| Index: content/browser/bluetooth/web_bluetooth_service_impl.cc
|
| diff --git a/content/browser/bluetooth/web_bluetooth_service_impl.cc b/content/browser/bluetooth/web_bluetooth_service_impl.cc
|
| index e75ec1799441fb72c41595d4b56e61c40dc8bfcc..cad26d27fcfae31d46abb337a26f3819fa7fbf01 100644
|
| --- a/content/browser/bluetooth/web_bluetooth_service_impl.cc
|
| +++ b/content/browser/bluetooth/web_bluetooth_service_impl.cc
|
| @@ -2,12 +2,11 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -// ID Not In Map Note:
|
| -// A service, characteristic, or descriptor ID not in the corresponding
|
| -// WebBluetoothServiceImpl map [service_id_to_device_address_,
|
| -// characteristic_id_to_service_id_, descriptor_to_characteristic_] implies a
|
| -// hostile renderer because a renderer obtains the corresponding ID from this
|
| -// class and it will be added to the map at that time.
|
| +// ID Not In Map Note: A service, characteristic, or descriptor ID not in the
|
| +// corresponding WebBluetoothServiceImpl map [service_id_to_device_address_,
|
| +// characteristic_id_to_service_id_, descriptor_id_to_characteristic_id_]
|
| +// implies a hostile renderer because a renderer obtains the corresponding ID
|
| +// from this class and it will be added to the map at that time.
|
|
|
| #include "content/browser/bluetooth/web_bluetooth_service_impl.h"
|
|
|
| @@ -27,6 +26,7 @@
|
| #include "content/public/browser/web_contents.h"
|
| #include "device/bluetooth/bluetooth_adapter_factory_wrapper.h"
|
| #include "device/bluetooth/bluetooth_remote_gatt_characteristic.h"
|
| +#include "device/bluetooth/bluetooth_remote_gatt_descriptor.h"
|
|
|
| using device::BluetoothAdapterFactoryWrapper;
|
| using device::BluetoothUUID;
|
| @@ -129,6 +129,21 @@ blink::mojom::WebBluetoothResult TranslateGATTErrorAndRecord(
|
| NOTREACHED();
|
| return blink::mojom::WebBluetoothResult::GATT_UNTRANSLATED_ERROR_CODE;
|
| }
|
| +std::vector<device::BluetoothRemoteGattDescriptor*> GetDescriptorsByUUID(
|
| + device::BluetoothRemoteGattCharacteristic* characteristic,
|
| + const BluetoothUUID& descriptor_uuid) {
|
| + std::vector<device::BluetoothRemoteGattDescriptor*> descriptors;
|
| + VLOG(1) << "Looking for descriptor: " << descriptor_uuid.canonical_value();
|
| + for (device::BluetoothRemoteGattDescriptor* descriptor :
|
| + characteristic->GetDescriptors()) {
|
| + VLOG(1) << "Descriptor in cache: "
|
| + << descriptor->GetUUID().canonical_value();
|
| + if (descriptor->GetUUID() == descriptor_uuid) {
|
| + descriptors.push_back(descriptor);
|
| + }
|
| + }
|
| + return descriptors;
|
| +}
|
|
|
| // TODO(ortuno): This should really be a BluetoothDevice method.
|
| // Replace when implemented. http://crbug.com/552022
|
| @@ -539,6 +554,146 @@ void WebBluetoothServiceImpl::RemoteServiceGetCharacteristics(
|
| nullptr /* characteristics */);
|
| }
|
|
|
| +void WebBluetoothServiceImpl::RemoteCharacteristicGetDescriptors(
|
| + const mojo::String& characteristic_instance_id,
|
| + blink::mojom::WebBluetoothGATTQueryQuantity quantity,
|
| + const base::Optional<BluetoothUUID>& descriptors_uuid,
|
| + const RemoteCharacteristicGetDescriptorsCallback& callback) {
|
| + DCHECK_CURRENTLY_ON(BrowserThread::UI);
|
| +
|
| + if (descriptors_uuid &&
|
| + BluetoothBlacklist::Get().IsExcluded(descriptors_uuid.value())) {
|
| + callback.Run(blink::mojom::WebBluetoothResult::BLACKLISTED_DESCRIPTOR_UUID,
|
| + nullptr /* descriptor */);
|
| + return;
|
| + }
|
| +
|
| + const CacheQueryResult query_result =
|
| + QueryCacheForCharacteristic(characteristic_instance_id);
|
| +
|
| + if (query_result.outcome == CacheQueryOutcome::BAD_RENDERER) {
|
| + return;
|
| + }
|
| +
|
| + if (query_result.outcome != CacheQueryOutcome::SUCCESS) {
|
| + callback.Run(query_result.GetWebResult(), nullptr /* descriptor */);
|
| + return;
|
| + }
|
| +
|
| + std::vector<device::BluetoothRemoteGattDescriptor*> descriptors =
|
| + descriptors_uuid ? GetDescriptorsByUUID(query_result.characteristic,
|
| + descriptors_uuid.value())
|
| + : query_result.characteristic->GetDescriptors();
|
| +
|
| + mojo::Array<blink::mojom::WebBluetoothRemoteGATTDescriptorPtr>
|
| + response_descriptors;
|
| + for (device::BluetoothRemoteGattDescriptor* descriptor : descriptors) {
|
| + if (BluetoothBlacklist::Get().IsExcluded(descriptor->GetUUID())) {
|
| + continue;
|
| + }
|
| + std::string descriptor_instance_id = descriptor->GetIdentifier();
|
| +
|
| + auto insert_result = descriptor_id_to_characteristic_id_.insert(
|
| + {descriptor_instance_id, characteristic_instance_id});
|
| + // If value is already in map, DCHECK it's valid.
