Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(6)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: ipc/ipc_channel_posix.cc

Issue 1120343002: Make IPC::Channel buffers stack based and secure against growth (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rebased to newer master Created 5 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « ipc/ipc_channel_posix.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "ipc/ipc_channel_posix.h" 5 #include "ipc/ipc_channel_posix.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 #include <fcntl.h> 8 #include <fcntl.h>
9 #include <stddef.h> 9 #include <stddef.h>
10 #include <sys/socket.h> 10 #include <sys/socket.h>
(...skipping 174 matching lines...) Expand 10 before | Expand all | Expand 10 after
185 Mode mode, Listener* listener) 185 Mode mode, Listener* listener)
186 : ChannelReader(listener), 186 : ChannelReader(listener),
187 mode_(mode), 187 mode_(mode),
188 peer_pid_(base::kNullProcessId), 188 peer_pid_(base::kNullProcessId),
189 is_blocked_on_write_(false), 189 is_blocked_on_write_(false),
190 waiting_connect_(true), 190 waiting_connect_(true),
191 message_send_bytes_written_(0), 191 message_send_bytes_written_(0),
192 pipe_name_(channel_handle.name), 192 pipe_name_(channel_handle.name),
193 in_dtor_(false), 193 in_dtor_(false),
194 must_unlink_(false) { 194 must_unlink_(false) {
195 memset(input_cmsg_buf_, 0, sizeof(input_cmsg_buf_));
196 if (!CreatePipe(channel_handle)) { 195 if (!CreatePipe(channel_handle)) {
197 // The pipe may have been closed already. 196 // The pipe may have been closed already.
198 const char *modestr = (mode_ & MODE_SERVER_FLAG) ? "server" : "client"; 197 const char *modestr = (mode_ & MODE_SERVER_FLAG) ? "server" : "client";
199 LOG(WARNING) << "Unable to create pipe named \"" << channel_handle.name 198 LOG(WARNING) << "Unable to create pipe named \"" << channel_handle.name
200 << "\" in " << modestr << " mode"; 199 << "\" in " << modestr << " mode";
201 } 200 }
202 } 201 }
203 202
204 ChannelPosix::~ChannelPosix() { 203 ChannelPosix::~ChannelPosix() {
205 in_dtor_ = true; 204 in_dtor_ = true;
(...skipping 541 matching lines...) Expand 10 before | Expand all | Expand 10 after
747 int* bytes_read) { 746 int* bytes_read) {
748 if (!pipe_.is_valid()) 747 if (!pipe_.is_valid())
749 return READ_FAILED; 748 return READ_FAILED;
750 749
751 struct msghdr msg = {0}; 750 struct msghdr msg = {0};
752 751
753 struct iovec iov = {buffer, static_cast<size_t>(buffer_len)}; 752 struct iovec iov = {buffer, static_cast<size_t>(buffer_len)};
754 msg.msg_iov = &iov; 753 msg.msg_iov = &iov;
755 msg.msg_iovlen = 1; 754 msg.msg_iovlen = 1;
756 755
757 msg.msg_control = input_cmsg_buf_; 756 static_assert(kMaxReadFDBuffer <= 8192,
Tom Sepez 2015/05/28 15:57:46 I believe that a static_assert can appear inside a
757 "kMaxReadFDBuffer too big for a stack buffer");
758 char input_cmsg_buf[kMaxReadFDBuffer];
759 msg.msg_control = input_cmsg_buf;
758 760
759 // recvmsg() returns 0 if the connection has closed or EAGAIN if no data 761 // recvmsg() returns 0 if the connection has closed or EAGAIN if no data
760 // is waiting on the pipe. 762 // is waiting on the pipe.
761 msg.msg_controllen = sizeof(input_cmsg_buf_); 763 msg.msg_controllen = sizeof(input_cmsg_buf);
762 *bytes_read = HANDLE_EINTR(recvmsg(pipe_.get(), &msg, MSG_DONTWAIT)); 764 *bytes_read = HANDLE_EINTR(recvmsg(pipe_.get(), &msg, MSG_DONTWAIT));
763 765
764 if (*bytes_read < 0) { 766 if (*bytes_read < 0) {
765 if (errno == EAGAIN) { 767 if (errno == EAGAIN) {
766 return READ_PENDING; 768 return READ_PENDING;
767 #if defined(OS_MACOSX) 769 #if defined(OS_MACOSX)
768 } else if (errno == EPERM) { 770 } else if (errno == EPERM) {
769 // On OSX, reading from a pipe with no listener returns EPERM 771 // On OSX, reading from a pipe with no listener returns EPERM
770 // treat this as a special case to prevent spurious error messages 772 // treat this as a special case to prevent spurious error messages
771 // to the console. 773 // to the console.
(...skipping 246 matching lines...) Expand 10 before | Expand all | Expand 10 after
1018 } 1020 }
1019 1021
1020 #if defined(OS_LINUX) 1022 #if defined(OS_LINUX)
1021 // static 1023 // static
1022 void Channel::SetGlobalPid(int pid) { 1024 void Channel::SetGlobalPid(int pid) {
1023 ChannelPosix::SetGlobalPid(pid); 1025 ChannelPosix::SetGlobalPid(pid);
1024 } 1026 }
1025 #endif // OS_LINUX 1027 #endif // OS_LINUX
1026 1028
1027 } // namespace IPC 1029 } // namespace IPC
OLDNEW
« no previous file with comments | « ipc/ipc_channel_posix.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698