| Index: mojo/public/cpp/bindings/lib/validation_util.h
|
| diff --git a/mojo/public/cpp/bindings/lib/validation_util.h b/mojo/public/cpp/bindings/lib/validation_util.h
|
| index 5f7dc3781fad0a1d107dc59ccd3110518641d9bd..d5182f3366d0a119d70c7e1151eabe921390cf67 100644
|
| --- a/mojo/public/cpp/bindings/lib/validation_util.h
|
| +++ b/mojo/public/cpp/bindings/lib/validation_util.h
|
| @@ -8,9 +8,9 @@
|
| #include <stdint.h>
|
|
|
| #include "mojo/public/cpp/bindings/lib/bindings_internal.h"
|
| -#include "mojo/public/cpp/bindings/lib/bounds_checker.h"
|
| #include "mojo/public/cpp/bindings/lib/serialization_util.h"
|
| #include "mojo/public/cpp/bindings/lib/validate_params.h"
|
| +#include "mojo/public/cpp/bindings/lib/validation_context.h"
|
| #include "mojo/public/cpp/bindings/lib/validation_errors.h"
|
| #include "mojo/public/cpp/bindings/message.h"
|
|
|
| @@ -25,124 +25,144 @@ bool ValidateEncodedPointer(const uint64_t* offset);
|
| // and size (i.e., the |num_bytes| field of the header is sufficient for storing
|
| // the header itself). Besides, it checks that the memory range
|
| // [data, data + num_bytes) is not marked as occupied by other objects in
|
| -// |bounds_checker|. On success, the memory range is marked as occupied.
|
| +// |validation_context|. On success, the memory range is marked as occupied.
|
| // Note: Does not verify |version| or that |num_bytes| is correct for the
|
| // claimed version.
|
| bool ValidateStructHeaderAndClaimMemory(const void* data,
|
| - BoundsChecker* bounds_checker);
|
| + ValidationContext* validation_context);
|
|
|
| // Validates that |data| contains a valid union header, in terms of alignment
|
| // and size. If not inlined, it checks that the memory range
|
| // [data, data + num_bytes) is not marked as occupied by other objects in
|
| -// |bounds_checker|. On success, the memory range is marked as occupied.
|
| +// |validation_context|. On success, the memory range is marked as occupied.
|
| bool ValidateUnionHeaderAndClaimMemory(const void* data,
|
| bool inlined,
|
| - BoundsChecker* bounds_checker);
|
| + ValidationContext* validation_context);
|
|
|
| // Validates that the message is a request which doesn't expect a response.
|
| -bool ValidateMessageIsRequestWithoutResponse(const Message* message);
|
| +bool ValidateMessageIsRequestWithoutResponse(
|
| + const Message* message,
|
| + ValidationContext* validation_context);
|
| +
|
| // Validates that the message is a request expecting a response.
|
| -bool ValidateMessageIsRequestExpectingResponse(const Message* message);
|
| +bool ValidateMessageIsRequestExpectingResponse(
|
| + const Message* message,
|
| + ValidationContext* validation_context);
|
| +
|
| // Validates that the message is a response.
|
| -bool ValidateMessageIsResponse(const Message* message);
|
| +bool ValidateMessageIsResponse(const Message* message,
|
| + ValidationContext* validation_context);
|
|
|
| // Validates that the message payload is a valid struct of type ParamsType.
|
| template <typename ParamsType>
|
| -bool ValidateMessagePayload(const Message* message) {
|
| - BoundsChecker bounds_checker(message->payload(), message->payload_num_bytes(),
|
| - message->handles()->size());
|
| - return ParamsType::Validate(message->payload(), &bounds_checker);
|
| +bool ValidateMessagePayload(const Message* message,
|
| + ValidationContext* validation_context) {
|
| + return ParamsType::Validate(message->payload(), validation_context);
|
| }
|
|
|
| // The following methods validate control messages defined in
|
| // interface_control_messages.mojom.
|
| -bool ValidateControlRequest(const Message* message);
|
| -bool ValidateControlResponse(const Message* message);
|
| +bool ValidateControlRequest(const Message* message,
|
| + ValidationContext* validation_context);
|
| +bool ValidateControlResponse(const Message* message,
|
| + ValidationContext* validation_context);
|
|
|
| // The following Validate.*NonNullable() functions validate that the given
|
| // |input| is not null/invalid.