|
| + if (!insert_result.second)
|
| + DCHECK(insert_result.first->second == characteristic_instance_id);
|
| +
|
| + blink::mojom::WebBluetoothRemoteGATTDescriptorPtr descriptor_ptr =
|
| + blink::mojom::WebBluetoothRemoteGATTDescriptor::New();
|
| +
|
| + descriptor_ptr->instance_id = descriptor_instance_id;
|
| + descriptor_ptr->uuid = descriptor->GetUUID().canonical_value();
|
| + response_descriptors.push_back(std::move(descriptor_ptr));
|
| +
|
| + if (quantity == blink::mojom::WebBluetoothGATTQueryQuantity::SINGLE) {
|
| + break;
|
| + }
|
| + }
|
| +
|
| + if (!response_descriptors.empty()) {
|
| + callback.Run(blink::mojom::WebBluetoothResult::SUCCESS,
|
| + std::move(response_descriptors));
|
| + return;
|
| + }
|
| +
|
| + callback.Run(descriptors_uuid
|
| + ? blink::mojom::WebBluetoothResult::DESCRIPTOR_NOT_FOUND
|
| + : blink::mojom::WebBluetoothResult::NO_DESCRIPTORS_FOUND,
|
| + nullptr /* descriptors */);
|
| +}
|
| +
|
| +void WebBluetoothServiceImpl::RemoteDescriptorReadValue(
|
| + const mojo::String& descriptor_instance_id,
|
| + const RemoteDescriptorReadValueCallback& callback) {
|
| + DCHECK_CURRENTLY_ON(BrowserThread::UI);
|
| +
|
| + const CacheQueryResult query_result =
|
| + QueryCacheForDescriptor(descriptor_instance_id);
|
| +
|
| + if (query_result.outcome == CacheQueryOutcome::BAD_RENDERER) {
|
| + return;
|
| + }
|
| +
|
| + if (query_result.outcome != CacheQueryOutcome::SUCCESS) {
|
| + callback.Run(query_result.GetWebResult(), nullptr /* value */);
|
| + return;
|
| + }
|
| +
|
| + if (BluetoothBlacklist::Get().IsExcludedFromReads(
|
| + query_result.descriptor->GetUUID())) {
|
| + callback.Run(blink::mojom::WebBluetoothResult::BLACKLISTED_READ,
|
| + nullptr /* value */);
|
| + return;
|
| + }
|
| +
|
| + query_result.descriptor->ReadRemoteDescriptor(
|
| + base::Bind(&WebBluetoothServiceImpl::OnDescriptorReadValueSuccess,
|
| + weak_ptr_factory_.GetWeakPtr(), callback),
|
| + base::Bind(&WebBluetoothServiceImpl::OnDescriptorReadValueFailed,
|
| + weak_ptr_factory_.GetWeakPtr(), callback));
|
| +}
|
| +
|
| +void WebBluetoothServiceImpl::RemoteDescriptorWriteValue(
|
| + const mojo::String& descriptor_instance_id,
|
| + mojo::Array<uint8_t> value,
|
| + const RemoteDescriptorWriteValueCallback& callback) {
|
| + DCHECK_CURRENTLY_ON(BrowserThread::UI);
|
| +
|
| + // We perform the length check on the renderer side. So if we
|
| + // get a value with length > 512, we can assume it's a hostile
|
| + // renderer and kill it.
