OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 2010 Google Inc. All rights reserved. | 2 * Copyright (C) 2010 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 12 matching lines...) Expand all Loading... | |
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
29 */ | 29 */ |
30 | 30 |
31 #include "bindings/core/v8/SerializedScriptValue.h" | 31 #include "bindings/core/v8/SerializedScriptValue.h" |
32 | 32 |
33 #include <memory> | |
33 #include "bindings/core/v8/DOMDataStore.h" | 34 #include "bindings/core/v8/DOMDataStore.h" |
34 #include "bindings/core/v8/DOMWrapperWorld.h" | 35 #include "bindings/core/v8/DOMWrapperWorld.h" |
35 #include "bindings/core/v8/ExceptionState.h" | 36 #include "bindings/core/v8/ExceptionState.h" |
36 #include "bindings/core/v8/ScriptState.h" | 37 #include "bindings/core/v8/ScriptState.h" |
38 #include "bindings/core/v8/SerializationTag.h" | |
37 #include "bindings/core/v8/SerializedScriptValueFactory.h" | 39 #include "bindings/core/v8/SerializedScriptValueFactory.h" |
38 #include "bindings/core/v8/Transferables.h" | 40 #include "bindings/core/v8/Transferables.h" |
39 #include "bindings/core/v8/V8ArrayBuffer.h" | 41 #include "bindings/core/v8/V8ArrayBuffer.h" |
40 #include "bindings/core/v8/V8ImageBitmap.h" | 42 #include "bindings/core/v8/V8ImageBitmap.h" |
41 #include "bindings/core/v8/V8MessagePort.h" | 43 #include "bindings/core/v8/V8MessagePort.h" |
42 #include "bindings/core/v8/V8OffscreenCanvas.h" | 44 #include "bindings/core/v8/V8OffscreenCanvas.h" |
43 #include "bindings/core/v8/V8SharedArrayBuffer.h" | 45 #include "bindings/core/v8/V8SharedArrayBuffer.h" |
44 #include "core/dom/DOMArrayBuffer.h" | 46 #include "core/dom/DOMArrayBuffer.h" |
45 #include "core/dom/DOMSharedArrayBuffer.h" | 47 #include "core/dom/DOMSharedArrayBuffer.h" |
46 #include "core/dom/ExceptionCode.h" | 48 #include "core/dom/ExceptionCode.h" |
47 #include "core/dom/MessagePort.h" | 49 #include "core/dom/MessagePort.h" |
48 #include "core/frame/ImageBitmap.h" | 50 #include "core/frame/ImageBitmap.h" |
49 #include "platform/SharedBuffer.h" | 51 #include "platform/SharedBuffer.h" |
50 #include "platform/blob/BlobData.h" | 52 #include "platform/blob/BlobData.h" |
51 #include "platform/heap/Handle.h" | 53 #include "platform/heap/Handle.h" |
52 #include "wtf/Assertions.h" | 54 #include "wtf/Assertions.h" |
53 #include "wtf/ByteOrder.h" | 55 #include "wtf/ByteOrder.h" |
54 #include "wtf/PtrUtil.h" | 56 #include "wtf/PtrUtil.h" |
55 #include "wtf/Vector.h" | 57 #include "wtf/Vector.h" |
56 #include "wtf/text/StringBuffer.h" | 58 #include "wtf/text/StringBuffer.h" |
57 #include "wtf/text/StringHash.h" | 59 #include "wtf/text/StringHash.h" |
58 #include <memory> | |
59 | 60 |
60 namespace blink { | 61 namespace blink { |
61 | 62 |
62 PassRefPtr<SerializedScriptValue> SerializedScriptValue::serialize( | 63 PassRefPtr<SerializedScriptValue> SerializedScriptValue::serialize( |
63 v8::Isolate* isolate, | 64 v8::Isolate* isolate, |
64 v8::Local<v8::Value> value, | 65 v8::Local<v8::Value> value, |
65 const SerializeOptions& options, | 66 const SerializeOptions& options, |
66 ExceptionState& exception) { | 67 ExceptionState& exception) { |
67 return SerializedScriptValueFactory::instance().create(isolate, value, | 68 return SerializedScriptValueFactory::instance().create(isolate, value, |
