OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "mojo/edk/system/channel.h" | 5 #include "mojo/edk/system/channel.h" |
6 | 6 |
7 #include <string.h> | 7 #include <string.h> |
8 | 8 |
9 #include <algorithm> | 9 #include <algorithm> |
10 #include <limits> | 10 #include <limits> |
(...skipping 132 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
143 if (header->num_bytes < header->num_header_bytes) { | 143 if (header->num_bytes < header->num_header_bytes) { |
144 DLOG(ERROR) << "Decoding invalid message: " << header->num_bytes << " < " | 144 DLOG(ERROR) << "Decoding invalid message: " << header->num_bytes << " < " |
145 << header->num_header_bytes; | 145 << header->num_header_bytes; |
146 return nullptr; | 146 return nullptr; |
147 } | 147 } |
148 | 148 |
149 uint32_t extra_header_size = header->num_header_bytes - sizeof(Header); | 149 uint32_t extra_header_size = header->num_header_bytes - sizeof(Header); |
150 #if defined(OS_WIN) | 150 #if defined(OS_WIN) |
151 uint32_t max_handles = extra_header_size / sizeof(PlatformHandle); | 151 uint32_t max_handles = extra_header_size / sizeof(PlatformHandle); |
152 #elif defined(OS_MACOSX) && !defined(OS_IOS) | 152 #elif defined(OS_MACOSX) && !defined(OS_IOS) |
153 uint32_t max_handles = extra_header_size / sizeof(MachPortsEntry); | 153 uint32_t max_handles = (extra_header_size - sizeof(MachPortsExtraHeader)) / |
| 154 sizeof(MachPortsEntry); |
154 #endif | 155 #endif |
155 if (header->num_handles > max_handles) { | 156 if (header->num_handles > max_handles) { |
156 DLOG(ERROR) << "Decoding invalid message:" << header->num_handles | 157 DLOG(ERROR) << "Decoding invalid message:" << header->num_handles |
157 << " > " << max_handles; | 158 << " > " << max_handles; |
158 return nullptr; | 159 return nullptr; |
159 } | 160 } |
160 | 161 |
161 MessagePtr message(new Message(data_num_bytes - header->num_header_bytes, | 162 MessagePtr message(new Message(data_num_bytes - header->num_header_bytes, |
162 max_handles)); | 163 max_handles)); |
163 DCHECK_EQ(message->data_num_bytes(), data_num_bytes); | 164 DCHECK_EQ(message->data_num_bytes(), data_num_bytes); |
164 DCHECK_EQ(message->extra_header_size(), extra_header_size); | 165 DCHECK_EQ(message->extra_header_size(), extra_header_size); |
165 DCHECK_EQ(message->header_->num_header_bytes, header->num_header_bytes); | 166 DCHECK_EQ(message->header_->num_header_bytes, header->num_header_bytes); |
166 | 167 |
167 // Copy all payload bytes. | 168 if (data_num_bytes > header->num_header_bytes) { |
168 memcpy(message->mutable_payload(), | 169 // Copy all payload bytes. |
169 static_cast<const char*>(data) + header->num_header_bytes, | 170 memcpy(message->mutable_payload(), |
170 data_num_bytes - header->num_header_bytes); | 171 static_cast<const char*>(data) + header->num_header_bytes, |
171 // Copy extra header bytes. | 172 data_num_bytes - header->num_header_bytes); |
172 memcpy(message->mutable_extra_header(), | 173 } |
173 static_cast<const char*>(data) + sizeof(Header), | 174 |
174 message->extra_header_size()); | 175 if (message->extra_header_size()) { |
| 176 // Copy extra header bytes. |
| 177 memcpy(message->mutable_extra_header(), |
| 178 static_cast<const char*>(data) + sizeof(Header), |
| 179 message->extra_header_size()); |
| 180 } |
| 181 |
175 message->header_->num_handles = header->num_handles; | 182 message->header_->num_handles = header->num_handles; |
176 | 183 |
177 return message; | 184 return message; |
178 #endif | 185 #endif |
179 } | 186 } |
180 | 187 |
181 size_t Channel::Message::payload_size() const { | 188 size_t Channel::Message::payload_size() const { |
182 #if defined(OS_CHROMEOS) || defined(OS_ANDROID) | 189 #if defined(OS_CHROMEOS) || defined(OS_ANDROID) |
183 return header_->num_bytes - sizeof(Header); | 190 return header_->num_bytes - sizeof(Header); |
184 #else | 191 #else |
(...skipping 338 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
523 return true; | 530 return true; |
524 } | 531 } |
525 | 532 |
526 #if defined(OS_CHROMEOS) || defined(OS_ANDROID) | 533 #if defined(OS_CHROMEOS) || defined(OS_ANDROID) |
