Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(125)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: mojo/public/cpp/bindings/lib/bindings_serialization.cc

Issue 293983026: Mojo cpp bindings: remove redundant validation in Decode*(). (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « mojo/public/cpp/bindings/lib/bindings_serialization.h ('k') | mojo/public/tools/bindings/generators/cpp_templates/interface_definition.tmpl » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "mojo/public/cpp/bindings/lib/bindings_serialization.h" 5 #include "mojo/public/cpp/bindings/lib/bindings_serialization.h"
6 6
7 #include <assert.h> 7 #include <assert.h>
8 8
9 #include "mojo/public/cpp/bindings/lib/bindings_internal.h" 9 #include "mojo/public/cpp/bindings/lib/bindings_internal.h"
10 #include "mojo/public/cpp/bindings/lib/bounds_checker.h" 10 #include "mojo/public/cpp/bindings/lib/bounds_checker.h"
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after
53 return NULL; 53 return NULL;
54 return reinterpret_cast<const char*>(offset) + *offset; 54 return reinterpret_cast<const char*>(offset) + *offset;
55 } 55 }
56 56
57 bool ValidateEncodedPointer(const uint64_t* offset) { 57 bool ValidateEncodedPointer(const uint64_t* offset) {
58 // Cast to uintptr_t so overflow behavior is well defined. 58 // Cast to uintptr_t so overflow behavior is well defined.
59 return reinterpret_cast<uintptr_t>(offset) + *offset >= 59 return reinterpret_cast<uintptr_t>(offset) + *offset >=
60 reinterpret_cast<uintptr_t>(offset); 60 reinterpret_cast<uintptr_t>(offset);
61 } 61 }
62 62
63 bool ValidatePointer(const void* ptr, const Message& message) {
64 const uint8_t* data = static_cast<const uint8_t*>(ptr);
65 if (reinterpret_cast<uintptr_t>(data) % 8 != 0)
66 return false;
67
68 const uint8_t* data_start = message.data();
69 const uint8_t* data_end = data_start + message.data_num_bytes();
70
71 return data >= data_start && data < data_end;
72 }
73
74 void EncodeHandle(Handle* handle, std::vector<Handle>* handles) { 63 void EncodeHandle(Handle* handle, std::vector<Handle>* handles) {
75 if (handle->is_valid()) { 64 if (handle->is_valid()) {
76 handles->push_back(*handle); 65 handles->push_back(*handle);
77 handle->set_value(static_cast<MojoHandle>(handles->size() - 1)); 66 handle->set_value(static_cast<MojoHandle>(handles->size() - 1));
78 } else { 67 } else {
79 handle->set_value(kEncodedInvalidHandleValue); 68 handle->set_value(kEncodedInvalidHandleValue);
80 } 69 }
81 } 70 }
82 71
83 bool DecodeHandle(Handle* handle, std::vector<Handle>* handles) { 72 void DecodeHandle(Handle* handle, std::vector<Handle>* handles) {
84 if (handle->value() == kEncodedInvalidHandleValue) { 73 if (handle->value() == kEncodedInvalidHandleValue) {
85 *handle = Handle(); 74 *handle = Handle();
86 return true; 75 return;
87 } 76 }
88 if (handle->value() >= handles->size()) 77 assert(handle->value() < handles->size());
89 return false;
90 // Just leave holes in the vector so we don't screw up other indices. 78 // Just leave holes in the vector so we don't screw up other indices.
91 *handle = FetchAndReset(&handles->at(handle->value())); 79 *handle = FetchAndReset(&handles->at(handle->value()));
92 return true;
93 } 80 }
94 81
95 bool ValidateStructHeader(const void* data, 82 bool ValidateStructHeader(const void* data,
96 uint32_t min_num_bytes, 83 uint32_t min_num_bytes,
97 uint32_t min_num_fields, 84 uint32_t min_num_fields,
98 BoundsChecker* bounds_checker) { 85 BoundsChecker* bounds_checker) {
99 if (!IsAligned(data)) 86 if (!IsAligned(data))
100 return false; 87 return false;
101 if (!bounds_checker->IsValidRange(data, sizeof(StructHeader))) 88 if (!bounds_checker->IsValidRange(data, sizeof(StructHeader)))
102 return false; 89 return false;
103 90
104 const StructHeader* header = static_cast<const StructHeader*>(data); 91 const StructHeader* header = static_cast<const StructHeader*>(data);
105 92
106 // TODO(yzshen): Currently our binding code cannot handle structs of smaller 93 // TODO(yzshen): Currently our binding code cannot handle structs of smaller
107 // size or with fewer fields than the version that it sees. That needs to be 94 // size or with fewer fields than the version that it sees. That needs to be
108 // changed in order to provide backward compatibility. 95 // changed in order to provide backward compatibility.
109 if (header->num_bytes < min_num_bytes || header->num_fields < min_num_fields) 96 if (header->num_bytes < min_num_bytes || header->num_fields < min_num_fields)
110 return false; 97 return false;
111 98
112 if (!bounds_checker->ClaimMemory(data, header->num_bytes)) 99 if (!bounds_checker->ClaimMemory(data, header->num_bytes))
113 return false; 100 return false;
114 101
115 return true; 102 return true;
116 } 103 }
117 104
118 } // namespace internal 105 } // namespace internal
119 } // namespace mojo 106 } // namespace mojo
OLDNEW
« no previous file with comments | « mojo/public/cpp/bindings/lib/bindings_serialization.h ('k') | mojo/public/tools/bindings/generators/cpp_templates/interface_definition.tmpl » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698