OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <stdio.h> | 5 #include <stdio.h> |
6 #include <string> | 6 #include <string> |
7 #include <sstream> | 7 #include <sstream> |
8 | 8 |
9 #include "base/message_loop/message_loop.h" | 9 #include "base/message_loop/message_loop.h" |
10 #include "base/strings/string16.h" | 10 #include "base/strings/string16.h" |
(...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
81 EXPECT_TRUE(m.WriteInt(-1)); // This is the count of elements. | 81 EXPECT_TRUE(m.WriteInt(-1)); // This is the count of elements. |
82 EXPECT_TRUE(m.WriteInt(1)); | 82 EXPECT_TRUE(m.WriteInt(1)); |
83 EXPECT_TRUE(m.WriteInt(2)); | 83 EXPECT_TRUE(m.WriteInt(2)); |
84 EXPECT_TRUE(m.WriteInt(3)); | 84 EXPECT_TRUE(m.WriteInt(3)); |
85 | 85 |
86 std::vector<double> vec; | 86 std::vector<double> vec; |
87 base::PickleIterator iter(m); | 87 base::PickleIterator iter(m); |
88 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); | 88 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); |
89 } | 89 } |
90 | 90 |
91 TEST(IPCMessageIntegrity, ReadVectorTooLarge1) { | 91 #if defined(OS_ANDROID) |
| 92 #define MAYBE_ReadVectorTooLarge1 DISABLED_ReadVectorTooLarge1 |
| 93 #else |
| 94 #define MAYBE_ReadVectorTooLarge1 ReadVectorTooLarge1 |
| 95 #endif |
| 96 TEST(IPCMessageIntegrity, MAYBE_ReadVectorTooLarge1) { |
92 // This was BUG 1006367. This is the large but positive length case. Again | 97 // This was BUG 1006367. This is the large but positive length case. Again |
93 // we try to hit the non-specialized case vector<P>. | 98 // we try to hit the non-specialized case vector<P>. |
94 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); | 99 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); |
95 EXPECT_TRUE(m.WriteInt(0x21000003)); // This is the count of elements. | 100 EXPECT_TRUE(m.WriteInt(0x21000003)); // This is the count of elements. |
96 EXPECT_TRUE(m.WriteInt64(1)); | 101 EXPECT_TRUE(m.WriteInt64(1)); |
97 EXPECT_TRUE(m.WriteInt64(2)); | 102 EXPECT_TRUE(m.WriteInt64(2)); |
98 | 103 |
99 std::vector<int64> vec; | 104 std::vector<int64> vec; |
100 base::PickleIterator iter(m); | 105 base::PickleIterator iter(m); |
101 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); | 106 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); |
(...skipping 152 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
254 IPCTestBase::GetChannelName("FuzzServerClient"), &listener, nullptr)); | 259 IPCTestBase::GetChannelName("FuzzServerClient"), &listener, nullptr)); |
255 CHECK(channel->Connect()); | 260 CHECK(channel->Connect()); |
256 listener.Init(channel.get()); | 261 listener.Init(channel.get()); |
257 base::MessageLoop::current()->Run(); | 262 base::MessageLoop::current()->Run(); |
258 return 0; | 263 return 0; |
259 } | 264 } |
260 | 265 |
261 class IPCFuzzingTest : public IPCTestBase { | 266 class IPCFuzzingTest : public IPCTestBase { |
262 }; | 267 }; |
263 | 268 |
| 269 #if defined(OS_ANDROID) |
| 270 #define MAYBE_SanityTest DISABLED_SanityTest |
| 271 #else |
| 272 #define MAYBE_SanityTest SanityTest |
| 273 #endif |
264 // This test makes sure that the FuzzerClientListener and FuzzerServerListener | 274 // This test makes sure that the FuzzerClientListener and FuzzerServerListener |
265 // are working properly by generating two well formed IPC calls. | 275 // are working properly by generating two well formed IPC calls. |