|
| + if (value.size() > 512) {
|
| + CrashRendererAndClosePipe(bad_message::BDH_INVALID_WRITE_VALUE_LENGTH);
|
| + return;
|
| + }
|
| +
|
| + const CacheQueryResult query_result =
|
| + QueryCacheForDescriptor(descriptor_instance_id);
|
| +
|
| + if (query_result.outcome == CacheQueryOutcome::BAD_RENDERER) {
|
| + return;
|
| + }
|
| +
|
| + if (query_result.outcome != CacheQueryOutcome::SUCCESS) {
|
| + callback.Run(query_result.GetWebResult());
|
| + return;
|
| + }
|
| +
|
| + if (BluetoothBlacklist::Get().IsExcludedFromWrites(
|
| + query_result.descriptor->GetUUID())) {
|
| + callback.Run(blink::mojom::WebBluetoothResult::BLACKLISTED_WRITE);
|
| + return;
|
| + }
|
| +
|
| + query_result.descriptor->WriteRemoteDescriptor(
|
| + value.To<std::vector<uint8_t>>(),
|
| + base::Bind(&WebBluetoothServiceImpl::OnDescriptorWriteValueSuccess,
|
| + weak_ptr_factory_.GetWeakPtr(), callback),
|
| + base::Bind(&WebBluetoothServiceImpl::OnDescriptorWriteValueFailed,
|
| + weak_ptr_factory_.GetWeakPtr(), callback));
|
| +}
|
| +
|
| void WebBluetoothServiceImpl::RemoteCharacteristicReadValue(
|
| const mojo::String& characteristic_instance_id,
|
| const RemoteCharacteristicReadValueCallback& callback) {
|
| @@ -568,9 +723,9 @@ void WebBluetoothServiceImpl::RemoteCharacteristicReadValue(
|
| }
|
|
|
| query_result.characteristic->ReadRemoteCharacteristic(
|
| - base::Bind(&WebBluetoothServiceImpl::OnReadValueSuccess,
|
| + base::Bind(&WebBluetoothServiceImpl::OnCharacteristicReadValueSuccess,
|
| weak_ptr_factory_.GetWeakPtr(), callback),
|
| - base::Bind(&WebBluetoothServiceImpl::OnReadValueFailed,
|
| + base::Bind(&WebBluetoothServiceImpl::OnCharacteristicReadValueFailed,
|
| weak_ptr_factory_.GetWeakPtr(), callback));
|
| }
|
|
|
| @@ -612,9 +767,9 @@ void WebBluetoothServiceImpl::RemoteCharacteristicWriteValue(
|
|
|
| query_result.characteristic->WriteRemoteCharacteristic(
|
| value.To<std::vector<uint8_t>>(),
|
| - base::Bind(&WebBluetoothServiceImpl::OnWriteValueSuccess,
|
| + base::Bind(&WebBluetoothServiceImpl::OnCharacteristicWriteValueSuccess,
|
| weak_ptr_factory_.GetWeakPtr(), callback),
|
| - base::Bind(&WebBluetoothServiceImpl::OnWriteValueFailed,
|
| + base::Bind(&WebBluetoothServiceImpl::OnCharacteristicWriteValueFailed,
|
| weak_ptr_factory_.GetWeakPtr(), callback));
|
| }
|
|
|
| @@ -832,7 +987,38 @@ void WebBluetoothServiceImpl::OnCreateGATTConnectionFailed(
|
| callback.Run(TranslateConnectErrorAndRecord(error_code));
|
| }
|
|
|
| -void WebBluetoothServiceImpl::OnReadValueSuccess(
|
| +void WebBluetoothServiceImpl::OnDescriptorReadValueSuccess(
|
| + const RemoteDescriptorReadValueCallback& callback,
|
| + const std::vector<uint8_t>& value) {
|
| + DCHECK_CURRENTLY_ON(BrowserThread::UI);
|
| + callback.Run(blink::mojom::WebBluetoothResult::SUCCESS,
|
| + mojo::Array<uint8_t>::From(value));
|
| +}
|
| +
|
| +void WebBluetoothServiceImpl::OnDescriptorReadValueFailed(
|
| + const RemoteDescriptorReadValueCallback& callback,
|
| + device::BluetoothRemoteGattService::GattErrorCode error_code) {
|
| + DCHECK_CURRENTLY_ON(BrowserThread::UI);
|
| + callback.Run(TranslateGATTErrorAndRecord(error_code,
|
| + UMAGATTOperation::DESCRIPTOR_READ),
|
| + nullptr /* value */);
|
| +}
|
| +
|
| +void WebBluetoothServiceImpl::OnDescriptorWriteValueSuccess(
|
| + const RemoteDescriptorWriteValueCallback& callback) {
|
| + DCHECK_CURRENTLY_ON(BrowserThread::UI);
|
| + callback.Run(blink::mojom::WebBluetoothResult::SUCCESS);
