| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef DBUS_FILE_DESCRIPTOR_H_ | 5 #ifndef DBUS_FILE_DESCRIPTOR_H_ |
| 6 #define DBUS_FILE_DESCRIPTOR_H_ | 6 #define DBUS_FILE_DESCRIPTOR_H_ |
| 7 | 7 |
| 8 #include <memory> | 8 #include <memory> |
| 9 | 9 |
| 10 #include "base/macros.h" | 10 #include "base/move.h" |
| 11 #include "dbus/dbus_export.h" | 11 #include "dbus/dbus_export.h" |
| 12 | 12 |
| 13 namespace dbus { | 13 namespace dbus { |
| 14 | 14 |
| 15 // FileDescriptor is a type used to encapsulate D-Bus file descriptors | 15 // FileDescriptor is a type used to encapsulate D-Bus file descriptors |
| 16 // and to follow the RAII idiom appropiate for use with message operations | 16 // and to follow the RAII idiom appropiate for use with message operations |
| 17 // where the descriptor might be easily leaked. To guard against this the | 17 // where the descriptor might be easily leaked. To guard against this the |
| 18 // descriptor is closed when an instance is destroyed if it is owned. | 18 // descriptor is closed when an instance is destroyed if it is owned. |
| 19 // Ownership is asserted only when PutValue is used and TakeValue can be | 19 // Ownership is asserted only when PutValue is used and TakeValue can be |
| 20 // used to take ownership. | 20 // used to take ownership. |
| 21 // | 21 // |
| 22 // For example, in the following | 22 // For example, in the following |
| 23 // FileDescriptor fd; | 23 // FileDescriptor fd; |
| 24 // if (!reader->PopString(&name) || | 24 // if (!reader->PopString(&name) || |
| 25 // !reader->PopFileDescriptor(&fd) || | 25 // !reader->PopFileDescriptor(&fd) || |
| 26 // !reader->PopUint32(&flags)) { | 26 // !reader->PopUint32(&flags)) { |
| 27 // the descriptor in fd will be closed if the PopUint32 fails. But | 27 // the descriptor in fd will be closed if the PopUint32 fails. But |
| 28 // writer.AppendFileDescriptor(dbus::FileDescriptor(1)); | 28 // writer.AppendFileDescriptor(dbus::FileDescriptor(1)); |
| 29 // will not automatically close "1" because it is not owned. | 29 // will not automatically close "1" because it is not owned. |
| 30 // | 30 // |
| 31 // Descriptors must be validated before marshalling in a D-Bus message | 31 // Descriptors must be validated before marshalling in a D-Bus message |
| 32 // or using them after unmarshalling. We disallow descriptors to a | 32 // or using them after unmarshalling. We disallow descriptors to a |
| 33 // directory to reduce the security risks. Splitting out validation | 33 // directory to reduce the security risks. Splitting out validation |
| 34 // also allows the caller to do this work on the File thread to conform | 34 // also allows the caller to do this work on the File thread to conform |
| 35 // with i/o restrictions. | 35 // with i/o restrictions. |
| 36 class CHROME_DBUS_EXPORT FileDescriptor { | 36 class CHROME_DBUS_EXPORT FileDescriptor { |
| 37 MOVE_ONLY_TYPE_FOR_CPP_03(FileDescriptor); |
| 38 |
| 37 public: | 39 public: |
| 38 // This provides a simple way to pass around file descriptors since they must | 40 // This provides a simple way to pass around file descriptors since they must |
| 39 // be closed on a thread that is allowed to perform I/O. | 41 // be closed on a thread that is allowed to perform I/O. |
| 40 struct Deleter { | 42 struct Deleter { |
| 41 void CHROME_DBUS_EXPORT operator()(FileDescriptor* fd); | 43 void CHROME_DBUS_EXPORT operator()(FileDescriptor* fd); |
| 42 }; | 44 }; |
| 43 | 45 |
| 44 // Permits initialization without a value for passing to | 46 // Permits initialization without a value for passing to |
| 45 // dbus::MessageReader::PopFileDescriptor to fill in and from int values. | 47 // dbus::MessageReader::PopFileDescriptor to fill in and from int values. |
| 46 FileDescriptor() : value_(-1), owner_(false), valid_(false) {} | 48 FileDescriptor() : value_(-1), owner_(false), valid_(false) {} |
| (...skipping 26 matching lines...) Expand all Loading... |
| 73 // We disallow directories to avoid potential sandbox escapes. | 75 // We disallow directories to avoid potential sandbox escapes. |
| 74 // Note this call must be made on a thread where file i/o is allowed. | 76 // Note this call must be made on a thread where file i/o is allowed. |
| 75 void CheckValidity(); | 77 void CheckValidity(); |
| 76 | 78 |
| 77 private: | 79 private: |
| 78 void Swap(FileDescriptor* other); | 80 void Swap(FileDescriptor* other); |
| 79 | 81 |
| 80 int value_; | 82 int value_; |
| 81 bool owner_; | 83 bool owner_; |
| 82 bool valid_; | 84 bool valid_; |
| 83 | |
| 84 DISALLOW_COPY_AND_ASSIGN(FileDescriptor); | |
| 85 }; | 85 }; |
| 86 | 86 |
| 87 using ScopedFileDescriptor = | 87 using ScopedFileDescriptor = |
| 88 std::unique_ptr<FileDescriptor, FileDescriptor::Deleter>; | 88 std::unique_ptr<FileDescriptor, FileDescriptor::Deleter>; |
| 89 | 89 |
| 90 } // namespace dbus | 90 } // namespace dbus |
| 91 | 91 |
| 92 #endif // DBUS_FILE_DESCRIPTOR_H_ | 92 #endif // DBUS_FILE_DESCRIPTOR_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2047633002:
Revert of Remove base/move.h (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master