68 options, exception); | 69 options, exception); |
(...skipping 19 matching lines...) Expand all Loading... | |
88 const String& data) { | 89 const String& data) { |
89 return adoptRef(new SerializedScriptValue(data)); | 90 return adoptRef(new SerializedScriptValue(data)); |
90 } | 91 } |
91 | 92 |
92 PassRefPtr<SerializedScriptValue> SerializedScriptValue::create( | 93 PassRefPtr<SerializedScriptValue> SerializedScriptValue::create( |
93 const char* data, | 94 const char* data, |
94 size_t length) { | 95 size_t length) { |
95 if (!data) | 96 if (!data) |
96 return create(); | 97 return create(); |
97 | 98 |
98 // Decode wire data from big endian to host byte order. | 99 // Versions 16 and below (prior to April 2017) used ntohs() to byte-flip SSV |
100 // data when converting it to the wire format. This was a historical accient. | |
101 // | |
102 // As IndexedDB stores SSVs to disk indefinitely, we still need to keep around | |
103 // the code needed to deserialize the old format. | |
99 DCHECK(!(length % sizeof(UChar))); | 104 DCHECK(!(length % sizeof(UChar))); |
105 const UChar* src = reinterpret_cast<const UChar*>(data); | |
100 size_t stringLength = length / sizeof(UChar); | 106 size_t stringLength = length / sizeof(UChar); |
101 StringBuffer<UChar> buffer(stringLength); | 107 if (!stringLength) |
102 const UChar* src = reinterpret_cast<const UChar*>(data); | 108 return adoptRef(new SerializedScriptValue(String())); |
103 UChar* dst = buffer.characters(); | |
104 for (size_t i = 0; i < stringLength; i++) | |
105 dst[i] = ntohs(src[i]); | |
106 | 109 |
107 return adoptRef(new SerializedScriptValue(String::adopt(buffer))); | 110 // The last SSV format that used byte-flipping was version 16. At that time, |
111 // Chromium only supported little-endian platforms. Before byte-flipping, the | |
112 // version number is stored after a serialization tag, which is 0xff. | |
113 // Fortunately, the version number is stored as a varint, so the first byte | |
114 // will be >= 128 even when the version number exceeds 128. So, the check | |
jbroman
2017/04/06 01:04:37
The potential issue here is that we didn't always
pwnall
2017/04/06 09:26:25
The trick that I suggest is that we "burn" future
| |
115 // below will always work. | |
116 if (data[0] <= 16 && static_cast<uint8_t>(data[1]) == VersionTag) { | |
117 // Decode wire data from big endian to host byte order. | |
118 StringBuffer<UChar> buffer(stringLength); | |
119 UChar* dst = buffer.characters(); | |
120 for (size_t i = 0; i < stringLength; i++) | |
121 dst[i] = ntohs(src[i]); | |
122 | |
123 return adoptRef(new SerializedScriptValue(String::adopt(buffer))); | |
124 } | |
125 | |
126 return adoptRef(new SerializedScriptValue(String(src, stringLength))); | |
108 } | 127 } |
109 | 128 |
110 SerializedScriptValue::SerializedScriptValue() | 129 SerializedScriptValue::SerializedScriptValue() |
111 : m_hasRegisteredExternalAllocation(false), | 130 : m_hasRegisteredExternalAllocation(false), |
112 m_transferablesNeedExternalAllocationRegistration(false) {} | 131 m_transferablesNeedExternalAllocationRegistration(false) {} |
113 | 132 |
114 SerializedScriptValue::SerializedScriptValue(const String& wireData) | 133 SerializedScriptValue::SerializedScriptValue(const String& wireData) |
