| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_network_transaction.h" | 5 #include "net/http/http_network_transaction.h" |
| 6 | 6 |
| 7 #include "base/scoped_ptr.h" | 7 #include "base/scoped_ptr.h" |
| 8 #include "base/compiler_specific.h" | 8 #include "base/compiler_specific.h" |
| 9 #include "base/field_trial.h" | 9 #include "base/field_trial.h" |
| 10 #include "base/string_util.h" | 10 #include "base/string_util.h" |
| (...skipping 336 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 347 // when establishing a tunnel because they might be controlled by an active | 347 // when establishing a tunnel because they might be controlled by an active |
| 348 // network attacker. We don't worry about this for HTTP because an active | 348 // network attacker. We don't worry about this for HTTP because an active |
| 349 // network attacker can already control HTTP sessions. | 349 // network attacker can already control HTTP sessions. |
| 350 // We reach this case when the user cancels a 407 proxy auth prompt. | 350 // We reach this case when the user cancels a 407 proxy auth prompt. |
| 351 // See http://crbug.com/8473 | 351 // See http://crbug.com/8473 |
| 352 DCHECK(response_.headers->response_code() == 407); | 352 DCHECK(response_.headers->response_code() == 407); |
| 353 LogBlockedTunnelResponse(response_.headers->response_code()); | 353 LogBlockedTunnelResponse(response_.headers->response_code()); |
| 354 return ERR_TUNNEL_CONNECTION_FAILED; | 354 return ERR_TUNNEL_CONNECTION_FAILED; |
| 355 } | 355 } |
| 356 | 356 |
| 357 // http://crbug.com/16371: We're seeing |user_buf_->data()| return NULL. |
| 358 // See if the user is passing in an IOBuffer with a NULL |data_|. |
| 359 CHECK(buf); |
| 360 CHECK(buf->data()); |
| 361 |
| 357 read_buf_ = buf; | 362 read_buf_ = buf; |
| 358 read_buf_len_ = buf_len; | 363 read_buf_len_ = buf_len; |
| 359 | 364 |
| 360 next_state_ = STATE_READ_BODY; | 365 next_state_ = STATE_READ_BODY; |
| 361 int rv = DoLoop(OK); | 366 int rv = DoLoop(OK); |
| 362 if (rv == ERR_IO_PENDING) | 367 if (rv == ERR_IO_PENDING) |
| 363 user_callback_ = callback; | 368 user_callback_ = callback; |
| 364 return rv; | 369 return rv; |
| 365 } | 370 } |
| 366 | 371 |
| (...skipping 438 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 805 | 810 |
| 806 // Grow the read buffer if necessary. | 811 // Grow the read buffer if necessary. |
| 807 if (header_buf_len_ == header_buf_capacity_) { | 812 if (header_buf_len_ == header_buf_capacity_) { |
| 808 header_buf_capacity_ += kHeaderBufInitialSize; | 813 header_buf_capacity_ += kHeaderBufInitialSize; |
| 809 header_buf_->Realloc(header_buf_capacity_); | 814 header_buf_->Realloc(header_buf_capacity_); |
| 810 } | 815 } |
| 811 | 816 |
| 812 int buf_len = header_buf_capacity_ - header_buf_len_; | 817 int buf_len = header_buf_capacity_ - header_buf_len_; |
| 813 header_buf_->set_data(header_buf_len_); | 818 header_buf_->set_data(header_buf_len_); |
| 814 | 819 |
| 820 // http://crbug.com/16371: We're seeing |user_buf_->data()| return NULL. |
| 821 // See if the user is passing in an IOBuffer with a NULL |data_|. |
| 822 CHECK(header_buf_->data()); |
| 823 |
| 815 return http_stream_->Read(header_buf_, buf_len, &io_callback_); | 824 return http_stream_->Read(header_buf_, buf_len, &io_callback_); |
| 816 } | 825 } |
| 817 | 826 |
| 818 int HttpNetworkTransaction::HandleConnectionClosedBeforeEndOfHeaders() { | 827 int HttpNetworkTransaction::HandleConnectionClosedBeforeEndOfHeaders() { |
| 819 if (establishing_tunnel_) { | 828 if (establishing_tunnel_) { |
| 820 // The connection was closed before the tunnel could be established. | 829 // The connection was closed before the tunnel could be established. |
| 821 return ERR_TUNNEL_CONNECTION_FAILED; | 830 return ERR_TUNNEL_CONNECTION_FAILED; |
| 822 } | 831 } |
| 823 | 832 |
| 824 if (has_found_status_line_start()) { | 833 if (has_found_status_line_start()) { |
| (...skipping 944 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1769 host_and_port = proxy_info_.proxy_server().host_and_port(); | 1778 host_and_port = proxy_info_.proxy_server().host_and_port(); |
| 1770 } else { | 1779 } else { |
| 1771 DCHECK(target == HttpAuth::AUTH_SERVER); | 1780 DCHECK(target == HttpAuth::AUTH_SERVER); |
| 1772 host_and_port = GetHostAndPort(request_->url); | 1781 host_and_port = GetHostAndPort(request_->url); |
| 1773 } | 1782 } |
| 1774 auth_info->host_and_port = ASCIIToWide(host_and_port); | 1783 auth_info->host_and_port = ASCIIToWide(host_and_port); |
| 1775 response_.auth_challenge = auth_info; | 1784 response_.auth_challenge = auth_info; |
| 1776 } | 1785 } |
| 1777 | 1786 |
| 1778 } // namespace net | 1787 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 155359:
Add some CHECKs to track down the source of a NULL deref in the SSLClientSocketWin code. (Closed)
