Add a size parameter to SharedMemoryHandle.

base/memory/shared_memory_handle.h

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef BASE_MEMORY_SHARED_MEMORY_HANDLE_H_
 #define BASE_MEMORY_SHARED_MEMORY_HANDLE_H_
 
 #include <stddef.h>
 
 #include "base/unguessable_token.h"
@@ skipping 53 matching lines @@
   // Duplicates the underlying OS resource. Using the return value as a
   // parameter to an IPC message will cause the IPC subsystem to consume the OS
   // resource.
   SharedMemoryHandle Duplicate() const;
 
   // Uniques identifies the shared memory region that the underlying OS resource
   // points to. Multiple SharedMemoryHandles that point to the same shared
   // memory region will have the same GUID. Preserved across IPC.
   base::UnguessableToken GetGUID() const;
 
+  // Returns the size of the memory region that SharedMemoryHandle points to.
+  size_t GetSize() const;
+
 #if defined(OS_MACOSX) && !defined(OS_IOS)
   enum Type {
     // The SharedMemoryHandle is backed by a POSIX fd.
     POSIX,
     // The SharedMemoryHandle is backed by the Mach primitive "memory object".
     MACH,
   };
 
   // Constructs a SharedMemoryHandle backed by the components of a
   // FileDescriptor. The newly created instance has the same ownership semantics
   // as base::FileDescriptor. This typically means that the SharedMemoryHandle
   // takes ownership of the |fd| if |auto_close| is true. Unfortunately, it's
   // common for existing code to make shallow copies of SharedMemoryHandle, and
   // the one that is finally passed into a base::SharedMemory is the one that
   // "consumes" the fd.
   // |guid| uniquely identifies the shared memory region pointed to by the
   // underlying OS resource. If |file_descriptor| is associated with another
   // SharedMemoryHandle, the caller must pass the |guid| of that
   // SharedMemoryHandle. Otherwise, the caller should generate a new
   // UnguessableToken.
+  // |size| refers to the size of the memory region pointed to by
+  // file_descriptor.fd. Passing the wrong |size| has no immediate consequence,
+  // but may cause errors when trying to map the SharedMemoryHandle at a later
+  // point in time.
   SharedMemoryHandle(const base::FileDescriptor& file_descriptor,
+                     size_t size,
                      const base::UnguessableToken& guid);
 
   // Makes a Mach-based SharedMemoryHandle of the given size. On error,
   // subsequent calls to IsValid() return false.
+  // Passing the wrong |size| has no immediate consequence, but may cause errors
+  // when trying to map the SharedMemoryHandle at a later point in time.
   SharedMemoryHandle(mach_vm_size_t size, const base::UnguessableToken& guid);
 
   // Makes a Mach-based SharedMemoryHandle from |memory_object|, a named entry
   // in the current task. The memory region has size |size|.
+  // Passing the wrong |size| has no immediate consequence, but may cause errors
+  // when trying to map the SharedMemoryHandle at a later point in time.
   SharedMemoryHandle(mach_port_t memory_object,
                      mach_vm_size_t size,
                      const base::UnguessableToken& guid);
 
   // Exposed so that the SharedMemoryHandle can be transported between
   // processes.
   mach_port_t GetMemoryObject() const;
 
-  // Returns false on a failure to determine the size. On success, populates the
-  // output variable |size|.
-  bool GetSize(size_t* size) const;
-
   // The SharedMemoryHandle must be valid.
   // Returns whether the SharedMemoryHandle was successfully mapped into memory.
   // On success, |memory| is an output variable that contains the start of the
   // mapped memory.
   bool MapAt(off_t offset, size_t bytes, void** memory, bool read_only);
 #elif defined(OS_WIN)
   // Takes implicit ownership of |h|.
   // |guid| uniquely identifies the shared memory region pointed to by the
   // underlying OS resource. If the HANDLE is associated with another
   // SharedMemoryHandle, the caller must pass the |guid| of that
   // SharedMemoryHandle. Otherwise, the caller should generate a new
   // UnguessableToken.
-  SharedMemoryHandle(HANDLE h, const base::UnguessableToken& guid);
+  // Passing the wrong |size| has no immediate consequence, but may cause errors
+  // when trying to map the SharedMemoryHandle at a later point in time.
+  SharedMemoryHandle(HANDLE h, size_t size, const base::UnguessableToken& guid);
   HANDLE GetHandle() const;
 #else
   // |guid| uniquely identifies the shared memory region pointed to by the
   // underlying OS resource. If |file_descriptor| is associated with another
   // SharedMemoryHandle, the caller must pass the |guid| of that
   // SharedMemoryHandle. Otherwise, the caller should generate a new
   // UnguessableToken.
+  // Passing the wrong |size| has no immediate consequence, but may cause errors
+  // when trying to map the SharedMemoryHandle at a later point in time.
   SharedMemoryHandle(const base::FileDescriptor& file_descriptor,
+                     size_t size,
                      const base::UnguessableToken& guid);
 
   // Creates a SharedMemoryHandle from an |fd| supplied from an external
   // service.
-  static SharedMemoryHandle ImportHandle(int fd);
+  // Passing the wrong |size| has no immediate consequence, but may cause errors
+  // when trying to map the SharedMemoryHandle at a later point in time.
+  static SharedMemoryHandle ImportHandle(int fd, size_t size);
 
   // Returns the underlying OS resource.
   int GetHandle() const;
 
-  // Takes ownership of the OS resource.
-  void SetHandle(int fd);
-
   // Invalidates [but doesn't close] the underlying OS resource. This will leak
   // unless the caller is careful.
   int Release();
 #endif
 
  private:
 #if defined(OS_MACOSX) && !defined(OS_IOS)
   friend class SharedMemory;
 
-  Type type_;
+  Type type_ = MACH;
 
   // Each instance of a SharedMemoryHandle is backed either by a POSIX fd or a
   // mach port. |type_| determines the backing member.
   union {
     FileDescriptor file_descriptor_;
 
     struct {
-      mach_port_t memory_object_;
-
-      // The size of the shared memory region when |type_| is MACH. Only
-      // relevant if |memory_object_| is not |MACH_PORT_NULL|.
-      mach_vm_size_t size_;
+      mach_port_t memory_object_ = MACH_PORT_NULL;
 
       // Whether passing this object as a parameter to an IPC message passes
       // ownership of |memory_object_| to the IPC stack. This is meant to mimic
       // the behavior of the |auto_close| parameter of FileDescriptor.
       // Defaults to |false|.
-      bool ownership_passes_to_ipc_;
+      bool ownership_passes_to_ipc_ = false;
     };
   };
 #elif defined(OS_WIN)
-  HANDLE handle_;
+  HANDLE handle_ = nullptr;
 
   // Whether passing this object as a parameter to an IPC message passes
   // ownership of |handle_| to the IPC stack. This is meant to mimic the
   // behavior of the |auto_close| parameter of FileDescriptor. This member only
   // affects attachment-brokered SharedMemoryHandles.
   // Defaults to |false|.
-  bool ownership_passes_to_ipc_;
+  bool ownership_passes_to_ipc_ = false;
 #else
   FileDescriptor file_descriptor_;
 #endif
 
   base::UnguessableToken guid_;
+
+  // The size of the region referenced by the SharedMemoryHandle.
+  size_t size_ = 0;
 };
 
 }  // namespace base
 
 #endif  // BASE_MEMORY_SHARED_MEMORY_HANDLE_H_