Associated Message Validation

mojo/public/js/validator.js

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 define("mojo/public/js/validator", [
   "mojo/public/js/codec",
-], function(codec) {
+  "mojo/public/js/interface_types",
+], function(codec, types) {
 
   var validationError = {
     NONE: 'VALIDATION_ERROR_NONE',
     MISALIGNED_OBJECT: 'VALIDATION_ERROR_MISALIGNED_OBJECT',
     ILLEGAL_MEMORY_RANGE: 'VALIDATION_ERROR_ILLEGAL_MEMORY_RANGE',
     UNEXPECTED_STRUCT_HEADER: 'VALIDATION_ERROR_UNEXPECTED_STRUCT_HEADER',
     UNEXPECTED_ARRAY_HEADER: 'VALIDATION_ERROR_UNEXPECTED_ARRAY_HEADER',
     ILLEGAL_HANDLE: 'VALIDATION_ERROR_ILLEGAL_HANDLE',
     UNEXPECTED_INVALID_HANDLE: 'VALIDATION_ERROR_UNEXPECTED_INVALID_HANDLE',
     ILLEGAL_POINTER: 'VALIDATION_ERROR_ILLEGAL_POINTER',
     UNEXPECTED_NULL_POINTER: 'VALIDATION_ERROR_UNEXPECTED_NULL_POINTER',
+    ILLEGAL_INTERFACE_ID: 'VALIDATION_ERROR_ILLEGAL_INTERFACE_ID',
+    UNEXPECTED_INVALID_INTERFACE_ID:
+        'VALIDATION_ERROR_UNEXPECTED_INVALID_INTERFACE_ID',
     MESSAGE_HEADER_INVALID_FLAGS:
         'VALIDATION_ERROR_MESSAGE_HEADER_INVALID_FLAGS',
     MESSAGE_HEADER_MISSING_REQUEST_ID:
         'VALIDATION_ERROR_MESSAGE_HEADER_MISSING_REQUEST_ID',
     DIFFERENT_SIZED_ARRAYS_IN_MAP:
         'VALIDATION_ERROR_DIFFERENT_SIZED_ARRAYS_IN_MAP',
     INVALID_UNION_SIZE: 'VALIDATION_ERROR_INVALID_UNION_SIZE',
     UNEXPECTED_NULL_UNION: 'VALIDATION_ERROR_UNEXPECTED_NULL_UNION',
     UNKNOWN_ENUM_VALUE: 'VALIDATION_ERROR_UNKNOWN_ENUM_VALUE',
   };
@@ skipping 57 matching lines @@
 
   function isInterfaceClass(cls) {
     return cls instanceof codec.Interface;
   }
 
   function isInterfaceRequestClass(cls) {
     return cls === codec.InterfaceRequest ||
         cls === codec.NullableInterfaceRequest;
   }
 
+  function isAssociatedInterfaceClass(cls) {
+    return cls === codec.AssociatedInterfacePtrInfo ||
+        cls === codec.NullableAssociatedInterfacePtrInfo;
+  }
+
+  function isAssociatedInterfaceRequestClass(cls) {
+    return cls === codec.AssociatedInterfaceRequest ||
+        cls === codec.NullableAssociatedInterfaceRequest;
+  }
+
   function isNullable(type) {
     return type === codec.NullableString || type === codec.NullableHandle ||
         type === codec.NullableInterface ||
         type === codec.NullableInterfaceRequest ||
         type instanceof codec.NullableArrayOf ||
         type instanceof codec.NullablePointerTo;
   }
 
   function Validator(message) {
     this.message = message;
     this.offset = 0;
     this.handleIndex = 0;
+    this.associatedEndpointHandleIndex = 0;
+    this.offsetLimit = this.message.buffer.byteLength;
   }
 
-  Object.defineProperty(Validator.prototype, "offsetLimit", {
-    get: function() { return this.message.buffer.byteLength; }
-  });
-
   Object.defineProperty(Validator.prototype, "handleIndexLimit", {
     get: function() { return this.message.handles.length; }
   });
 
+  Object.defineProperty(Validator.prototype, "associatedHandleIndexLimit", {
+    get: function() {
+      var payloadInterfaceIds = this.message.getPayloadInterfaceIds();

[yzshen1, 2017/04/12 00:50:33]

Can we cache this value instead of computing it everytime?