|
| +}
|
| +
|
| +void WebBluetoothServiceImpl::OnDescriptorWriteValueFailed(
|
| + const RemoteDescriptorWriteValueCallback& callback,
|
| + device::BluetoothRemoteGattService::GattErrorCode error_code) {
|
| + DCHECK_CURRENTLY_ON(BrowserThread::UI);
|
| + callback.Run(TranslateGATTErrorAndRecord(error_code,
|
| + UMAGATTOperation::DESCRIPTOR_WRITE));
|
| +}
|
| +
|
| +void WebBluetoothServiceImpl::OnCharacteristicReadValueSuccess(
|
| const RemoteCharacteristicReadValueCallback& callback,
|
| const std::vector<uint8_t>& value) {
|
| DCHECK_CURRENTLY_ON(BrowserThread::UI);
|
| @@ -841,7 +1027,7 @@ void WebBluetoothServiceImpl::OnReadValueSuccess(
|
| mojo::Array<uint8_t>::From(value));
|
| }
|
|
|
| -void WebBluetoothServiceImpl::OnReadValueFailed(
|
| +void WebBluetoothServiceImpl::OnCharacteristicReadValueFailed(
|
| const RemoteCharacteristicReadValueCallback& callback,
|
| device::BluetoothRemoteGattService::GattErrorCode error_code) {
|
| DCHECK_CURRENTLY_ON(BrowserThread::UI);
|
| @@ -850,14 +1036,14 @@ void WebBluetoothServiceImpl::OnReadValueFailed(
|
| nullptr /* value */);
|
| }
|
|
|
| -void WebBluetoothServiceImpl::OnWriteValueSuccess(
|
| +void WebBluetoothServiceImpl::OnCharacteristicWriteValueSuccess(
|
| const RemoteCharacteristicWriteValueCallback& callback) {
|
| DCHECK_CURRENTLY_ON(BrowserThread::UI);
|
| RecordCharacteristicWriteValueOutcome(UMAGATTOperationOutcome::SUCCESS);
|
| callback.Run(blink::mojom::WebBluetoothResult::SUCCESS);
|
| }
|
|
|
| -void WebBluetoothServiceImpl::OnWriteValueFailed(
|
| +void WebBluetoothServiceImpl::OnCharacteristicWriteValueFailed(
|
| const RemoteCharacteristicWriteValueCallback& callback,
|
| device::BluetoothRemoteGattService::GattErrorCode error_code) {
|
| DCHECK_CURRENTLY_ON(BrowserThread::UI);
|
| @@ -976,6 +1162,33 @@ CacheQueryResult WebBluetoothServiceImpl::QueryCacheForCharacteristic(
|
| return result;
|
| }
|
|
|
| +CacheQueryResult WebBluetoothServiceImpl::QueryCacheForDescriptor(
|
| + const std::string& descriptor_instance_id) {
|
| + auto descriptor_iter =
|
| + descriptor_id_to_characteristic_id_.find(descriptor_instance_id);
|
| +
|
| + // Kill the render, see "ID Not in Map Note" above.
|
| + if (descriptor_iter == descriptor_id_to_characteristic_id_.end()) {
|
| + CrashRendererAndClosePipe(bad_message::BDH_INVALID_DESCRIPTOR_ID);
|
| + return CacheQueryResult(CacheQueryOutcome::BAD_RENDERER);
|
| + }
|
| +
|
| + CacheQueryResult result =
|
| + QueryCacheForCharacteristic(descriptor_iter->second);
|
| + if (result.outcome != CacheQueryOutcome::SUCCESS) {
|
| + return result;
|
| + }
|
| +
|
| + result.descriptor =
|
| + result.characteristic->GetDescriptor(descriptor_instance_id);
|
| +
|
| + if (result.descriptor == nullptr) {
|
| + result.outcome = CacheQueryOutcome::NO_DESCRIPTOR;
|
| + }
|
| +
|
| + return result;
|
| +}
|
| +
|
| RenderProcessHost* WebBluetoothServiceImpl::GetRenderProcessHost() {
|
| return render_frame_host_->GetProcess();
|
| }
|
| @@ -997,6 +1210,7 @@ url::Origin WebBluetoothServiceImpl::GetOrigin() {
|
| void WebBluetoothServiceImpl::ClearState() {
|
| characteristic_id_to_notify_session_.clear();
|
| pending_primary_services_requests_.clear();
|
| + descriptor_id_to_characteristic_id_.clear();
|
| characteristic_id_to_service_id_.clear();
|
| service_id_to_device_address_.clear();
|
| connected_devices_.reset(
|
|
|
Chromium Code Reviews
Issue 2466223002:
Implement WebBluetooth getDescriptor[s] (Closed)
