Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(103)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_win.cc

Issue 155359: Add some CHECKs to track down the source of a NULL deref in the SSLClientSocketWin code. (Closed)
Patch Set: Created 11 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/http/http_network_transaction.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/ssl_client_socket_win.h" 5 #include "net/socket/ssl_client_socket_win.h"
6 6
7 #include <schnlsp.h> 7 #include <schnlsp.h>
8 8
9 #include "base/lock.h" 9 #include "base/lock.h"
10 #include "base/singleton.h" 10 #include "base/singleton.h"
(...skipping 525 matching lines...) Expand 10 before | Expand all | Expand 10 after
536 decrypted_ptr_ = NULL; 536 decrypted_ptr_ = NULL;
537 if (bytes_received_ != 0) { 537 if (bytes_received_ != 0) {
538 memmove(recv_buffer_.get(), received_ptr_, bytes_received_); 538 memmove(recv_buffer_.get(), received_ptr_, bytes_received_);
539 received_ptr_ = recv_buffer_.get(); 539 received_ptr_ = recv_buffer_.get();
540 } 540 }
541 } 541 }
542 return len; 542 return len;
543 } 543 }
544 544
545 DCHECK(!user_buf_); 545 DCHECK(!user_buf_);
546 // http://crbug.com/16371: We're seeing |buf->data()| return NULL. See if the
547 // user is passing in an IOBuffer with a NULL |data_|.
548 CHECK(buf);
549 CHECK(buf->data());
546 user_buf_ = buf; 550 user_buf_ = buf;
547 user_buf_len_ = buf_len; 551 user_buf_len_ = buf_len;
548 552
549 SetNextStateForRead(); 553 SetNextStateForRead();
550 int rv = DoLoop(OK); 554 int rv = DoLoop(OK);
551 if (rv == ERR_IO_PENDING) { 555 if (rv == ERR_IO_PENDING) {
552 user_callback_ = callback; 556 user_callback_ = callback;
553 } else { 557 } else {
554 user_buf_ = NULL; 558 user_buf_ = NULL;
555 } 559 }
(...skipping 636 matching lines...) Expand 10 before | Expand all | Expand 10 after
1192 } 1196 }
1193 } 1197 }
1194 1198
1195 void SSLClientSocketWin::FreeSendBuffer() { 1199 void SSLClientSocketWin::FreeSendBuffer() {
1196 SECURITY_STATUS status = FreeContextBuffer(send_buffer_.pvBuffer); 1200 SECURITY_STATUS status = FreeContextBuffer(send_buffer_.pvBuffer);
1197 DCHECK(status == SEC_E_OK); 1201 DCHECK(status == SEC_E_OK);
1198 memset(&send_buffer_, 0, sizeof(send_buffer_)); 1202 memset(&send_buffer_, 0, sizeof(send_buffer_));
1199 } 1203 }
1200 1204
1201 } // namespace net 1205 } // namespace net
OLDNEW
« no previous file with comments | « net/http/http_network_transaction.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698