Maybe we can cache the result of getPayloadInterfaceIds() during
Validator.prototype.validateMessageHeader()? After we do the necessary
validation?

[wangjimmy, 2017/04/12 18:58:25]

Done.

+      return payloadInterfaceIds ? payloadInterfaceIds.length : 0;
+    }
+  });
+
   // True if we can safely allocate a block of bytes from start to
   // to start + numBytes.
   Validator.prototype.isValidRange = function(start, numBytes) {
     // Only positive JavaScript integers that are less than 2^53
     // (Number.MAX_SAFE_INTEGER) can be represented exactly.
     if (start < this.offset || numBytes <= 0 ||
         !Number.isSafeInteger(start) ||
         !Number.isSafeInteger(numBytes))
       return false;
 
@@ skipping 17 matching lines @@
       return true;
 
     if (index < this.handleIndex || index >= this.handleIndexLimit)
       return false;
 
     // This is safe because handle indices are uint32.
     this.handleIndex = index + 1;
     return true;
   };
 
+  Validator.prototype.claimAssociatedEndpointHandle = function(index) {
+    if (index === codec.kEncodedInvalidHandleValue) {
+      return true;
+    }
+
+    if (index < this.associatedEndpointHandleIndex ||
+        index >= this.associatedHandleIndexLimit) {
+      return false;
+    }
+
+    // This is safe because handle indices are uint32.
+    this.associatedEndpointHandleIndex = index + 1;
+    return true;
+  };
+
   Validator.prototype.validateEnum = function(offset, enumClass) {
     // Note: Assumes that enums are always 32 bits! But this matches
     // mojom::generate::pack::PackedField::GetSizeForKind, so it should be okay.
     var value = this.message.buffer.getInt32(offset);
     return enumClass.validate(value);
   }
 
   Validator.prototype.validateHandle = function(offset, nullable) {
     var index = this.message.buffer.getUint32(offset);
 
     if (index === codec.kEncodedInvalidHandleValue)
       return nullable ?
           validationError.NONE : validationError.UNEXPECTED_INVALID_HANDLE;
 
     if (!this.claimHandle(index))
       return validationError.ILLEGAL_HANDLE;
 
     return validationError.NONE;
   };
 
+  Validator.prototype.validateAssociatedEndpointHandle = function(offset,
+      nullable) {
+    var index = this.message.buffer.getUint32(offset);
+
+    if (index === codec.kEncodedInvalidHandleValue) {
+      return nullable ? validationError.NONE :
+          validationError.UNEXPECTED_INVALID_INTERFACE_ID;
+    }
+
+    if (!this.claimAssociatedEndpointHandle(index)) {
+      return validationError.ILLEGAL_INTERFACE_ID;
+    }
+
+    return validationError.NONE;
+  };
+
   Validator.prototype.validateInterface = function(offset, nullable) {
     return this.validateHandle(offset, nullable);
   };
 
   Validator.prototype.validateInterfaceRequest = function(offset, nullable) {
     return this.validateHandle(offset, nullable);
   };
 
+  Validator.prototype.validateAssociatedInterface = function(offset,
+      nullable) {
+    return this.validateAssociatedEndpointHandle(offset, nullable);
+  };
+
+  Validator.prototype.validateAssociatedInterfaceRequest = function(
+      offset, nullable) {
+    return this.validateAssociatedEndpointHandle(offset, nullable);
+  };
+
   Validator.prototype.validateStructHeader = function(offset, minNumBytes) {
     if (!codec.isAligned(offset))
       return validationError.MISALIGNED_OBJECT;
 
     if (!this.isValidRange(offset, codec.kStructHeaderSize))
       return validationError.ILLEGAL_MEMORY_RANGE;
 
     var numBytes = this.message.buffer.getUint32(offset);
 
     if (numBytes < minNumBytes)
@@ skipping 23 matching lines @@
     }
 
     return validationError.NONE;
   };
 
