Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(316)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/policy/core/common/cloud/resource_cache.cc

Issue 141113003: Refactor base/safe_numerics.h (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 6 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « components/plugins/renderer/webview_plugin.cc ('k') | content/browser/fileapi/blob_url_request_job_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/policy/core/common/cloud/resource_cache.h" 5 #include "components/policy/core/common/cloud/resource_cache.h"
6 6
7 #include "base/base64.h" 7 #include "base/base64.h"
8 #include "base/callback.h" 8 #include "base/callback.h"
9 #include "base/file_util.h" 9 #include "base/file_util.h"
10 #include "base/files/file_enumerator.h" 10 #include "base/files/file_enumerator.h"
11 #include "base/logging.h" 11 #include "base/logging.h"
12 #include "base/safe_numerics.h" 12 #include "base/numerics/safe_conversions.h"
13 #include "base/sequenced_task_runner.h" 13 #include "base/sequenced_task_runner.h"
14 #include "base/strings/string_util.h" 14 #include "base/strings/string_util.h"
15 15
16 namespace policy { 16 namespace policy {
17 17
18 namespace { 18 namespace {
19 19
20 // Verifies that |value| is not empty and encodes it into base64url format, 20 // Verifies that |value| is not empty and encodes it into base64url format,
21 // which is safe to use as a file name on all platforms. 21 // which is safe to use as a file name on all platforms.
22 bool Base64Encode(const std::string& value, std::string* encoded) { 22 bool Base64Encode(const std::string& value, std::string* encoded) {
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after
75 base::FilePath subkey_path; 75 base::FilePath subkey_path;
76 // Delete the file before writing to it. This ensures that the write does not 76 // Delete the file before writing to it. This ensures that the write does not
77 // follow a symlink planted at |subkey_path|, clobbering a file outside the 77 // follow a symlink planted at |subkey_path|, clobbering a file outside the
78 // cache directory. The mechanism is meant to foil file-system-level attacks 78 // cache directory. The mechanism is meant to foil file-system-level attacks
79 // where a symlink is planted in the cache directory before Chrome has 79 // where a symlink is planted in the cache directory before Chrome has
80 // started. An attacker controlling a process running concurrently with Chrome 80 // started. An attacker controlling a process running concurrently with Chrome
81 // would be able to race against the protection by re-creating the symlink 81 // would be able to race against the protection by re-creating the symlink
82 // between these two calls. There is nothing in file_util that could be used 82 // between these two calls. There is nothing in file_util that could be used
83 // to protect against such races, especially as the cache is cross-platform 83 // to protect against such races, especially as the cache is cross-platform
84 // and therefore cannot use any POSIX-only tricks. 84 // and therefore cannot use any POSIX-only tricks.
85 int size = base::checked_numeric_cast<int>(data.size()); 85 int size = base::checked_cast<int>(data.size());
86 return VerifyKeyPathAndGetSubkeyPath(key, true, subkey, &subkey_path) && 86 return VerifyKeyPathAndGetSubkeyPath(key, true, subkey, &subkey_path) &&
87 base::DeleteFile(subkey_path, false) && 87 base::DeleteFile(subkey_path, false) &&
88 (file_util::WriteFile(subkey_path, data.data(), size) == size); 88 (file_util::WriteFile(subkey_path, data.data(), size) == size);
89 } 89 }
90 90
91 bool ResourceCache::Load(const std::string& key, 91 bool ResourceCache::Load(const std::string& key,
92 const std::string& subkey, 92 const std::string& subkey,
93 std::string* data) { 93 std::string* data) {
94 DCHECK(task_runner_->RunsTasksOnCurrentThread()); 94 DCHECK(task_runner_->RunsTasksOnCurrentThread());
95 base::FilePath subkey_path; 95 base::FilePath subkey_path;
(...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after
232 if (!VerifyKeyPath(key, allow_create_key, &key_path) || 232 if (!VerifyKeyPath(key, allow_create_key, &key_path) ||
233 !Base64Encode(subkey, &encoded)) { 233 !Base64Encode(subkey, &encoded)) {
234 return false; 234 return false;
235 } 235 }
236 *path = key_path.AppendASCII(encoded); 236 *path = key_path.AppendASCII(encoded);
237 return true; 237 return true;
238 } 238 }
239 239
240 240
241 } // namespace policy 241 } // namespace policy
OLDNEW
« no previous file with comments | « components/plugins/renderer/webview_plugin.cc ('k') | content/browser/fileapi/blob_url_request_job_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698