|
| template <typename T>
|
| -bool ValidatePointerNonNullable(const T& input, const char* error_message) {
|
| +bool ValidatePointerNonNullable(const T& input,
|
| + const char* error_message,
|
| + ValidationContext* validation_context) {
|
| if (input.offset)
|
| return true;
|
|
|
| - ReportValidationError(VALIDATION_ERROR_UNEXPECTED_NULL_POINTER,
|
| + ReportValidationError(validation_context,
|
| + VALIDATION_ERROR_UNEXPECTED_NULL_POINTER,
|
| error_message);
|
| return false;
|
| }
|
|
|
| template <typename T>
|
| bool ValidateInlinedUnionNonNullable(const T& input,
|
| - const char* error_message) {
|
| + const char* error_message,
|
| + ValidationContext* validation_context) {
|
| if (!input.is_null())
|
| return true;
|
|
|
| - ReportValidationError(VALIDATION_ERROR_UNEXPECTED_NULL_POINTER,
|
| + ReportValidationError(validation_context,
|
| + VALIDATION_ERROR_UNEXPECTED_NULL_POINTER,
|
| error_message);
|
| return false;
|
| }
|
|
|
| bool ValidateHandleNonNullable(const Handle_Data& input,
|
| - const char* error_message);
|
| + const char* error_message,
|
| + ValidationContext* validation_context);
|
|
|
| bool ValidateInterfaceIdNonNullable(InterfaceId input,
|
| - const char* error_message);
|
| + const char* error_message,
|
| + ValidationContext* validation_context);
|
|
|
| template <typename T>
|
| bool ValidateArray(const Pointer<Array_Data<T>>& input,
|
| - BoundsChecker* bounds_checker,
|
| + ValidationContext* validation_context,
|
| const ContainerValidateParams* validate_params) {
|
| if (!ValidateEncodedPointer(&input.offset)) {
|
| - ReportValidationError(VALIDATION_ERROR_ILLEGAL_POINTER);
|
| + ReportValidationError(validation_context, VALIDATION_ERROR_ILLEGAL_POINTER);
|
| return false;
|
| }
|
|
|
| return Array_Data<T>::Validate(DecodePointerRaw(&input.offset),
|
| - bounds_checker, validate_params);
|
| + validation_context, validate_params);
|
| }
|
|
|
| template <typename T>
|
| bool ValidateMap(const Pointer<T>& input,
|
| - BoundsChecker* bounds_checker,
|
| + ValidationContext* validation_context,
|
| const ContainerValidateParams* validate_params) {
|
| if (!ValidateEncodedPointer(&input.offset)) {
|
| - ReportValidationError(VALIDATION_ERROR_ILLEGAL_POINTER);
|
| + ReportValidationError(validation_context, VALIDATION_ERROR_ILLEGAL_POINTER);
|
| return false;
|
| }
|
|
|
| - return T::Validate(DecodePointerRaw(&input.offset), bounds_checker,
|
| + return T::Validate(DecodePointerRaw(&input.offset), validation_context,
|
| validate_params);
|
| }
|
|
|
| template <typename T>
|
| -bool ValidateStruct(const Pointer<T>& input, BoundsChecker* bounds_checker) {
|
| +bool ValidateStruct(const Pointer<T>& input,
|
| + ValidationContext* validation_context) {
|
| if (!ValidateEncodedPointer(&input.offset)) {
|
| - ReportValidationError(VALIDATION_ERROR_ILLEGAL_POINTER);
|
| + ReportValidationError(validation_context, VALIDATION_ERROR_ILLEGAL_POINTER);
|
| return false;
|
| }
|
|
|
| - return T::Validate(DecodePointerRaw(&input.offset), bounds_checker);
|
| + return T::Validate(DecodePointerRaw(&input.offset), validation_context);
|
| }
|
|
|
| template <typename T>
|
| -bool ValidateInlinedUnion(const T& input, BoundsChecker* bounds_checker) {
|
| - return T::Validate(&input, bounds_checker, true);
|
| +bool ValidateInlinedUnion(const T& input,
|
| + ValidationContext* validation_context) {
|
| + return T::Validate(&input, validation_context, true);
|
| }
|
|
|
| template <typename T>
|
| bool ValidateNonInlinedUnion(const Pointer<T>& input,
|
| - BoundsChecker* bounds_checker) {
|
| + ValidationContext* validation_context) {
|
| if (!ValidateEncodedPointer(&input.offset)) {
|
| - ReportValidationError(VALIDATION_ERROR_ILLEGAL_POINTER);
|
| + ReportValidationError(validation_context, VALIDATION_ERROR_ILLEGAL_POINTER);
|
| return false;
|
| }
|
|
|
| - return T::Validate(DecodePointerRaw(&input.offset), bounds_checker, false);
|
| + return T::Validate(DecodePointerRaw(&input.offset), validation_context,
|
| + false);
|
| }
|
|
|
| -bool ValidateHandle(const Handle_Data& input, BoundsChecker* bounds_checker);
|
| +bool ValidateHandle(const Handle_Data& input,
|
| + ValidationContext* validation_context);
|
|
|
| -bool ValidateAssociatedInterfaceId(InterfaceId input);
|
| +bool ValidateAssociatedInterfaceId(InterfaceId input,
|
| + ValidationContext* validation_context);
|
|
|
| } // namespace internal
|
| } // namespace mojo
|
|
|
Chromium Code Reviews
Issue 2064903002:
Mojo: Report bindings validation errors via MojoNotifyBadMessage (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master