   Validator.prototype.isFieldInStructVersion = function(offset, fieldVersion) {
     var structVersion = this.message.buffer.getUint32(offset + 4);
     return fieldVersion <= structVersion;
   };
 
-  // TODO(wangjimmy): Add support for v2 messages.
   Validator.prototype.validateMessageHeader = function() {
-
-    var err = this.validateStructHeader(0, codec.kMessageHeaderSize);
-    if (err != validationError.NONE)
+    var err = this.validateStructHeader(0, codec.kMessageV0HeaderSize);
+    if (err != validationError.NONE) {
       return err;
+    }
 
     var numBytes = this.message.getHeaderNumBytes();
     var version = this.message.getHeaderVersion();
 
     var validVersionAndNumBytes =
-        (version == 0 && numBytes == codec.kMessageHeaderSize) ||
-        (version == 1 &&
-         numBytes == codec.kMessageWithRequestIDHeaderSize) ||
-        (version > 1 &&
-         numBytes >= codec.kMessageWithRequestIDHeaderSize);
-    if (!validVersionAndNumBytes)
+        (version == 0 && numBytes == codec.kMessageV0HeaderSize) ||
+        (version == 1 && numBytes == codec.kMessageV1HeaderSize) ||
+        (version == 2 && numBytes == codec.kMessageV2HeaderSize) ||
+        (version > 2 && numBytes >= codec.kMessageV2HeaderSize);
+
+    if (!validVersionAndNumBytes) {
       return validationError.UNEXPECTED_STRUCT_HEADER;
+    }
 
     var expectsResponse = this.message.expectsResponse();
     var isResponse = this.message.isResponse();
 
-    if (version == 0 && (expectsResponse || isResponse))
+    if (version == 0 && (expectsResponse || isResponse)) {
       return validationError.MESSAGE_HEADER_MISSING_REQUEST_ID;
+    }
 
-    if (isResponse && expectsResponse)
+    if (isResponse && expectsResponse) {
       return validationError.MESSAGE_HEADER_INVALID_FLAGS;
+    }
+
+    if (version < 2) {
+      return validationError.NONE;
+    }
+
+    var payloadInterfaceIds = this.message.getPayloadInterfaceIds();

[yzshen1, 2017/04/12 00:50:33]

Reading the array must be done *after* the validation (currently it is on line
332).

[wangjimmy, 2017/04/12 18:58:25]

Done.

+    if (payloadInterfaceIds) {
+      var err = this.validateArrayPointer(
+          codec.kMessagePayloadInterfaceIdsPointerOffset,
+          codec.Uint32.encodedSize, codec.Uint32, true,
+          [payloadInterfaceIds.length], 0);

[yzshen1, 2017/04/12 00:50:33]

Please use [0] instead of [payloadInterfaceIds.length], it means "any size is
okay".

[wangjimmy, 2017/04/12 18:58:25]

Done.

+
+      if (err != validationError.NONE) {
+        return err;
+      }
+
+      for (var interfaceId of payloadInterfaceIds) {
+        if (!types.isValidInterfaceId(interfaceId) ||
+            types.isMasterInterfaceId(interfaceId)) {
+          return validationError.ILLEGAL_INTERFACE_ID;
+        }
+      }
+    }
+
+    // Set offset to the start of the payload and offsetLimit to the start of
+    // the payload interface Ids so that payload can be validated using the
+    // same messageValidator.
+    this.offset = this.message.getHeaderNumBytes();
+    this.offsetLimit = this.decodePointer(
+        codec.kMessagePayloadInterfaceIdsPointerOffset);
 
     return validationError.NONE;
   };
 
