| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "ipc/ipc_mojo_bootstrap.h" | 5 #include "ipc/ipc_mojo_bootstrap.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 | 8 |
| 9 #include <map> | 9 #include <map> |
| 10 #include <memory> | 10 #include <memory> |
| (...skipping 770 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 781 } | 781 } |
| 782 | 782 |
| 783 void AcceptSyncMessage(mojo::InterfaceId interface_id, uint32_t message_id) { | 783 void AcceptSyncMessage(mojo::InterfaceId interface_id, uint32_t message_id) { |
| 784 DCHECK(proxy_task_runner_->BelongsToCurrentThread()); | 784 DCHECK(proxy_task_runner_->BelongsToCurrentThread()); |
| 785 | 785 |
| 786 base::AutoLock locker(lock_); | 786 base::AutoLock locker(lock_); |
| 787 Endpoint* endpoint = FindEndpoint(interface_id); | 787 Endpoint* endpoint = FindEndpoint(interface_id); |
| 788 if (!endpoint) | 788 if (!endpoint) |
| 789 return; | 789 return; |
| 790 | 790 |
| 791 // Careful, if the endpoint is detached its members are cleared. Check for |
| 792 // that before dereferencing. |
| 793 mojo::InterfaceEndpointClient* client = endpoint->client(); |
| 794 if (!client) |
| 795 return; |
| 796 |
| 791 DCHECK(endpoint->task_runner()->BelongsToCurrentThread()); | 797 DCHECK(endpoint->task_runner()->BelongsToCurrentThread()); |
| 792 MessageWrapper message_wrapper = endpoint->PopSyncMessage(message_id); | 798 MessageWrapper message_wrapper = endpoint->PopSyncMessage(message_id); |
| 793 | 799 |
| 794 // The message must have already been dequeued by the endpoint waking up | 800 // The message must have already been dequeued by the endpoint waking up |
| 795 // from a sync wait. Nothing to do. | 801 // from a sync wait. Nothing to do. |
| 796 if (message_wrapper.value().IsNull()) | 802 if (message_wrapper.value().IsNull()) |
| 797 return; | 803 return; |
| 798 | 804 |
| 799 mojo::InterfaceEndpointClient* client = endpoint->client(); | |
| 800 if (!client) | |
| 801 return; | |
| 802 | |
| 803 bool result = false; | 805 bool result = false; |
| 804 { | 806 { |
| 805 base::AutoUnlock unlocker(lock_); | 807 base::AutoUnlock unlocker(lock_); |
| 806 result = client->HandleIncomingMessage(&message_wrapper.value()); | 808 result = client->HandleIncomingMessage(&message_wrapper.value()); |
| 807 } | 809 } |
| 808 | 810 |
| 809 if (!result) | 811 if (!result) |
| 810 RaiseError(); | 812 RaiseError(); |
| 811 } | 813 } |
| 812 | 814 |
| (...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 915 std::unique_ptr<MojoBootstrap> MojoBootstrap::Create( | 917 std::unique_ptr<MojoBootstrap> MojoBootstrap::Create( |
| 916 mojo::ScopedMessagePipeHandle handle, | 918 mojo::ScopedMessagePipeHandle handle, |
| 917 Channel::Mode mode, | 919 Channel::Mode mode, |
| 918 const scoped_refptr<base::SingleThreadTaskRunner>& ipc_task_runner) { | 920 const scoped_refptr<base::SingleThreadTaskRunner>& ipc_task_runner) { |
| 919 return base::MakeUnique<MojoBootstrapImpl>( | 921 return base::MakeUnique<MojoBootstrapImpl>( |
| 920 std::move(handle), new ChannelAssociatedGroupController( | 922 std::move(handle), new ChannelAssociatedGroupController( |
| 921 mode == Channel::MODE_SERVER, ipc_task_runner)); | 923 mode == Channel::MODE_SERVER, ipc_task_runner)); |
| 922 } | 924 } |
| 923 | 925 |
| 924 } // namespace IPC | 926 } // namespace IPC |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2834493008:
Fix null pointer dereference in ipc_boostrap (Closed)