266 TEST_F(IPCFuzzingTest, SanityTest) { | 276 TEST_F(IPCFuzzingTest, MAYBE_SanityTest) { |
267 Init("FuzzServerClient"); | 277 Init("FuzzServerClient"); |
268 | 278 |
269 FuzzerClientListener listener; | 279 FuzzerClientListener listener; |
270 CreateChannel(&listener); | 280 CreateChannel(&listener); |
271 listener.Init(channel()); | 281 listener.Init(channel()); |
272 ASSERT_TRUE(ConnectChannel()); | 282 ASSERT_TRUE(ConnectChannel()); |
273 ASSERT_TRUE(StartClient()); | 283 ASSERT_TRUE(StartClient()); |
274 | 284 |
275 IPC::Message* msg = NULL; | 285 IPC::Message* msg = NULL; |
276 int value = 43; | 286 int value = 43; |
277 msg = new MsgClassIS(value, base::ASCIIToUTF16("expect 43")); | 287 msg = new MsgClassIS(value, base::ASCIIToUTF16("expect 43")); |
278 sender()->Send(msg); | 288 sender()->Send(msg); |
279 EXPECT_TRUE(listener.ExpectMessage(value, MsgClassIS::ID)); | 289 EXPECT_TRUE(listener.ExpectMessage(value, MsgClassIS::ID)); |
280 | 290 |
281 msg = new MsgClassSI(base::ASCIIToUTF16("expect 44"), ++value); | 291 msg = new MsgClassSI(base::ASCIIToUTF16("expect 44"), ++value); |
282 sender()->Send(msg); | 292 sender()->Send(msg); |
283 EXPECT_TRUE(listener.ExpectMessage(value, MsgClassSI::ID)); | 293 EXPECT_TRUE(listener.ExpectMessage(value, MsgClassSI::ID)); |
284 | 294 |
285 EXPECT_TRUE(WaitForClientShutdown()); | 295 EXPECT_TRUE(WaitForClientShutdown()); |
286 DestroyChannel(); | 296 DestroyChannel(); |
287 } | 297 } |
288 | 298 |
| 299 #if defined(OS_ANDROID) |
| 300 #define MAYBE_MsgBadPayloadShort DISABLED_MsgBadPayloadShort |
| 301 #else |
| 302 #define MAYBE_MsgBadPayloadShort MsgBadPayloadShort |
| 303 #endif |
289 // This test uses a payload that is smaller than expected. This generates an | 304 // This test uses a payload that is smaller than expected. This generates an |
290 // error while unpacking the IPC buffer which in debug trigger an assertion and | 305 // error while unpacking the IPC buffer which in debug trigger an assertion and |
291 // in release is ignored (!). Right after we generate another valid IPC to make | 306 // in release is ignored (!). Right after we generate another valid IPC to make |
292 // sure framing is working properly. | 307 // sure framing is working properly. |
293 #if defined(NDEBUG) && !defined(DCHECK_ALWAYS_ON) | 308 #if defined(NDEBUG) && !defined(DCHECK_ALWAYS_ON) |
294 TEST_F(IPCFuzzingTest, MsgBadPayloadShort) { | 309 TEST_F(IPCFuzzingTest, MAYBE_MsgBadPayloadShort) { |
295 Init("FuzzServerClient"); | 310 Init("FuzzServerClient"); |
296 | 311 |
297 FuzzerClientListener listener; | 312 FuzzerClientListener listener; |
298 CreateChannel(&listener); | 313 CreateChannel(&listener); |
299 listener.Init(channel()); | 314 listener.Init(channel()); |
300 ASSERT_TRUE(ConnectChannel()); | 315 ASSERT_TRUE(ConnectChannel()); |
301 ASSERT_TRUE(StartClient()); | 316 ASSERT_TRUE(StartClient()); |
302 | 317 |
303 IPC::Message* msg = new IPC::Message(MSG_ROUTING_CONTROL, MsgClassIS::ID, | 318 IPC::Message* msg = new IPC::Message(MSG_ROUTING_CONTROL, MsgClassIS::ID, |
304 IPC::Message::PRIORITY_NORMAL); | 319 IPC::Message::PRIORITY_NORMAL); |
305 msg->WriteInt(666); | 320 msg->WriteInt(666); |
306 sender()->Send(msg); | 321 sender()->Send(msg); |
307 EXPECT_TRUE(listener.ExpectMsgNotHandled(MsgClassIS::ID)); | 322 EXPECT_TRUE(listener.ExpectMsgNotHandled(MsgClassIS::ID)); |