   Validator.prototype.validateMessageIsRequestWithoutResponse = function() {
     if (this.message.isResponse() || this.message.expectsResponse()) {
       return validationError.MESSAGE_HEADER_INVALID_FLAGS;
     }
     return validationError.NONE;
   };
@@ skipping 181 matching lines @@
     var nullable = isNullable(elementType);
 
     if (isHandleClass(elementType))
       return this.validateHandleElements(elementsOffset, numElements, nullable);
     if (isInterfaceClass(elementType))
       return this.validateInterfaceElements(
           elementsOffset, numElements, nullable);
     if (isInterfaceRequestClass(elementType))
       return this.validateInterfaceRequestElements(
           elementsOffset, numElements, nullable);
+    if (isAssociatedInterfaceClass(elementType))
+      return this.validateAssociatedInterfaceElements(
+          elementsOffset, numElements, nullable);
+    if (isAssociatedInterfaceRequestClass(elementType))
+      return this.validateAssociatedInterfaceRequestElements(
+          elementsOffset, numElements, nullable);
     if (isStringClass(elementType))
       return this.validateArrayElements(
           elementsOffset, numElements, codec.Uint8, nullable, [0], 0);
     if (elementType instanceof codec.PointerTo)
       return this.validateStructElements(
           elementsOffset, numElements, elementType.cls, nullable);
     if (elementType instanceof codec.ArrayOf)
       return this.validateArrayElements(
           elementsOffset, numElements, elementType.cls, nullable,
           expectedDimensionSizes, currentDimension + 1);
@@ skipping 37 matching lines @@
     var elementSize = codec.InterfaceRequest.encodedSize;
     for (var i = 0; i < numElements; i++) {
       var elementOffset = offset + i * elementSize;
       var err = this.validateInterfaceRequest(elementOffset, nullable);
       if (err != validationError.NONE)
         return err;
     }
     return validationError.NONE;
   };
 
+  Validator.prototype.validateAssociatedInterfaceElements =
+      function(offset, numElements, nullable) {
+    var elementSize = codec.AssociatedInterfacePtrInfo.prototype.encodedSize;
+    for (var i = 0; i < numElements; i++) {
+      var elementOffset = offset + i * elementSize;
+      var err = this.validateAssociatedInterface(elementOffset, nullable);
+      if (err != validationError.NONE) {
+        return err;
+      }
+    }
+    return validationError.NONE;
+  };
+
+  Validator.prototype.validateAssociatedInterfaceRequestElements =
+      function(offset, numElements, nullable) {
+    var elementSize = codec.AssociatedInterfaceRequest.encodedSize;
+    for (var i = 0; i < numElements; i++) {
+      var elementOffset = offset + i * elementSize;
+      var err = this.validateAssociatedInterfaceRequest(elementOffset,
+          nullable);
+      if (err != validationError.NONE) {
+        return err;
+      }
+    }
+    return validationError.NONE;
+  };
+
   // The elementClass parameter is the element type of the element arrays.
   Validator.prototype.validateArrayElements =
       function(offset, numElements, elementClass, nullable,
                expectedDimensionSizes, currentDimension) {
     var elementSize = codec.PointerTo.prototype.encodedSize;
     for (var i = 0; i < numElements; i++) {
       var elementOffset = offset + i * elementSize;
       var err = this.validateArrayPointer(
           elementOffset, elementClass.encodedSize, elementClass, nullable,
           expectedDimensionSizes, currentDimension);
@@ skipping 30 matching lines @@
 
   var exports = {};
   exports.validationError = validationError;
   exports.Validator = Validator;
   exports.ValidationErrorObserverForTesting = ValidationErrorObserverForTesting;
   exports.reportValidationError = reportValidationError;
   exports.isTestingMode = isTestingMode;
   exports.clearTestingMode = clearTestingMode;
   return exports;
 });