Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(262)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: mojo/public/cpp/bindings/lib/message.cc

Issue 2844143002: Mojo C++ bindings: reject messages version 2 with null payload pointer. (Closed)
Patch Set: . Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « mojo/edk/js/tests/js_to_cpp_tests.js ('k') | mojo/public/cpp/bindings/lib/message_header_validator.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "mojo/public/cpp/bindings/message.h" 5 #include "mojo/public/cpp/bindings/message.h"
6 6
7 #include <stddef.h> 7 #include <stddef.h>
8 #include <stdint.h> 8 #include <stdint.h>
9 #include <stdlib.h> 9 #include <stdlib.h>
10 10
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after
73 std::vector<Handle>* handles) { 73 std::vector<Handle>* handles) {
74 DCHECK(!buffer_); 74 DCHECK(!buffer_);
75 buffer_.reset(new internal::MessageBuffer(std::move(message), num_bytes)); 75 buffer_.reset(new internal::MessageBuffer(std::move(message), num_bytes));
76 handles_.swap(*handles); 76 handles_.swap(*handles);
77 } 77 }
78 78
79 const uint8_t* Message::payload() const { 79 const uint8_t* Message::payload() const {
80 if (version() < 2) 80 if (version() < 2)
81 return data() + header()->num_bytes; 81 return data() + header()->num_bytes;
82 82
83 DCHECK(!header_v2()->payload.is_null());
83 return static_cast<const uint8_t*>(header_v2()->payload.Get()); 84 return static_cast<const uint8_t*>(header_v2()->payload.Get());
84 } 85 }
85 86
86 uint32_t Message::payload_num_bytes() const { 87 uint32_t Message::payload_num_bytes() const {
87 DCHECK_GE(data_num_bytes(), header()->num_bytes); 88 DCHECK_GE(data_num_bytes(), header()->num_bytes);
88 size_t num_bytes; 89 size_t num_bytes;
89 if (version() < 2) { 90 if (version() < 2) {
90 num_bytes = data_num_bytes() - header()->num_bytes; 91 num_bytes = data_num_bytes() - header()->num_bytes;
91 } else { 92 } else {
92 auto payload = reinterpret_cast<uintptr_t>(header_v2()->payload.Get()); 93 auto payload_begin =
93 if (!payload) { 94 reinterpret_cast<uintptr_t>(header_v2()->payload.Get());
94 num_bytes = 0; 95 auto payload_end =
95 } else { 96 reinterpret_cast<uintptr_t>(header_v2()->payload_interface_ids.Get());
96 auto payload_end = 97 if (!payload_end)
97 reinterpret_cast<uintptr_t>(header_v2()->payload_interface_ids.Get()); 98 payload_end = reinterpret_cast<uintptr_t>(data() + data_num_bytes());
98 if (!payload_end) 99 DCHECK_GE(payload_end, payload_begin);
99 payload_end = reinterpret_cast<uintptr_t>(data() + data_num_bytes()); 100 num_bytes = payload_end - payload_begin;
100 DCHECK_GE(payload_end, payload);
101 num_bytes = payload_end - payload;
102 }
103 } 101 }
104 DCHECK_LE(num_bytes, std::numeric_limits<uint32_t>::max()); 102 DCHECK_LE(num_bytes, std::numeric_limits<uint32_t>::max());
105 return static_cast<uint32_t>(num_bytes); 103 return static_cast<uint32_t>(num_bytes);
106 } 104 }
107 105
108 uint32_t Message::payload_num_interface_ids() const { 106 uint32_t Message::payload_num_interface_ids() const {
109 auto* array_pointer = 107 auto* array_pointer =
110 version() < 2 ? nullptr : header_v2()->payload_interface_ids.Get(); 108 version() < 2 ? nullptr : header_v2()->payload_interface_ids.Get();
111 return array_pointer ? static_cast<uint32_t>(array_pointer->size()) : 0; 109 return array_pointer ? static_cast<uint32_t>(array_pointer->size()) : 0;
112 } 110 }
(...skipping 210 matching lines...) Expand 10 before | Expand all | Expand 10 after
323 // static 321 // static
324 void SyncMessageResponseSetup::SetCurrentSyncResponseMessage(Message* message) { 322 void SyncMessageResponseSetup::SetCurrentSyncResponseMessage(Message* message) {
325 SyncMessageResponseContext* context = SyncMessageResponseContext::current(); 323 SyncMessageResponseContext* context = SyncMessageResponseContext::current();
326 if (context) 324 if (context)
327 context->response_ = std::move(*message); 325 context->response_ = std::move(*message);
328 } 326 }
329 327
330 } // namespace internal 328 } // namespace internal
331 329
332 } // namespace mojo 330 } // namespace mojo
OLDNEW
« no previous file with comments | « mojo/edk/js/tests/js_to_cpp_tests.js ('k') | mojo/public/cpp/bindings/lib/message_header_validator.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698