| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <stdio.h> | 5 #include <stdio.h> |
| 6 #include <string> | 6 #include <string> |
| 7 #include <sstream> | 7 #include <sstream> |
| 8 | 8 |
| 9 #include "base/message_loop/message_loop.h" | 9 #include "base/message_loop/message_loop.h" |
| 10 #include "base/strings/string16.h" | 10 #include "base/strings/string16.h" |
| (...skipping 26 matching lines...) Expand all Loading... |
| 37 namespace { | 37 namespace { |
| 38 | 38 |
| 39 TEST(IPCMessageIntegrity, ReadBeyondBufferStr) { | 39 TEST(IPCMessageIntegrity, ReadBeyondBufferStr) { |
| 40 // This was BUG 984408. | 40 // This was BUG 984408. |
| 41 uint32 v1 = kuint32max - 1; | 41 uint32 v1 = kuint32max - 1; |
| 42 int v2 = 666; | 42 int v2 = 666; |
| 43 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); | 43 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); |
| 44 EXPECT_TRUE(m.WriteInt(v1)); | 44 EXPECT_TRUE(m.WriteInt(v1)); |
| 45 EXPECT_TRUE(m.WriteInt(v2)); | 45 EXPECT_TRUE(m.WriteInt(v2)); |
| 46 | 46 |
| 47 PickleIterator iter(m); | 47 base::PickleIterator iter(m); |
| 48 std::string vs; | 48 std::string vs; |
| 49 EXPECT_FALSE(iter.ReadString(&vs)); | 49 EXPECT_FALSE(iter.ReadString(&vs)); |
| 50 } | 50 } |
| 51 | 51 |
| 52 TEST(IPCMessageIntegrity, ReadBeyondBufferStr16) { | 52 TEST(IPCMessageIntegrity, ReadBeyondBufferStr16) { |
| 53 // This was BUG 984408. | 53 // This was BUG 984408. |
| 54 uint32 v1 = kuint32max - 1; | 54 uint32 v1 = kuint32max - 1; |
| 55 int v2 = 777; | 55 int v2 = 777; |
| 56 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); | 56 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); |
| 57 EXPECT_TRUE(m.WriteInt(v1)); | 57 EXPECT_TRUE(m.WriteInt(v1)); |
| 58 EXPECT_TRUE(m.WriteInt(v2)); | 58 EXPECT_TRUE(m.WriteInt(v2)); |
| 59 | 59 |
| 60 PickleIterator iter(m); | 60 base::PickleIterator iter(m); |
| 61 base::string16 vs; | 61 base::string16 vs; |
| 62 EXPECT_FALSE(iter.ReadString16(&vs)); | 62 EXPECT_FALSE(iter.ReadString16(&vs)); |
| 63 } | 63 } |
| 64 | 64 |
| 65 TEST(IPCMessageIntegrity, ReadBytesBadIterator) { | 65 TEST(IPCMessageIntegrity, ReadBytesBadIterator) { |
| 66 // This was BUG 1035467. | 66 // This was BUG 1035467. |
| 67 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); | 67 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); |
| 68 EXPECT_TRUE(m.WriteInt(1)); | 68 EXPECT_TRUE(m.WriteInt(1)); |
| 69 EXPECT_TRUE(m.WriteInt(2)); | 69 EXPECT_TRUE(m.WriteInt(2)); |
| 70 | 70 |
| 71 PickleIterator iter(m); | 71 base::PickleIterator iter(m); |
| 72 const char* data = NULL; | 72 const char* data = NULL; |
| 73 EXPECT_TRUE(iter.ReadBytes(&data, sizeof(int))); | 73 EXPECT_TRUE(iter.ReadBytes(&data, sizeof(int))); |
| 74 } | 74 } |
| 75 | 75 |
| 76 TEST(IPCMessageIntegrity, ReadVectorNegativeSize) { | 76 TEST(IPCMessageIntegrity, ReadVectorNegativeSize) { |
| 77 // A slight variation of BUG 984408. Note that the pickling of vector<char> | 77 // A slight variation of BUG 984408. Note that the pickling of vector<char> |
| 78 // has a specialized template which is not vulnerable to this bug. So here | 78 // has a specialized template which is not vulnerable to this bug. So here |
| 79 // try to hit the non-specialized case vector<P>. | 79 // try to hit the non-specialized case vector<P>. |
| 80 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); | 80 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); |
| 81 EXPECT_TRUE(m.WriteInt(-1)); // This is the count of elements. | 81 EXPECT_TRUE(m.WriteInt(-1)); // This is the count of elements. |
| 82 EXPECT_TRUE(m.WriteInt(1)); | 82 EXPECT_TRUE(m.WriteInt(1)); |
| 83 EXPECT_TRUE(m.WriteInt(2)); | 83 EXPECT_TRUE(m.WriteInt(2)); |
| 84 EXPECT_TRUE(m.WriteInt(3)); | 84 EXPECT_TRUE(m.WriteInt(3)); |
| 85 | 85 |
| 86 std::vector<double> vec; | 86 std::vector<double> vec; |
| 87 PickleIterator iter(m); | 87 base::PickleIterator iter(m); |
| 88 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); | 88 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); |
| 89 } | 89 } |
| 90 | 90 |
| 91 TEST(IPCMessageIntegrity, ReadVectorTooLarge1) { | 91 TEST(IPCMessageIntegrity, ReadVectorTooLarge1) { |
| 92 // This was BUG 1006367. This is the large but positive length case. Again | 92 // This was BUG 1006367. This is the large but positive length case. Again |
| 93 // we try to hit the non-specialized case vector<P>. | 93 // we try to hit the non-specialized case vector<P>. |
