Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(825)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: mojo/edk/system/channel_win.cc

Issue 1997453002: [mojo-edk] Better validation of untrusted message data (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@2704
Patch Set: Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « mojo/edk/system/channel_posix.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "mojo/edk/system/channel.h" 5 #include "mojo/edk/system/channel.h"
6 6
7 #include <stdint.h> 7 #include <stdint.h>
8 #include <windows.h> 8 #include <windows.h>
9 9
10 #include <algorithm> 10 #include <algorithm>
11 #include <deque> 11 #include <deque>
12 #include <limits>
13 #include <memory>
12 14
13 #include "base/bind.h" 15 #include "base/bind.h"
14 #include "base/location.h" 16 #include "base/location.h"
15 #include "base/macros.h" 17 #include "base/macros.h"
16 #include "base/memory/ref_counted.h" 18 #include "base/memory/ref_counted.h"
17 #include "base/memory/scoped_ptr.h" 19 #include "base/memory/scoped_ptr.h"
18 #include "base/message_loop/message_loop.h" 20 #include "base/message_loop/message_loop.h"
19 #include "base/synchronization/lock.h" 21 #include "base/synchronization/lock.h"
20 #include "base/task_runner.h" 22 #include "base/task_runner.h"
21 #include "mojo/edk/embedder/platform_handle_vector.h" 23 #include "mojo/edk/embedder/platform_handle_vector.h"
(...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after
112 reject_writes_ = write_error = true; 114 reject_writes_ = write_error = true;
113 } 115 }
114 if (write_error) { 116 if (write_error) {
115 // Do not synchronously invoke OnError(). Write() may have been called by 117 // Do not synchronously invoke OnError(). Write() may have been called by
116 // the delegate and we don't want to re-enter it. 118 // the delegate and we don't want to re-enter it.
117 io_task_runner_->PostTask(FROM_HERE, 119 io_task_runner_->PostTask(FROM_HERE,
118 base::Bind(&ChannelWin::OnError, this)); 120 base::Bind(&ChannelWin::OnError, this));
119 } 121 }
120 } 122 }
121 123
122 ScopedPlatformHandleVectorPtr GetReadPlatformHandles( 124 bool GetReadPlatformHandles(
123 size_t num_handles, 125 size_t num_handles,
124 const void* extra_header, 126 const void* extra_header,
125 size_t extra_header_size) override { 127 size_t extra_header_size,
128 ScopedPlatformHandleVectorPtr* handles) override {
129 if (num_handles > std::numeric_limits<uint16_t>::max())
130 return false;
126 size_t handles_size = sizeof(PlatformHandle) * num_handles; 131 size_t handles_size = sizeof(PlatformHandle) * num_handles;
127 if (handles_size > extra_header_size) 132 if (handles_size > extra_header_size)
128 return nullptr; 133 return false;
129 134 DCHECK(extra_header);
130 ScopedPlatformHandleVectorPtr handles( 135 handles->reset(new PlatformHandleVector(num_handles));
131 new PlatformHandleVector(num_handles)); 136 memcpy((*handles)->data(), extra_header, handles_size);
132 memcpy(handles->data(), extra_header, handles_size); 137 return true;
133 return handles;
134 } 138 }
135 139
136 private: 140 private:
137 // May run on any thread. 141 // May run on any thread.
138 ~ChannelWin() override { 142 ~ChannelWin() override {
139 // This is intentionally not 0. If another object is constructed on top of 143 // This is intentionally not 0. If another object is constructed on top of
140 // this memory, it is likely to initialise values to 0. Using a non-zero 144 // this memory, it is likely to initialise values to 0. Using a non-zero
141 // value lets us detect the difference between just destroying, and 145 // value lets us detect the difference between just destroying, and
142 // re-allocating the memory. 146 // re-allocating the memory.
143 sentinel_ = UINTPTR_MAX; 147 sentinel_ = UINTPTR_MAX;
(...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after
317 // static 321 // static
318 scoped_refptr<Channel> Channel::Create( 322 scoped_refptr<Channel> Channel::Create(
319 Delegate* delegate, 323 Delegate* delegate,
320 ScopedPlatformHandle platform_handle, 324 ScopedPlatformHandle platform_handle,
321 scoped_refptr<base::TaskRunner> io_task_runner) { 325 scoped_refptr<base::TaskRunner> io_task_runner) {
322 return new ChannelWin(delegate, std::move(platform_handle), io_task_runner); 326 return new ChannelWin(delegate, std::move(platform_handle), io_task_runner);
323 } 327 }
324 328
325 } // namespace edk 329 } // namespace edk
326 } // namespace mojo 330 } // namespace mojo
OLDNEW
« no previous file with comments | « mojo/edk/system/channel_posix.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698