mojo/public/cpp/bindings/lib/message_header_validator.cc - Issue 229683005: Validate MessageHeader before using

Side by Side Diff: mojo/public/cpp/bindings/lib/message_header_validator.cc

Issue 229683005: Validate MessageHeader before using (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: remove validation_interfaces.mojom for now Created 6 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« mojo/public/cpp/bindings/lib/message_header_validator.h ('K') | « mojo/public/cpp/bindings/lib/message_header_validator.h ('k') | mojo/public/cpp/bindings/tests/validation_unittest.cc » ('j') | mojo/public/cpp/bindings/tests/validation_unittest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 // Copyright 2014 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "mojo/public/cpp/bindings/lib/message_header_validator.h"

	6

	7 #include "mojo/public/cpp/bindings/lib/bindings_serialization.h"

	8

	9 namespace mojo {

	10 namespace internal {

	11 namespace {

	12

	13 bool IsValidMessageHeader(const internal::MessageHeader* header) {

	14 // Validate num_bytes

	15 if (header->num_bytes < sizeof(internal::MessageHeader))

	16 return false;

	17 if (internal::Align(header->num_bytes) != header->num_bytes)

	18 return false;

	19

	20 // Validate num_fields

	21 if (header->num_fields < 2)

	22 return false;

	23 if (header->num_fields == 2 &&
	viettrungluu 2014/04/25 21:55:59 Probably this should be structured as: if (header Probably this should be structured as: if (header->num_fields == 2) { if (... != ...) return false; } else if (header->num_fields == 3) { ... } else { // \|header->num_fields > 3\|. if (header->num_bytes < sizeof(internal::MessageHeaderWithRequestID)) return false; } darin (slow to review) 2014/04/29 06:31:45 Done. Show quoted text On 2014/04/25 21:55:59, viettrungluu wrote: > Probably this should be structured as: > > if (header->num_fields == 2) { > if (... != ...) > return false; > } else if (header->num_fields == 3) { > ... > } else { // \|header->num_fields > 3\|. > if (header->num_bytes < sizeof(internal::MessageHeaderWithRequestID)) > return false; > } Done.
	24 header->num_bytes != sizeof(internal::MessageHeader))

	25 return false;

	26 if (header->num_fields == 3 &&

	27 header->num_bytes != sizeof(internal::MessageHeaderWithRequestID))

	28 return false;

	29

	30 // Validate flags

	31 if (header->flags &
	viettrungluu 2014/04/25 21:55:59 Do we want to disallow future flags? Do we want to disallow future flags? darin (slow to review) 2014/04/29 06:31:45 No, I don't think we do. Revising code. Show quoted text On 2014/04/25 21:55:59, viettrungluu wrote: > Do we want to disallow future flags? No, I don't think we do. Revising code.
	32 ~(internal::kMessageExpectsResponse \| internal::kMessageIsResponse))

	33 return false;

	34 if ((header->flags & internal::kMessageExpectsResponse) &&

	35 header->num_fields < 3)

	36 return false;

	37 if ((header->flags & internal::kMessageIsResponse) &&

	38 header->num_fields < 3)

	39 return false;

	40
	viettrungluu 2014/04/25 21:55:59 Also check that "expects response" and "is respons Also check that "expects response" and "is response" aren't both set? darin (slow to review) 2014/04/29 06:31:45 Done. Show quoted text On 2014/04/25 21:55:59, viettrungluu wrote: > Also check that "expects response" and "is response" aren't both set? Done.
	41 return true;

	42 }

	43

	44 } // namespace

	45

	46 MessageHeaderValidator::MessageHeaderValidator(MessageReceiver* next)

	47 : next_(next) {

	48 assert(next);

	49 }

	50

	51 bool MessageHeaderValidator::Accept(Message* message) {

	52 if (!IsValidMessageHeader(message->header()))

	53 return false; // Simulate an unhappy receiver.

	54

	55 return next_->Accept(message);

	56 }

	57

	58 bool MessageHeaderValidator::AcceptWithResponder(Message* message,

	59 MessageReceiver* responder) {

	60 assert(false); // Not reached!

	61 return false;

	62 }

	63

	64 } // namespace internal

	65 } // namespace mojo

OLD	NEW