115 : m_hasRegisteredExternalAllocation(false), | 134 : m_hasRegisteredExternalAllocation(false), |
116 m_transferablesNeedExternalAllocationRegistration(false) { | 135 m_transferablesNeedExternalAllocationRegistration(false) { |
117 size_t byteLength = wireData.length() * 2; | 136 size_t byteLength = wireData.length() * 2; |
118 m_dataBuffer.reset(static_cast<uint8_t*>(WTF::Partitions::bufferMalloc( | 137 m_dataBuffer.reset(static_cast<uint8_t*>(WTF::Partitions::bufferMalloc( |
119 byteLength, "SerializedScriptValue buffer"))); | 138 byteLength, "SerializedScriptValue buffer"))); |
120 m_dataBufferSize = byteLength; | 139 m_dataBufferSize = byteLength; |
121 wireData.copyTo(reinterpret_cast<UChar*>(m_dataBuffer.get()), 0, | 140 wireData.copyTo(reinterpret_cast<UChar*>(m_dataBuffer.get()), 0, |
122 wireData.length()); | 141 wireData.length()); |
123 } | 142 } |
124 | 143 |
125 SerializedScriptValue::~SerializedScriptValue() { | 144 SerializedScriptValue::~SerializedScriptValue() { |
126 // If the allocated memory was not registered before, then this class is | 145 // If the allocated memory was not registered before, then this class is |
127 // likely used in a context other than Worker's onmessage environment and the | 146 // likely used in a context other than Worker's onmessage environment and the |
128 // presence of current v8 context is not guaranteed. Avoid calling v8 then. | 147 // presence of current v8 context is not guaranteed. Avoid calling v8 then. |
129 if (m_hasRegisteredExternalAllocation) { | 148 if (m_hasRegisteredExternalAllocation) { |
130 ASSERT(v8::Isolate::GetCurrent()); | 149 ASSERT(v8::Isolate::GetCurrent()); |
131 v8::Isolate::GetCurrent()->AdjustAmountOfExternalAllocatedMemory( | 150 v8::Isolate::GetCurrent()->AdjustAmountOfExternalAllocatedMemory( |
132 -static_cast<int64_t>(dataLengthInBytes())); | 151 -static_cast<int64_t>(dataLengthInBytes())); |
133 } | 152 } |
134 } | 153 } |
135 | 154 |
136 PassRefPtr<SerializedScriptValue> SerializedScriptValue::nullValue() { | 155 PassRefPtr<SerializedScriptValue> SerializedScriptValue::nullValue() { |
137 // UChar rather than uint8_t here to get host endian behavior. | 156 static const uint8_t kNullData[] = {0xff, 17, 0xff, 13, '0', 0x00}; |
138 static const UChar kNullData[] = {0xff09, 0x3000}; | |
139 return create(reinterpret_cast<const char*>(kNullData), sizeof(kNullData)); | 157 return create(reinterpret_cast<const char*>(kNullData), sizeof(kNullData)); |
140 } | 158 } |
141 | 159 |
142 String SerializedScriptValue::toWireString() const { | 160 String SerializedScriptValue::toWireString() const { |
143 // Add the padding '\0', but don't put it in |m_dataBuffer|. | 161 // Add the padding '\0', but don't put it in |m_dataBuffer|. |
144 // This requires direct use of uninitialized strings, though. | 162 // This requires direct use of uninitialized strings, though. |
145 UChar* destination; | 163 UChar* destination; |
146 size_t stringSizeBytes = (m_dataBufferSize + 1) & ~1; | 164 size_t stringSizeBytes = (m_dataBufferSize + 1) & ~1; |
147 String wireString = | 165 String wireString = |
148 String::createUninitialized(stringSizeBytes / 2, destination); | 166 String::createUninitialized(stringSizeBytes / 2, destination); |
