Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(980)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: mojo/edk/system/channel_win.cc

Issue 1985523002: [mojo-edk] Better validation of untrusted message data (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « mojo/edk/system/channel_posix.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "mojo/edk/system/channel.h" 5 #include "mojo/edk/system/channel.h"
6 6
7 #include <stdint.h> 7 #include <stdint.h>
8 #include <windows.h> 8 #include <windows.h>
9 9
10 #include <algorithm> 10 #include <algorithm>
11 #include <deque> 11 #include <deque>
12 #include <limits>
12 #include <memory> 13 #include <memory>
13 14
14 #include "base/bind.h" 15 #include "base/bind.h"
15 #include "base/location.h" 16 #include "base/location.h"
16 #include "base/macros.h" 17 #include "base/macros.h"
17 #include "base/memory/ref_counted.h" 18 #include "base/memory/ref_counted.h"
18 #include "base/message_loop/message_loop.h" 19 #include "base/message_loop/message_loop.h"
19 #include "base/synchronization/lock.h" 20 #include "base/synchronization/lock.h"
20 #include "base/task_runner.h" 21 #include "base/task_runner.h"
21 #include "mojo/edk/embedder/platform_handle_vector.h" 22 #include "mojo/edk/embedder/platform_handle_vector.h"
(...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after
107 reject_writes_ = write_error = true; 108 reject_writes_ = write_error = true;
108 } 109 }
109 if (write_error) { 110 if (write_error) {
110 // Do not synchronously invoke OnError(). Write() may have been called by 111 // Do not synchronously invoke OnError(). Write() may have been called by
111 // the delegate and we don't want to re-enter it. 112 // the delegate and we don't want to re-enter it.
112 io_task_runner_->PostTask(FROM_HERE, 113 io_task_runner_->PostTask(FROM_HERE,
113 base::Bind(&ChannelWin::OnError, this)); 114 base::Bind(&ChannelWin::OnError, this));
114 } 115 }
115 } 116 }
116 117
117 ScopedPlatformHandleVectorPtr GetReadPlatformHandles( 118 bool GetReadPlatformHandles(
118 size_t num_handles, 119 size_t num_handles,
119 const void* extra_header, 120 const void* extra_header,
120 size_t extra_header_size) override { 121 size_t extra_header_size,
122 ScopedPlatformHandleVectorPtr* handles) override {
123 if (num_handles > std::numeric_limits<uint16_t>::max())
124 return false;
121 size_t handles_size = sizeof(PlatformHandle) * num_handles; 125 size_t handles_size = sizeof(PlatformHandle) * num_handles;
122 if (handles_size > extra_header_size) 126 if (handles_size > extra_header_size)
123 return nullptr; 127 return false;
124 128 DCHECK(extra_header);
125 ScopedPlatformHandleVectorPtr handles( 129 handles->reset(new PlatformHandleVector(num_handles));
126 new PlatformHandleVector(num_handles)); 130 memcpy((*handles)->data(), extra_header, handles_size);
127 memcpy(handles->data(), extra_header, handles_size); 131 return true;
128 return handles;
129 } 132 }
130 133
131 private: 134 private:
132 // May run on any thread. 135 // May run on any thread.
133 ~ChannelWin() override { 136 ~ChannelWin() override {
134 // This is intentionally not 0. If another object is constructed on top of 137 // This is intentionally not 0. If another object is constructed on top of
135 // this memory, it is likely to initialise values to 0. Using a non-zero 138 // this memory, it is likely to initialise values to 0. Using a non-zero
136 // value lets us detect the difference between just destroying, and 139 // value lets us detect the difference between just destroying, and
137 // re-allocating the memory. 140 // re-allocating the memory.
138 sentinel_ = UINTPTR_MAX; 141 sentinel_ = UINTPTR_MAX;
(...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after
312 // static 315 // static
313 scoped_refptr<Channel> Channel::Create( 316 scoped_refptr<Channel> Channel::Create(
314 Delegate* delegate, 317 Delegate* delegate,
315 ScopedPlatformHandle platform_handle, 318 ScopedPlatformHandle platform_handle,
316 scoped_refptr<base::TaskRunner> io_task_runner) { 319 scoped_refptr<base::TaskRunner> io_task_runner) {
317 return new ChannelWin(delegate, std::move(platform_handle), io_task_runner); 320 return new ChannelWin(delegate, std::move(platform_handle), io_task_runner);
318 } 321 }
319 322
320 } // namespace edk 323 } // namespace edk
321 } // namespace mojo 324 } // namespace mojo
OLDNEW
« no previous file with comments | « mojo/edk/system/channel_posix.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698