> |
8 | 8 |
9 #include "base/message_loop.h" | 9 #include "base/message_loop.h" |
10 #include "base/process_util.h" | 10 #include "base/process_util.h" |
(...skipping 272 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
283 | 283 |
284 EXPECT_TRUE(base::WaitForSingleProcess(server_process, 5000)); | 284 EXPECT_TRUE(base::WaitForSingleProcess(server_process, 5000)); |
285 base::CloseProcessHandle(server_process); | 285 base::CloseProcessHandle(server_process); |
286 } | 286 } |
287 | 287 |
288 // This test uses a payload that is smaller than expected. | 288 // This test uses a payload that is smaller than expected. |
289 // This generates an error while unpacking the IPC buffer which in | 289 // This generates an error while unpacking the IPC buffer which in |
290 // In debug this triggers an assertion and in release it is ignored(!!). Right | 290 // In debug this triggers an assertion and in release it is ignored(!!). Right |
291 // after we generate another valid IPC to make sure framing is working | 291 // after we generate another valid IPC to make sure framing is working |
292 // properly. | 292 // properly. |
293 #ifdef NDEBUG | 293 #if defined(NDEBUG) && !defined(DCHECK_ALWAYS_ON) |
294 TEST_F(IPCFuzzingTest, MsgBadPayloadShort) { | 294 TEST_F(IPCFuzzingTest, MsgBadPayloadShort) { |
295 FuzzerClientListener listener; | 295 FuzzerClientListener listener; |
296 IPC::Channel chan(kFuzzerChannel, IPC::Channel::MODE_SERVER, | 296 IPC::Channel chan(kFuzzerChannel, IPC::Channel::MODE_SERVER, |
297 &listener); | 297 &listener); |
298 base::ProcessHandle server_process = SpawnChild(FUZZER_SERVER, &chan); | 298 base::ProcessHandle server_process = SpawnChild(FUZZER_SERVER, &chan); |
299 ASSERT_TRUE(server_process); | 299 ASSERT_TRUE(server_process); |
300 base::PlatformThread::Sleep(1000); | 300 base::PlatformThread::Sleep(1000); |
301 ASSERT_TRUE(chan.Connect()); | 301 ASSERT_TRUE(chan.Connect()); |
302 listener.Init(&chan); | 302 listener.Init(&chan); |
303 | 303 |
304 IPC::Message* msg = new IPC::Message(MSG_ROUTING_CONTROL, MsgClassIS::ID, | 304 IPC::Message* msg = new IPC::Message(MSG_ROUTING_CONTROL, MsgClassIS::ID, |
305 IPC::Message::PRIORITY_NORMAL); | 305 IPC::Message::PRIORITY_NORMAL); |
306 msg->WriteInt(666); | 306 msg->WriteInt(666); |
307 chan.Send(msg); | 307 chan.Send(msg); |
308 EXPECT_TRUE(listener.ExpectMsgNotHandled(MsgClassIS::ID)); | 308 EXPECT_TRUE(listener.ExpectMsgNotHandled(MsgClassIS::ID)); |
309 | 309 |
310 msg = new MsgClassSI(L"expect one", 1); | 310 msg = new MsgClassSI(L"expect one", 1); |
311 chan.Send(msg); | 311 chan.Send(msg); |
312 EXPECT_TRUE(listener.ExpectMessage(1, MsgClassSI::ID)); | 312 EXPECT_TRUE(listener.ExpectMessage(1, MsgClassSI::ID)); |
313 | 313 |
314 EXPECT_TRUE(base::WaitForSingleProcess(server_process, 5000)); | 314 EXPECT_TRUE(base::WaitForSingleProcess(server_process, 5000)); |
315 base::CloseProcessHandle(server_process); | 315 base::CloseProcessHandle(server_process); |
316 } | 316 } |
317 #endif // NDEBUG | 317 #endif |
318 | 318 |
319 // This test uses a payload that has too many arguments, but so the payload | 319 // This test uses a payload that has too many arguments, but so the payload |
320 // size is big enough so the unpacking routine does not generate an error as | 320 // size is big enough so the unpacking routine does not generate an error as |
321 // in the case of MsgBadPayloadShort test. | 321 // in the case of MsgBadPayloadShort test. |
322 // This test does not pinpoint a flaw (per se) as by design we don't carry | 322 // This test does not pinpoint a flaw (per se) as by design we don't carry |
323 // type information on the IPC message. | 323 // type information on the IPC message. |
324 TEST_F(IPCFuzzingTest, MsgBadPayloadArgs) { | 324 TEST_F(IPCFuzzingTest, MsgBadPayloadArgs) { |
325 FuzzerClientListener listener; | 325 FuzzerClientListener listener; |
326 IPC::Channel chan(kFuzzerChannel, IPC::Channel::MODE_SERVER, | 326 IPC::Channel chan(kFuzzerChannel, IPC::Channel::MODE_SERVER, |
327 &listener); | 327 &listener); |
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
385 ServerMacroExTest server; | 385 ServerMacroExTest server; |
386 | 386 |
387 // Test the regular messages. | 387 // Test the regular messages. |
388 msg = new MsgClassIS(3, L"text3"); | 388 msg = new MsgClassIS(3, L"text3"); |
389 EXPECT_TRUE(server.OnMessageReceived(*msg)); | 389 EXPECT_TRUE(server.OnMessageReceived(*msg)); |
390 delete msg; | 390 delete msg; |
391 msg = new MsgClassSI(L"text2", 2); | 391 msg = new MsgClassSI(L"text2", 2); |
392 EXPECT_TRUE(server.OnMessageReceived(*msg)); | 392 EXPECT_TRUE(server.OnMessageReceived(*msg)); |
393 delete msg; | 393 delete msg; |
394 | 394 |
395 #ifdef NDEBUG | 395 #if defined(NDEBUG) && !defined(DCHECK_ALWAYS_ON) |
396 // Test a bad message. | 396 // Test a bad message. |
397 msg = new IPC::Message(MSG_ROUTING_CONTROL, MsgClassSI::ID, | 397 msg = new IPC::Message(MSG_ROUTING_CONTROL, MsgClassSI::ID, |
398 IPC::Message::PRIORITY_NORMAL); | 398 IPC::Message::PRIORITY_NORMAL); |
399 msg->WriteInt(2); | 399 msg->WriteInt(2); |
400 EXPECT_FALSE(server.OnMessageReceived(*msg)); | 400 EXPECT_FALSE(server.OnMessageReceived(*msg)); |
401 delete msg; | 401 delete msg; |
402 | 402 |
403 msg = new IPC::Message(MSG_ROUTING_CONTROL, MsgClassIS::ID, | 403 msg = new IPC::Message(MSG_ROUTING_CONTROL, MsgClassIS::ID, |
404 IPC::Message::PRIORITY_NORMAL); | 404 IPC::Message::PRIORITY_NORMAL); |
405 msg->WriteInt(0x64); | 405 msg->WriteInt(0x64); |
406 msg->WriteInt(0x32); | 406 msg->WriteInt(0x32); |
407 EXPECT_FALSE(server.OnMessageReceived(*msg)); | 407 EXPECT_FALSE(server.OnMessageReceived(*msg)); |
408 delete msg; | 408 delete msg; |
409 | 409 |
410 EXPECT_EQ(0, server.unhandled_msgs()); | 410 EXPECT_EQ(0, server.unhandled_msgs()); |
411 #endif | 411 #endif |
412 } | 412 } |
OLD | NEW |