Chromium Code Reviews Chromium Code Reviews
Issue 1145013004:
Introduce bad_message.h for chrome and NaCl. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/nacl/browser/nacl_file_host.h" | 5 #include "components/nacl/browser/nacl_file_host.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/files/file.h" | 8 #include "base/files/file.h" |
| 9 #include "base/files/file_path.h" | 9 #include "base/files/file_path.h" |
| 10 #include "base/files/file_util.h" | 10 #include "base/files/file_util.h" |
| 11 #include "base/strings/utf_string_conversions.h" | 11 #include "base/strings/utf_string_conversions.h" |
| 12 #include "base/threading/sequenced_worker_pool.h" | 12 #include "base/threading/sequenced_worker_pool.h" |
| 13 #include "components/nacl/browser/bad_message.h" | |
| 13 #include "components/nacl/browser/nacl_browser.h" | 14 #include "components/nacl/browser/nacl_browser.h" |
| 14 #include "components/nacl/browser/nacl_browser_delegate.h" | 15 #include "components/nacl/browser/nacl_browser_delegate.h" |
| 15 #include "components/nacl/browser/nacl_host_message_filter.h" | 16 #include "components/nacl/browser/nacl_host_message_filter.h" |
| 16 #include "components/nacl/common/nacl_host_messages.h" | 17 #include "components/nacl/common/nacl_host_messages.h" |
| 17 #include "content/public/browser/browser_thread.h" | 18 #include "content/public/browser/browser_thread.h" |
| 18 #include "content/public/browser/render_view_host.h" | 19 #include "content/public/browser/render_view_host.h" |
| 19 #include "content/public/browser/site_instance.h" | 20 #include "content/public/browser/site_instance.h" |
| 20 #include "ipc/ipc_platform_file.h" | 21 #include "ipc/ipc_platform_file.h" |
| 21 | 22 |
| 22 using content::BrowserThread; | 23 using content::BrowserThread; |
| (...skipping 218 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 241 reply_msg)); | 242 reply_msg)); |
| 242 return; | 243 return; |
| 243 } | 244 } |
| 244 | 245 |
| 245 // Make sure render_view_id is valid and that the URL is a part of the | 246 // Make sure render_view_id is valid and that the URL is a part of the |
| 246 // render view's site. Without these checks, apps could probe the extension | 247 // render view's site. Without these checks, apps could probe the extension |
| 247 // directory or run NaCl code from other extensions. | 248 // directory or run NaCl code from other extensions. |
| 248 content::RenderViewHost* rvh = content::RenderViewHost::FromID( | 249 content::RenderViewHost* rvh = content::RenderViewHost::FromID( |
| 249 nacl_host_message_filter->render_process_id(), render_view_id); | 250 nacl_host_message_filter->render_process_id(), render_view_id); |
| 250 if (!rvh) { | 251 if (!rvh) { |
| 251 nacl_host_message_filter->BadMessageReceived(); // Kill the renderer. | 252 nacl::bad_message::ReceivedBadMessage( |
| 253 nacl_host_message_filter.get(), | |
| 254 nacl::bad_message::NACL_OPEN_EXECUTABLE_BAD_ROUTING_ID); | |
| 255 delete reply_msg; | |
|
James Cook
2015/05/22 18:13:10
We leaked this before? Good catch.
ncarter (slow)
2015/05/22 18:41:51
Acknowledged.
| |
| 252 return; | 256 return; |
| 253 } | 257 } |
| 254 content::SiteInstance* site_instance = rvh->GetSiteInstance(); | 258 content::SiteInstance* site_instance = rvh->GetSiteInstance(); |
| 255 if (!content::SiteInstance::IsSameWebSite(site_instance->GetBrowserContext(), | 259 if (!content::SiteInstance::IsSameWebSite(site_instance->GetBrowserContext(), |
| 256 site_instance->GetSiteURL(), | 260 site_instance->GetSiteURL(), |
| 257 file_url)) { | 261 file_url)) { |
| 258 NotifyRendererOfError(nacl_host_message_filter.get(), reply_msg); | 262 NotifyRendererOfError(nacl_host_message_filter.get(), reply_msg); |
| 259 return; | 263 return; |
| 260 } | 264 } |
| 261 | 265 |
| 262 // The URL is part of the current app. Now query the extension system for the | 266 // The URL is part of the current app. Now query the extension system for the |
| 263 // file path and convert that to a file descriptor. This should be done on a | 267 // file path and convert that to a file descriptor. This should be done on a |
| 264 // blocking pool thread. | 268 // blocking pool thread. |
| 265 if (!BrowserThread::PostBlockingPoolTask( | 269 if (!BrowserThread::PostBlockingPoolTask( |
| 266 FROM_HERE, | 270 FROM_HERE, |
| 267 base::Bind( | 271 base::Bind( |
| 268 &DoOpenNaClExecutableOnThreadPool, | 272 &DoOpenNaClExecutableOnThreadPool, |
| 269 nacl_host_message_filter, | 273 nacl_host_message_filter, |
| 270 file_url, | 274 file_url, |
| 271 enable_validation_caching, | 275 enable_validation_caching, |
| 272 reply_msg))) { | 276 reply_msg))) { |
| 273 NotifyRendererOfError(nacl_host_message_filter.get(), reply_msg); | 277 NotifyRendererOfError(nacl_host_message_filter.get(), reply_msg); |
| 274 } | 278 } |
| 275 } | 279 } |
| 276 | 280 |
| 277 } // namespace nacl_file_host | 281 } // namespace nacl_file_host |
| OLD | NEW |