149 memcpy(destination, m_dataBuffer.get(), m_dataBufferSize); | 167 memcpy(destination, m_dataBuffer.get(), m_dataBufferSize); |
150 if (stringSizeBytes > m_dataBufferSize) | 168 if (stringSizeBytes > m_dataBufferSize) |
151 reinterpret_cast<char*>(destination)[stringSizeBytes - 1] = '\0'; | 169 reinterpret_cast<char*>(destination)[stringSizeBytes - 1] = '\0'; |
152 return wireString; | 170 return wireString; |
153 } | 171 } |
154 | 172 |
155 // Convert serialized string to big endian wire data. | |
156 void SerializedScriptValue::toWireBytes(Vector<char>& result) const { | 173 void SerializedScriptValue::toWireBytes(Vector<char>& result) const { |
157 DCHECK(result.isEmpty()); | 174 DCHECK(result.isEmpty()); |
158 | 175 |
159 size_t wireSizeBytes = (m_dataBufferSize + 1) & ~1; | 176 size_t resultSize = (m_dataBufferSize + 1) & ~1; |
160 result.resize(wireSizeBytes); | 177 result.resize(resultSize); |
178 memcpy(result.data(), m_dataBuffer.get(), m_dataBufferSize); | |
161 | 179 |
162 const UChar* src = reinterpret_cast<UChar*>(m_dataBuffer.get()); | 180 if (resultSize > m_dataBufferSize) { |
163 UChar* dst = reinterpret_cast<UChar*>(result.data()); | 181 DCHECK_EQ(resultSize, m_dataBufferSize + 1); |
164 for (size_t i = 0; i < m_dataBufferSize / 2; i++) | 182 result[m_dataBufferSize] = 0; |
165 dst[i] = htons(src[i]); | 183 } |
166 | |
167 // This is equivalent to swapping the byte order of the two bytes (x, 0), | |
168 // depending on endianness. | |
169 if (m_dataBufferSize % 2) | |
170 dst[wireSizeBytes / 2 - 1] = m_dataBuffer[m_dataBufferSize - 1] << 8; | |
171 } | 184 } |
172 | 185 |
173 static void accumulateArrayBuffersForAllWorlds( | 186 static void accumulateArrayBuffersForAllWorlds( |
174 v8::Isolate* isolate, | 187 v8::Isolate* isolate, |
175 DOMArrayBuffer* object, | 188 DOMArrayBuffer* object, |
176 Vector<v8::Local<v8::ArrayBuffer>, 4>& buffers) { | 189 Vector<v8::Local<v8::ArrayBuffer>, 4>& buffers) { |
177 Vector<RefPtr<DOMWrapperWorld>> worlds; | 190 Vector<RefPtr<DOMWrapperWorld>> worlds; |
178 DOMWrapperWorld::allWorldsInCurrentThread(worlds); | 191 DOMWrapperWorld::allWorldsInCurrentThread(worlds); |
179 for (const auto& world : worlds) { | 192 for (const auto& world : worlds) { |
180 v8::Local<v8::Object> wrapper = world->domDataStore().get(object, isolate); | 193 v8::Local<v8::Object> wrapper = world->domDataStore().get(object, isolate); |
(...skipping 280 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
461 // Only (re)register allocation cost for transferables if this | 474 // Only (re)register allocation cost for transferables if this |
462 // SerializedScriptValue has explicitly unregistered them before. | 475 // SerializedScriptValue has explicitly unregistered them before. |
463 if (m_arrayBufferContentsArray && | 476 if (m_arrayBufferContentsArray && |
464 m_transferablesNeedExternalAllocationRegistration) { | 477 m_transferablesNeedExternalAllocationRegistration) { |
465 for (auto& buffer : *m_arrayBufferContentsArray) | 478 for (auto& buffer : *m_arrayBufferContentsArray) |
466 buffer.registerExternalAllocationWithCurrentContext(); | 479 buffer.registerExternalAllocationWithCurrentContext(); |
467 } | 480 } |
468 } | 481 } |
469 | 482 |
470 } // namespace blink | 483 } // namespace blink |
OLD | NEW |