527 size_t extra_header_size = 0; | 534 size_t extra_header_size = 0; |
528 const void* extra_header = nullptr; | 535 const void* extra_header = nullptr; |
529 size_t payload_size = header->num_bytes - sizeof(Message::Header); | 536 size_t payload_size = header->num_bytes - sizeof(Message::Header); |
530 void* payload = payload_size ? const_cast<Message::Header*>(&header[1]) | 537 void* payload = payload_size ? const_cast<Message::Header*>(&header[1]) |
531 : nullptr; | 538 : nullptr; |
532 #else | 539 #else |
| 540 if (header->num_header_bytes < sizeof(Message::Header) || |
| 541 header->num_header_bytes > header->num_bytes) { |
| 542 LOG(ERROR) << "Invalid message header size: " << header->num_header_bytes; |
| 543 return false; |
| 544 } |
533 size_t extra_header_size = | 545 size_t extra_header_size = |
534 header->num_header_bytes - sizeof(Message::Header); | 546 header->num_header_bytes - sizeof(Message::Header); |
535 const void* extra_header = header + 1; | 547 const void* extra_header = extra_header_size ? header + 1 : nullptr; |
536 size_t payload_size = header->num_bytes - header->num_header_bytes; | 548 size_t payload_size = header->num_bytes - header->num_header_bytes; |
537 void* payload = | 549 void* payload = |
538 payload_size ? reinterpret_cast<Message::Header*>( | 550 payload_size ? reinterpret_cast<Message::Header*>( |
539 const_cast<char*>(read_buffer_->occupied_bytes()) + | 551 const_cast<char*>(read_buffer_->occupied_bytes()) + |
540 header->num_header_bytes) | 552 header->num_header_bytes) |
541 : nullptr; | 553 : nullptr; |
542 #endif // defined(OS_CHROMEOS) || defined(OS_ANDROID) | 554 #endif // defined(OS_CHROMEOS) || defined(OS_ANDROID) |
543 | 555 |
544 ScopedPlatformHandleVectorPtr handles; | 556 ScopedPlatformHandleVectorPtr handles; |
545 if (header->num_handles > 0) { | 557 if (header->num_handles > 0) { |
546 handles = GetReadPlatformHandles(header->num_handles, extra_header, | 558 if (!GetReadPlatformHandles(header->num_handles, extra_header, |
547 extra_header_size); | 559 extra_header_size, &handles)) { |
| 560 return false; |
| 561 } |
| 562 |
548 if (!handles) { | 563 if (!handles) { |
549 // Not enough handles available for this message. | 564 // Not enough handles available for this message. |
550 break; | 565 break; |
551 } | 566 } |
552 } | 567 } |
553 | 568 |
554 // We've got a complete message! Dispatch it and try another. | 569 // We've got a complete message! Dispatch it and try another. |
555 if (header->message_type != Message::Header::MessageType::NORMAL) { | 570 if (header->message_type != Message::Header::MessageType::NORMAL) { |
556 OnControlMessage(header->message_type, payload, payload_size, | 571 if (!OnControlMessage(header->message_type, payload, payload_size, |
557 std::move(handles)); | 572 std::move(handles))) { |
| 573 return false; |
| 574 } |
558 did_dispatch_message = true; | 575 did_dispatch_message = true; |
559 } else if (delegate_) { | 576 } else if (delegate_) { |
560 delegate_->OnChannelMessage(payload, payload_size, std::move(handles)); | 577 delegate_->OnChannelMessage(payload, payload_size, std::move(handles)); |
561 did_dispatch_message = true; | 578 did_dispatch_message = true; |
562 } | 579 } |
563 | 580 |
564 read_buffer_->Discard(header->num_bytes); | 581 read_buffer_->Discard(header->num_bytes); |
565 } | 582 } |
566 | 583 |
567 *next_read_size_hint = did_dispatch_message ? 0 : kReadBufferSize; | 584 *next_read_size_hint = did_dispatch_message ? 0 : kReadBufferSize; |
568 return true; | 585 return true; |
569 } | 586 } |
570 | 587 |
571 void Channel::OnError() { | 588 void Channel::OnError() { |
572 if (delegate_) | 589 if (delegate_) |
573 delegate_->OnChannelError(); | 590 delegate_->OnChannelError(); |
574 } | 591 } |
575 | 592 |
| 593 bool Channel::OnControlMessage(Message::Header::MessageType message_type, |
| 594 const void* payload, |
| 595 size_t payload_size, |
| 596 ScopedPlatformHandleVectorPtr handles) { |
| 597 return false; |
| 598 } |
| 599 |
576 } // namespace edk | 600 } // namespace edk |
577 } // namespace mojo | 601 } // namespace mojo |
OLD | NEW |