308 | 323 |
309 msg = new MsgClassSI(base::ASCIIToUTF16("expect one"), 1); | 324 msg = new MsgClassSI(base::ASCIIToUTF16("expect one"), 1); |
310 sender()->Send(msg); | 325 sender()->Send(msg); |
311 EXPECT_TRUE(listener.ExpectMessage(1, MsgClassSI::ID)); | 326 EXPECT_TRUE(listener.ExpectMessage(1, MsgClassSI::ID)); |
312 | 327 |
313 EXPECT_TRUE(WaitForClientShutdown()); | 328 EXPECT_TRUE(WaitForClientShutdown()); |
314 DestroyChannel(); | 329 DestroyChannel(); |
315 } | 330 } |
316 #endif | 331 #endif |
317 | 332 |
| 333 #if defined(OS_ANDROID) |
| 334 #define MAYBE_MsgBadPayloadArgs DISABLED_MsgBadPayloadArgs |
| 335 #else |
| 336 #define MAYBE_MsgBadPayloadArgs MsgBadPayloadArgs |
| 337 #endif |
318 // This test uses a payload that has too many arguments, but so the payload size | 338 // This test uses a payload that has too many arguments, but so the payload size |
319 // is big enough so the unpacking routine does not generate an error as in the | 339 // is big enough so the unpacking routine does not generate an error as in the |
320 // case of MsgBadPayloadShort test. This test does not pinpoint a flaw (per se) | 340 // case of MsgBadPayloadShort test. This test does not pinpoint a flaw (per se) |
321 // as by design we don't carry type information on the IPC message. | 341 // as by design we don't carry type information on the IPC message. |
322 TEST_F(IPCFuzzingTest, MsgBadPayloadArgs) { | 342 TEST_F(IPCFuzzingTest, MAYBE_MsgBadPayloadArgs) { |
323 Init("FuzzServerClient"); | 343 Init("FuzzServerClient"); |
324 | 344 |
325 FuzzerClientListener listener; | 345 FuzzerClientListener listener; |
326 CreateChannel(&listener); | 346 CreateChannel(&listener); |
327 listener.Init(channel()); | 347 listener.Init(channel()); |
328 ASSERT_TRUE(ConnectChannel()); | 348 ASSERT_TRUE(ConnectChannel()); |
329 ASSERT_TRUE(StartClient()); | 349 ASSERT_TRUE(StartClient()); |
330 | 350 |
331 IPC::Message* msg = new IPC::Message(MSG_ROUTING_CONTROL, MsgClassSI::ID, | 351 IPC::Message* msg = new IPC::Message(MSG_ROUTING_CONTROL, MsgClassSI::ID, |
332 IPC::Message::PRIORITY_NORMAL); | 352 IPC::Message::PRIORITY_NORMAL); |
333 msg->WriteString16(base::ASCIIToUTF16("d")); | 353 msg->WriteString16(base::ASCIIToUTF16("d")); |
334 msg->WriteInt(0); | 354 msg->WriteInt(0); |
335 msg->WriteInt(0x65); // Extra argument. | 355 msg->WriteInt(0x65); // Extra argument. |
336 | 356 |
337 sender()->Send(msg); | 357 sender()->Send(msg); |
338 EXPECT_TRUE(listener.ExpectMessage(0, MsgClassSI::ID)); | 358 EXPECT_TRUE(listener.ExpectMessage(0, MsgClassSI::ID)); |
339 | 359 |
340 // Now send a well formed message to make sure the receiver wasn't | 360 // Now send a well formed message to make sure the receiver wasn't |
341 // thrown out of sync by the extra argument. | 361 // thrown out of sync by the extra argument. |
342 msg = new MsgClassIS(3, base::ASCIIToUTF16("expect three")); | 362 msg = new MsgClassIS(3, base::ASCIIToUTF16("expect three")); |
343 sender()->Send(msg); | 363 sender()->Send(msg); |
344 EXPECT_TRUE(listener.ExpectMessage(3, MsgClassIS::ID)); | 364 EXPECT_TRUE(listener.ExpectMessage(3, MsgClassIS::ID)); |
345 | 365 |
346 EXPECT_TRUE(WaitForClientShutdown()); | 366 EXPECT_TRUE(WaitForClientShutdown()); |
347 DestroyChannel(); | 367 DestroyChannel(); |
348 } | 368 } |
349 | 369 |
350 } // namespace | 370 } // namespace |
OLD | NEW |