Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(60)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/gcm_driver/crypto/encryption_header_parsers.cc

Issue 2106333003: Disallow identical names for the Encryption and Crypto-Key headers (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@headers-changes
Patch Set: spell value properly Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | components/gcm_driver/crypto/encryption_header_parsers_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/gcm_driver/crypto/encryption_header_parsers.cc
diff --git a/components/gcm_driver/crypto/encryption_header_parsers.cc b/components/gcm_driver/crypto/encryption_header_parsers.cc
index 4f199bd9f96939b7c65487fc9903f507f20fc70d..6fad64440a65cbf47f61129eebe1cb786af357f4 100644
--- a/components/gcm_driver/crypto/encryption_header_parsers.cc
+++ b/components/gcm_driver/crypto/encryption_header_parsers.cc
@@ -75,6 +75,10 @@ bool EncryptionHeaderIterator::GetNext() {
net::HttpUtil::NameValuePairsIterator::Values::REQUIRED,
net::HttpUtil::NameValuePairsIterator::Quotes::NOT_STRICT);
+ bool found_keyid = false;
+ bool found_salt = false;
+ bool found_rs = false;
+
while (name_value_pairs.GetNext()) {
const base::StringPiece name(name_value_pairs.name_begin(),
name_value_pairs.name_end());
@@ -82,13 +86,18 @@ bool EncryptionHeaderIterator::GetNext() {
name_value_pairs.value_end());
if (base::LowerCaseEqualsASCII(name, "keyid")) {
+ if (found_keyid)
+ return false;
value.CopyToString(&keyid_);
+ found_keyid = true;
} else if (base::LowerCaseEqualsASCII(name, "salt")) {
- if (!ValueToDecodedString(value, &salt_))
+ if (found_salt || !ValueToDecodedString(value, &salt_))
return false;
+ found_salt = true;
} else if (base::LowerCaseEqualsASCII(name, "rs")) {
- if (!RecordSizeToInt(value, &rs_))
+ if (found_rs || !RecordSizeToInt(value, &rs_))
return false;
+ found_rs = true;
} else {
// Silently ignore unknown directives for forward compatibility.
}
@@ -117,6 +126,10 @@ bool CryptoKeyHeaderIterator::GetNext() {
net::HttpUtil::NameValuePairsIterator::Values::REQUIRED,
net::HttpUtil::NameValuePairsIterator::Quotes::NOT_STRICT);
+ bool found_keyid = false;
+ bool found_aesgcm128 = false;
+ bool found_dh = false;
+
while (name_value_pairs.GetNext()) {
const base::StringPiece name(name_value_pairs.name_begin(),
name_value_pairs.name_end());
@@ -124,13 +137,18 @@ bool CryptoKeyHeaderIterator::GetNext() {
name_value_pairs.value_end());
if (base::LowerCaseEqualsASCII(name, "keyid")) {
+ if (found_keyid)
+ return false;
value.CopyToString(&keyid_);
+ found_keyid = true;
} else if (base::LowerCaseEqualsASCII(name, "aesgcm128")) {
- if (!ValueToDecodedString(value, &aesgcm128_))
+ if (found_aesgcm128 || !ValueToDecodedString(value, &aesgcm128_))
return false;
+ found_aesgcm128 = true;
} else if (base::LowerCaseEqualsASCII(name, "dh")) {
- if (!ValueToDecodedString(value, &dh_))
+ if (found_dh || !ValueToDecodedString(value, &dh_))
return false;
+ found_dh = true;
} else {
// Silently ignore unknown directives for forward compatibility.
}
« no previous file with comments | « no previous file | components/gcm_driver/crypto/encryption_header_parsers_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698