| 94 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); | 94 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); |
| 95 EXPECT_TRUE(m.WriteInt(0x21000003)); // This is the count of elements. | 95 EXPECT_TRUE(m.WriteInt(0x21000003)); // This is the count of elements. |
| 96 EXPECT_TRUE(m.WriteInt64(1)); | 96 EXPECT_TRUE(m.WriteInt64(1)); |
| 97 EXPECT_TRUE(m.WriteInt64(2)); | 97 EXPECT_TRUE(m.WriteInt64(2)); |
| 98 | 98 |
| 99 std::vector<int64> vec; | 99 std::vector<int64> vec; |
| 100 PickleIterator iter(m); | 100 base::PickleIterator iter(m); |
| 101 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); | 101 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); |
| 102 } | 102 } |
| 103 | 103 |
| 104 TEST(IPCMessageIntegrity, ReadVectorTooLarge2) { | 104 TEST(IPCMessageIntegrity, ReadVectorTooLarge2) { |
| 105 // This was BUG 1006367. This is the large but positive with an additional | 105 // This was BUG 1006367. This is the large but positive with an additional |
| 106 // integer overflow when computing the actual byte size. Again we try to hit | 106 // integer overflow when computing the actual byte size. Again we try to hit |
| 107 // the non-specialized case vector<P>. | 107 // the non-specialized case vector<P>. |
| 108 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); | 108 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); |
| 109 EXPECT_TRUE(m.WriteInt(0x71000000)); // This is the count of elements. | 109 EXPECT_TRUE(m.WriteInt(0x71000000)); // This is the count of elements. |
| 110 EXPECT_TRUE(m.WriteInt64(1)); | 110 EXPECT_TRUE(m.WriteInt64(1)); |
| 111 EXPECT_TRUE(m.WriteInt64(2)); | 111 EXPECT_TRUE(m.WriteInt64(2)); |
| 112 | 112 |
| 113 std::vector<int64> vec; | 113 std::vector<int64> vec; |
| 114 PickleIterator iter(m); | 114 base::PickleIterator iter(m); |
| 115 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); | 115 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); |
| 116 } | 116 } |
| 117 | 117 |
| 118 class SimpleListener : public IPC::Listener { | 118 class SimpleListener : public IPC::Listener { |
| 119 public: | 119 public: |
| 120 SimpleListener() : other_(NULL) { | 120 SimpleListener() : other_(NULL) { |
| 121 } | 121 } |
| 122 void Init(IPC::Sender* s) { | 122 void Init(IPC::Sender* s) { |
| 123 other_ = s; | 123 other_ = s; |
| 124 } | 124 } |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 206 last_msg_ = new IPC::Message(msg); | 206 last_msg_ = new IPC::Message(msg); |
| 207 base::MessageLoop::current()->Quit(); | 207 base::MessageLoop::current()->Quit(); |
| 208 return true; | 208 return true; |
| 209 } | 209 } |
| 210 | 210 |
| 211 bool ExpectMessage(int value, uint32 type_id) { | 211 bool ExpectMessage(int value, uint32 type_id) { |
| 212 if (!MsgHandlerInternal(type_id)) | 212 if (!MsgHandlerInternal(type_id)) |
| 213 return false; | 213 return false; |
| 214 int msg_value1 = 0; | 214 int msg_value1 = 0; |
| 215 int msg_value2 = 0; | 215 int msg_value2 = 0; |
| 216 PickleIterator iter(*last_msg_); | 216 base::PickleIterator iter(*last_msg_); |
| 217 if (!iter.ReadInt(&msg_value1)) | 217 if (!iter.ReadInt(&msg_value1)) |
| 218 return false; | 218 return false; |
| 219 if (!iter.ReadInt(&msg_value2)) | 219 if (!iter.ReadInt(&msg_value2)) |
| 220 return false; | 220 return false; |
| 221 if ((msg_value2 + 1) != msg_value1) | 221 if ((msg_value2 + 1) != msg_value1) |
| 222 return false; | 222 return false; |
| 223 if (msg_value2 != value) | 223 if (msg_value2 != value) |
| 224 return false; | 224 return false; |
| 225 | 225 |
| 226 delete last_msg_; | 226 delete last_msg_; |
| (...skipping 115 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 342 // thrown out of sync by the extra argument. | 342 // thrown out of sync by the extra argument. |
| 343 msg = new MsgClassIS(3, base::ASCIIToUTF16("expect three")); | 343 msg = new MsgClassIS(3, base::ASCIIToUTF16("expect three")); |
| 344 sender()->Send(msg); | 344 sender()->Send(msg); |
| 345 EXPECT_TRUE(listener.ExpectMessage(3, MsgClassIS::ID)); | 345 EXPECT_TRUE(listener.ExpectMessage(3, MsgClassIS::ID)); |
| 346 | 346 |
| 347 EXPECT_TRUE(WaitForClientShutdown()); | 347 EXPECT_TRUE(WaitForClientShutdown()); |
| 348 DestroyChannel(); | 348 DestroyChannel(); |
| 349 } | 349 } |
| 350 | 350 |
| 351 } // namespace | 351 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1154283003:
Change most uses of Pickle to base::Pickle (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master