Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(12)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/modules/websockets/DocumentWebSocketChannel.cpp

Issue 1414553002: Fix out-of-memory crashes related to ArrayBuffer allocation Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: rebase+more tweaks Created 5 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/Source/modules/websockets/DOMWebSocketTest.cpp ('k') | third_party/WebKit/Source/modules/websockets/DocumentWebSocketChannelTest.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2013 Google Inc. All rights reserved. 2 * Copyright (C) 2013 Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are 5 * modification, are permitted provided that the following conditions are
6 * met: 6 * met:
7 * 7 *
8 * * Redistributions of source code must retain the above copyright 8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above 10 * * Redistributions in binary form must reproduce the above
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after
93 93
94 void DocumentWebSocketChannel::BlobLoader::cancel() 94 void DocumentWebSocketChannel::BlobLoader::cancel()
95 { 95 {
96 m_loader.cancel(); 96 m_loader.cancel();
97 // didFail will be called immediately. 97 // didFail will be called immediately.
98 // |this| is deleted here. 98 // |this| is deleted here.
99 } 99 }
100 100
101 void DocumentWebSocketChannel::BlobLoader::didFinishLoading() 101 void DocumentWebSocketChannel::BlobLoader::didFinishLoading()
102 { 102 {
103 m_channel->didFinishLoadingBlob(m_loader.arrayBufferResult()); 103 m_channel->didFinishLoadingBlob(m_loader.arrayBufferResultOrNull());
104 // |this| is deleted here. 104 // |this| is deleted here.
105 } 105 }
106 106
107 void DocumentWebSocketChannel::BlobLoader::didFail(FileError::ErrorCode errorCod e) 107 void DocumentWebSocketChannel::BlobLoader::didFail(FileError::ErrorCode errorCod e)
108 { 108 {
109 m_channel->didFailLoadingBlob(errorCode); 109 m_channel->didFailLoadingBlob(errorCode);
110 // |this| is deleted here. 110 // |this| is deleted here.
111 } 111 }
112 112
113 DocumentWebSocketChannel::DocumentWebSocketChannel(Document* document, WebSocket ChannelClient* client, const String& sourceURL, unsigned lineNumber, WebSocketHa ndle *handle) 113 DocumentWebSocketChannel::DocumentWebSocketChannel(Document* document, WebSocket ChannelClient* client, const String& sourceURL, unsigned lineNumber, WebSocketHa ndle *handle)
(...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after
192 192
193 void DocumentWebSocketChannel::send(const DOMArrayBuffer& buffer, unsigned byteO ffset, unsigned byteLength) 193 void DocumentWebSocketChannel::send(const DOMArrayBuffer& buffer, unsigned byteO ffset, unsigned byteLength)
194 { 194 {
195 WTF_LOG(Network, "DocumentWebSocketChannel %p sendArrayBuffer(%p, %u, %u)", this, buffer.data(), byteOffset, byteLength); 195 WTF_LOG(Network, "DocumentWebSocketChannel %p sendArrayBuffer(%p, %u, %u)", this, buffer.data(), byteOffset, byteLength);
196 // FIXME: Change the inspector API to show the entire message instead 196 // FIXME: Change the inspector API to show the entire message instead
197 // of individual frames. 197 // of individual frames.
198 InspectorInstrumentation::didSendWebSocketFrame(document(), m_identifier, We bSocketFrame::OpCodeBinary, true, static_cast<const char*>(buffer.data()) + byte Offset, byteLength); 198 InspectorInstrumentation::didSendWebSocketFrame(document(), m_identifier, We bSocketFrame::OpCodeBinary, true, static_cast<const char*>(buffer.data()) + byte Offset, byteLength);
199 // buffer.slice copies its contents. 199 // buffer.slice copies its contents.
200 // FIXME: Reduce copy by sending the data immediately when we don't need to 200 // FIXME: Reduce copy by sending the data immediately when we don't need to
201 // queue the data. 201 // queue the data.
202 m_messages.append(adoptPtr(new Message(buffer.slice(byteOffset, byteOffset + byteLength)))); 202 RefPtr<DOMArrayBuffer> slice = buffer.sliceOrNull(byteOffset, byteOffset + b yteLength);
203 // TODO(junov): crbug.com/536816
204 // Could we propagate a RangeError exception from here instead the
205 // following assert? Would have to edit the spec to state that exceptions
206 // thrown by ArrayBuffer allocation are re-thrown.
207 RELEASE_ASSERT(slice); // This is an out-of-memory condition.
208 m_messages.append(adoptPtr(new Message(slice.release())));
203 processSendQueue(); 209 processSendQueue();
204 } 210 }
205 211
206 void DocumentWebSocketChannel::sendTextAsCharVector(PassOwnPtr<Vector<char>> dat a) 212 void DocumentWebSocketChannel::sendTextAsCharVector(PassOwnPtr<Vector<char>> dat a)
207 { 213 {
208 WTF_LOG(Network, "DocumentWebSocketChannel %p sendTextAsCharVector(%p, %llu) ", this, data.get(), static_cast<unsigned long long>(data->size())); 214 WTF_LOG(Network, "DocumentWebSocketChannel %p sendTextAsCharVector(%p, %llu) ", this, data.get(), static_cast<unsigned long long>(data->size()));
209 // FIXME: Change the inspector API to show the entire message instead 215 // FIXME: Change the inspector API to show the entire message instead
210 // of individual frames. 216 // of individual frames.
211 InspectorInstrumentation::didSendWebSocketFrame(document(), m_identifier, We bSocketFrame::OpCodeText, true, data->data(), data->size()); 217 InspectorInstrumentation::didSendWebSocketFrame(document(), m_identifier, We bSocketFrame::OpCodeText, true, data->data(), data->size());
212 m_messages.append(adoptPtr(new Message(data, MessageTypeTextAsCharVector))); 218 m_messages.append(adoptPtr(new Message(data, MessageTypeTextAsCharVector)));
(...skipping 342 matching lines...) Expand 10 before | Expand all | Expand 10 after
555 561
556 DEFINE_TRACE(DocumentWebSocketChannel) 562 DEFINE_TRACE(DocumentWebSocketChannel)
557 { 563 {
558 visitor->trace(m_blobLoader); 564 visitor->trace(m_blobLoader);
559 visitor->trace(m_client); 565 visitor->trace(m_client);
560 WebSocketChannel::trace(visitor); 566 WebSocketChannel::trace(visitor);
561 ContextLifecycleObserver::trace(visitor); 567 ContextLifecycleObserver::trace(visitor);
562 } 568 }
563 569
564 } // namespace blink 570 } // namespace blink
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/modules/websockets/DOMWebSocketTest.cpp ('k') | third_party/WebKit/Source/modules/websockets/DocumentWebSocketChannelTest.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698