Chromium Code Reviews Chromium Code Reviews
Issue 22799007:
I'm investigating how to make the IPC transfer a bit more secure on the (Closed)
Base URL: https://skia.googlecode.com/svn/trunk| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright 2013 Google Inc. | 2 * Copyright 2013 Google Inc. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license that can be | 4 * Use of this source code is governed by a BSD-style license that can be |
| 5 * found in the LICENSE file. | 5 * found in the LICENSE file. |
| 6 */ | 6 */ |
| 7 | 7 |
| 8 #include "SkFlattenableSerialization.h" | 8 #include "SkFlattenableSerialization.h" |
| 9 | 9 |
| 10 #include "SkData.h" | 10 #include "SkData.h" |
| 11 #include "SkFlattenable.h" | 11 #include "SkFlattenable.h" |
| 12 #include "SkImageFilter.h" | |
| 12 #include "SkOrderedReadBuffer.h" | 13 #include "SkOrderedReadBuffer.h" |
| 13 #include "SkOrderedWriteBuffer.h" | 14 #include "SkOrderedWriteBuffer.h" |
| 14 | 15 |
| 15 SkData* SkSerializeFlattenable(SkFlattenable* flattenable) { | 16 SkData* SkSerializeFlattenable(SkFlattenable* flattenable) { |
| 16 SkOrderedWriteBuffer writer(1024); | 17 SkOrderedWriteBuffer writer(1024); |
| 17 writer.setFlags(SkOrderedWriteBuffer::kCrossProcess_Flag); | 18 writer.setFlags(SkOrderedWriteBuffer::kCrossProcess_Flag); |
| 18 writer.writeFlattenable(flattenable); | 19 writer.writeFlattenable(flattenable); |
| 19 uint32_t size = writer.bytesWritten(); | 20 uint32_t size = writer.bytesWritten(); |
| 20 void* data = sk_malloc_throw(size); | 21 void* data = sk_malloc_throw(size); |
| 21 writer.writeToMemory(data); | 22 writer.writeToMemory(data); |
| 22 return SkData::NewFromMalloc(data, size); | 23 return SkData::NewFromMalloc(data, size); |
| 23 } | 24 } |
| 24 | 25 |
| 25 SkFlattenable* SkDeserializeFlattenable(const void* data, size_t size) { | 26 SkFlattenable* SkDeserializeFlattenable(const void* data, size_t size) { |
| 26 SkOrderedReadBuffer buffer(data, size); | 27 SkOrderedReadBuffer buffer(data, size); |
| 27 return buffer.readFlattenable(); | 28 return buffer.readFlattenable(); |
| 28 } | 29 } |
| 30 | |
| 31 bool SkValidateImageFilterRec(SkFlattenable* flattenable) { | |
| 32 if (!flattenable | |
| 33 // This object should always have been sent cross-process, | |
| 34 // so it should always have a factory | |
| 35 || !flattenable->getFactory() | |
|
scroggo
2013/08/21 23:25:27
I'm trying to understand how this could return NUL
sugoi1
2013/08/22 15:41:00
Well, my original thought was that, if someone wou
| |
| 36 // Only SkImageFilter objects are allowed | |
| 37 || !flattenable->isA(SkFlattenable::IMAGE_FILTER)) | |
|
scroggo
2013/08/21 23:25:27
If the unflattening created an SkImageFilter, won'
sugoi1
2013/08/22 15:41:00
How would I know it was wrong to create it ? I hav
scroggo
2013/08/22 17:59:01
My point is that if you read the stream incorrectl
sugoi1
2013/08/22 18:14:53
When this function is called, it verifies that wha
scroggo
2013/08/22 19:10:19
Ah, okay. Thanks for the explanation.
| |
| 38 return false; | |
| 39 | |
| 40 // Check that all the inputs are also SkImageFilter objects | |
| 41 SkImageFilter* filter = static_cast<SkImageFilter*>(flattenable); | |
| 42 int nbInputs = filter->countInputs(); | |
| 43 for (int i = 0; i < nbInputs; ++i) | |
| 44 if (!SkValidateImageFilterRec(filter->getInput(i))) | |
| 45 return false; | |
| 46 | |
| 47 return true; | |
| 48 } | |
| 49 | |
| 50 SkImageFilter* SkValidateImageFilter(SkFlattenable* flattenable) { | |
| 51 return SkValidateImageFilterRec(flattenable) ? | |
| 52 static_cast<SkImageFilter*>(flattenable) : 0; | |
| 53 } | |
| OLD | NEW |
