Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(457)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: mojo/edk/system/ports/message.cc

Issue 1988413002: [mojo-edk] Sanity checks on ports message parsing (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@2704
Patch Set: Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « mojo/edk/system/ports/message.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <stdlib.h> 5 #include <stdlib.h>
6 6
7 #include <limits> 7 #include <limits>
8 8
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "mojo/edk/system/ports/event.h" 10 #include "mojo/edk/system/ports/event.h"
11 11
12 namespace mojo { 12 namespace mojo {
13 namespace edk { 13 namespace edk {
14 namespace ports { 14 namespace ports {
15 15
16 // static 16 // static
17 void Message::Parse(const void* bytes, 17 bool Message::Parse(const void* bytes,
18 size_t num_bytes, 18 size_t num_bytes,
19 size_t* num_header_bytes, 19 size_t* num_header_bytes,
20 size_t* num_payload_bytes, 20 size_t* num_payload_bytes,
21 size_t* num_ports_bytes) { 21 size_t* num_ports_bytes) {
22 if (num_bytes < sizeof(EventHeader))
23 return false;
22 const EventHeader* header = static_cast<const EventHeader*>(bytes); 24 const EventHeader* header = static_cast<const EventHeader*>(bytes);
23 switch (header->type) { 25 switch (header->type) {
24 case EventType::kUser: 26 case EventType::kUser:
25 // See below. 27 // See below.
26 break; 28 break;
27 case EventType::kPortAccepted: 29 case EventType::kPortAccepted:
28 *num_header_bytes = sizeof(EventHeader); 30 *num_header_bytes = sizeof(EventHeader);
29 break; 31 break;
30 case EventType::kObserveProxy: 32 case EventType::kObserveProxy:
31 *num_header_bytes = sizeof(EventHeader) + sizeof(ObserveProxyEventData); 33 *num_header_bytes = sizeof(EventHeader) + sizeof(ObserveProxyEventData);
32 break; 34 break;
33 case EventType::kObserveProxyAck: 35 case EventType::kObserveProxyAck:
34 *num_header_bytes = 36 *num_header_bytes =
35 sizeof(EventHeader) + sizeof(ObserveProxyAckEventData); 37 sizeof(EventHeader) + sizeof(ObserveProxyAckEventData);
36 break; 38 break;
37 case EventType::kObserveClosure: 39 case EventType::kObserveClosure:
38 *num_header_bytes = sizeof(EventHeader) + sizeof(ObserveClosureEventData); 40 *num_header_bytes = sizeof(EventHeader) + sizeof(ObserveClosureEventData);
39 break; 41 break;
40 case EventType::kMergePort: 42 case EventType::kMergePort:
41 *num_header_bytes = sizeof(EventHeader) + sizeof(MergePortEventData); 43 *num_header_bytes = sizeof(EventHeader) + sizeof(MergePortEventData);
42 break; 44 break;
43 default: 45 default:
44 CHECK(false) << "Bad event type"; 46 return false;
45 return;
46 } 47 }
47 48
48 if (header->type == EventType::kUser) { 49 if (header->type == EventType::kUser) {
50 if (num_bytes < sizeof(EventHeader) + sizeof(UserEventData))
51 return false;
49 const UserEventData* event_data = 52 const UserEventData* event_data =
50 reinterpret_cast<const UserEventData*>( 53 reinterpret_cast<const UserEventData*>(
51 reinterpret_cast<const char*>(header + 1)); 54 reinterpret_cast<const char*>(header + 1));
55 if (event_data->num_ports > std::numeric_limits<uint16_t>::max())
56 return false;
52 *num_header_bytes = sizeof(EventHeader) + 57 *num_header_bytes = sizeof(EventHeader) +
53 sizeof(UserEventData) + 58 sizeof(UserEventData) +
54 event_data->num_ports * sizeof(PortDescriptor); 59 event_data->num_ports * sizeof(PortDescriptor);
55 *num_ports_bytes = event_data->num_ports * sizeof(PortName); 60 *num_ports_bytes = event_data->num_ports * sizeof(PortName);
61 if (num_bytes < *num_header_bytes + *num_ports_bytes)
62 return false;
56 *num_payload_bytes = num_bytes - *num_header_bytes - *num_ports_bytes; 63 *num_payload_bytes = num_bytes - *num_header_bytes - *num_ports_bytes;
57 } else { 64 } else {
65 if (*num_header_bytes != num_bytes)
66 return false;
58 *num_payload_bytes = 0; 67 *num_payload_bytes = 0;
59 *num_ports_bytes = 0; 68 *num_ports_bytes = 0;
60 DCHECK_EQ(num_bytes, *num_header_bytes);
61 } 69 }
70
71 return true;
62 } 72 }
63 73
64 Message::Message(size_t num_payload_bytes, size_t num_ports) 74 Message::Message(size_t num_payload_bytes, size_t num_ports)
65 : Message(sizeof(EventHeader) + sizeof(UserEventData) + 75 : Message(sizeof(EventHeader) + sizeof(UserEventData) +
66 num_ports * sizeof(PortDescriptor), 76 num_ports * sizeof(PortDescriptor),
67 num_payload_bytes, num_ports * sizeof(PortName)) { 77 num_payload_bytes, num_ports * sizeof(PortName)) {
68 num_ports_ = num_ports; 78 num_ports_ = num_ports;
69 } 79 }
70 80
71 Message::Message(size_t num_header_bytes, 81 Message::Message(size_t num_header_bytes,
72 size_t num_payload_bytes, 82 size_t num_payload_bytes,
73 size_t num_ports_bytes) 83 size_t num_ports_bytes)
74 : start_(nullptr), 84 : start_(nullptr),
75 num_header_bytes_(num_header_bytes), 85 num_header_bytes_(num_header_bytes),
76 num_ports_bytes_(num_ports_bytes), 86 num_ports_bytes_(num_ports_bytes),
77 num_payload_bytes_(num_payload_bytes) { 87 num_payload_bytes_(num_payload_bytes) {
78 } 88 }
79 89
80 void Message::InitializeUserMessageHeader(void* start) { 90 void Message::InitializeUserMessageHeader(void* start) {
81 start_ = static_cast<char*>(start); 91 start_ = static_cast<char*>(start);
82 memset(start_, 0, num_header_bytes_); 92 memset(start_, 0, num_header_bytes_);
83 GetMutableEventHeader(this)->type = EventType::kUser; 93 GetMutableEventHeader(this)->type = EventType::kUser;
84 GetMutableEventData<UserEventData>(this)->num_ports = 94 GetMutableEventData<UserEventData>(this)->num_ports =
85 static_cast<uint32_t>(num_ports_); 95 static_cast<uint32_t>(num_ports_);
86 } 96 }
87 97
88 } // namespace ports 98 } // namespace ports
89 } // namespace edk 99 } // namespace edk
90 } // namespace mojo 100 } // namespace mojo
OLDNEW
« no previous file with comments | « mojo/edk/system/ports/message.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698