Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(176)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: ipc/ipc_message_utils.cc

Issue 11412282: Merge 168937 - Verify lfFaceName is NUL terminated in IPC deserializer. (Closed) Base URL: svn://svn.chromium.org/chrome/branches/1312/src/
Patch Set: Created 8 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: ipc/ipc_message_utils.cc
===================================================================
--- ipc/ipc_message_utils.cc (revision 170565)
+++ ipc/ipc_message_utils.cc (working copy)
@@ -16,6 +16,8 @@
#if defined(OS_POSIX)
#include "ipc/file_descriptor_set_posix.h"
+#elif defined(OS_WIN)
+#include <tchar.h>
#endif
namespace IPC {
@@ -806,15 +808,16 @@
param_type* r) {
const char *data;
int data_size = 0;
- bool result = m->ReadData(iter, &data, &data_size);
- if (result && data_size == sizeof(LOGFONT)) {
- memcpy(r, data, sizeof(LOGFONT));
- } else {
- result = false;
- NOTREACHED();
+ if (m->ReadData(iter, &data, &data_size) && data_size == sizeof(LOGFONT)) {
+ const LOGFONT *font = reinterpret_cast<LOGFONT*>(const_cast<char*>(data));
+ if (_tcsnlen(font->lfFaceName, LF_FACESIZE) < LF_FACESIZE) {
+ memcpy(r, data, sizeof(LOGFONT));
+ return true;
+ }
}
- return result;
+ NOTREACHED();
+ return false;
}
void ParamTraits<LOGFONT>::Log(const param_type& p, std::string* l) {
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698