Chromium Code Reviews Chromium Code Reviews
Issue 11576030:
Add size checks to extension icons to prevent out of memory conditions (Closed)
Base URL: https://src.chromium.org/chrome/trunk/src/| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/webui/favicon_source.h" | 5 #include "chrome/browser/ui/webui/favicon_source.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "chrome/browser/favicon/favicon_service_factory.h" | 9 #include "chrome/browser/favicon/favicon_service_factory.h" |
| 10 #include "chrome/browser/history/top_sites.h" | 10 #include "chrome/browser/history/top_sites.h" |
| 11 #include "chrome/browser/profiles/profile.h" | 11 #include "chrome/browser/profiles/profile.h" |
| 12 #include "chrome/browser/ui/webui/web_ui_util.h" | 12 #include "chrome/browser/ui/webui/web_ui_util.h" |
| 13 #include "chrome/common/url_constants.h" | 13 #include "chrome/common/url_constants.h" |
| 14 #include "grit/locale_settings.h" | 14 #include "grit/locale_settings.h" |
| 15 #include "grit/ui_resources.h" | 15 #include "grit/ui_resources.h" |
| 16 #include "ui/base/l10n/l10n_util.h" | 16 #include "ui/base/l10n/l10n_util.h" |
| 17 #include "ui/base/layout.h" | 17 #include "ui/base/layout.h" |
| 18 #include "ui/base/resource/resource_bundle.h" | 18 #include "ui/base/resource/resource_bundle.h" |
| 19 | 19 |
| 20 const int kMaxIconSize = 256; | |
| 21 | |
| 20 FaviconSource::FaviconSource(Profile* profile, IconType type) | 22 FaviconSource::FaviconSource(Profile* profile, IconType type) |
| 21 : DataSource(type == FAVICON ? chrome::kChromeUIFaviconHost : | 23 : DataSource(type == FAVICON ? chrome::kChromeUIFaviconHost : |
| 22 chrome::kChromeUITouchIconHost, | 24 chrome::kChromeUITouchIconHost, |
| 23 MessageLoop::current()) { | 25 MessageLoop::current()) { |
| 24 Init(profile, type); | 26 Init(profile, type); |
| 25 } | 27 } |
| 26 | 28 |
| 27 FaviconSource::FaviconSource(Profile* profile, | 29 FaviconSource::FaviconSource(Profile* profile, |
| 28 IconType type, | 30 IconType type, |
| 29 const std::string& source_name) | 31 const std::string& source_name) |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 75 base::Unretained(this), | 77 base::Unretained(this), |
| 76 IconRequest(request_id, size_in_dip, scale_factor)), | 78 IconRequest(request_id, size_in_dip, scale_factor)), |
| 77 &cancelable_task_tracker_); | 79 &cancelable_task_tracker_); |
| 78 } else { | 80 } else { |
| 79 GURL url; | 81 GURL url; |
| 80 if (path.size() > 5 && path.substr(0, 5) == "size/") { | 82 if (path.size() > 5 && path.substr(0, 5) == "size/") { |
| 81 size_t slash = path.find("/", 5); | 83 size_t slash = path.find("/", 5); |
| 82 size_t scale_delimiter = path.find("@", 5); | 84 size_t scale_delimiter = path.find("@", 5); |
| 83 std::string size = path.substr(5, slash - 5); | 85 std::string size = path.substr(5, slash - 5); |
| 84 size_in_dip = atoi(size.c_str()); | 86 size_in_dip = atoi(size.c_str()); |
| 85 DCHECK(size_in_dip == 64 || size_in_dip == 32 || size_in_dip == 16) << | 87 DCHECK(size_in_dip == 64 || size_in_dip == 32 || size_in_dip == 16) << |
|
Matt Perry
2012/12/14 18:57:08
This DCHECK suggests that we only expect 16, 32, a
| |
| 86 "only 64x64, 32x32 and 16x16 icons are supported"; | 88 "only 64x64, 32x32 and 16x16 icons are supported"; |
| 89 if (size_in_dip > kMaxIconSize) { | |
| 90 // Note that actual size can be more than kMaxIconSize | |
| 91 // because of scale_factor | |
| 92 size_in_dip = kMaxIconSize; | |
| 93 } | |
| 87 // Optional scale factor. | 94 // Optional scale factor. |
| 88 if (scale_delimiter != std::string::npos && scale_delimiter < slash) { | 95 if (scale_delimiter != std::string::npos && scale_delimiter < slash) { |
| 89 DCHECK(size_in_dip == 16); | 96 DCHECK(size_in_dip == 16); |
| 90 std::string scale_str = path.substr(scale_delimiter + 1, | 97 std::string scale_str = path.substr(scale_delimiter + 1, |
| 91 slash - scale_delimiter - 1); | 98 slash - scale_delimiter - 1); |
| 92 web_ui_util::ParseScaleFactor(scale_str, &scale_factor); | 99 web_ui_util::ParseScaleFactor(scale_str, &scale_factor); |
| 93 } | 100 } |
| 94 url = GURL(path.substr(slash + 1)); | 101 url = GURL(path.substr(slash + 1)); |
| 95 } else { | 102 } else { |
| 96 // URL requests prefixed with "origin/" are converted to a form with an | 103 // URL requests prefixed with "origin/" are converted to a form with an |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 178 | 185 |
| 179 if (!default_favicon) { | 186 if (!default_favicon) { |
| 180 ui::ScaleFactor scale_factor = icon_request.scale_factor; | 187 ui::ScaleFactor scale_factor = icon_request.scale_factor; |
| 181 default_favicon = ResourceBundle::GetSharedInstance() | 188 default_favicon = ResourceBundle::GetSharedInstance() |
| 182 .LoadDataResourceBytesForScale(resource_id, scale_factor); | 189 .LoadDataResourceBytesForScale(resource_id, scale_factor); |
| 183 default_favicons_[favicon_index] = default_favicon; | 190 default_favicons_[favicon_index] = default_favicon; |
| 184 } | 191 } |
| 185 | 192 |
| 186 SendResponse(icon_request.request_id, default_favicon); | 193 SendResponse(icon_request.request_id, default_favicon); |
| 187 } | 194 } |
| OLD | NEW |
