Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1294)

Unified Diff: mojo/system/core.cc

Issue 304303006: Mojo: Specify/check alignment of pointers more carefully. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: fix msvs Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « mojo/mojo.gyp ('k') | mojo/system/core_test_base.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: mojo/system/core.cc
diff --git a/mojo/system/core.cc b/mojo/system/core.cc
index 6c8cb83ba307b32bc111db99c5187cd5c3f86e31..f35284b0221a601a65273eb7862146581303b40f 100644
--- a/mojo/system/core.cc
+++ b/mojo/system/core.cc
@@ -8,6 +8,7 @@
#include "base/logging.h"
#include "base/time/time.h"
+#include "mojo/public/c/system/macros.h"
#include "mojo/system/constants.h"
#include "mojo/system/data_pipe.h"
#include "mojo/system/data_pipe_consumer_dispatcher.h"
@@ -126,9 +127,9 @@ MojoResult Core::WaitMany(const MojoHandle* handles,
const MojoWaitFlags* flags,
uint32_t num_handles,
MojoDeadline deadline) {
- if (!VerifyUserPointer<MojoHandle>(handles, num_handles))
+ if (!VerifyUserPointerWithCount<MojoHandle>(handles, num_handles))
return MOJO_RESULT_INVALID_ARGUMENT;
- if (!VerifyUserPointer<MojoWaitFlags>(flags, num_handles))
+ if (!VerifyUserPointerWithCount<MojoWaitFlags>(flags, num_handles))
return MOJO_RESULT_INVALID_ARGUMENT;
if (num_handles < 1)
return MOJO_RESULT_INVALID_ARGUMENT;
@@ -139,9 +140,9 @@ MojoResult Core::WaitMany(const MojoHandle* handles,
MojoResult Core::CreateMessagePipe(MojoHandle* message_pipe_handle0,
MojoHandle* message_pipe_handle1) {
- if (!VerifyUserPointer<MojoHandle>(message_pipe_handle0, 1))
+ if (!VerifyUserPointer<MojoHandle>(message_pipe_handle0))
return MOJO_RESULT_INVALID_ARGUMENT;
- if (!VerifyUserPointer<MojoHandle>(message_pipe_handle1, 1))
+ if (!VerifyUserPointer<MojoHandle>(message_pipe_handle1))
return MOJO_RESULT_INVALID_ARGUMENT;
scoped_refptr<MessagePipeDispatcher> dispatcher0(new MessagePipeDispatcher());
@@ -198,7 +199,7 @@ MojoResult Core::WriteMessage(MojoHandle message_pipe_handle,
// validity, even for dispatchers that don't support |WriteMessage()| and will
// simply return failure unconditionally. It also breaks the usual
// left-to-right verification order of arguments.)
- if (!VerifyUserPointer<MojoHandle>(handles, num_handles))
+ if (!VerifyUserPointerWithCount<MojoHandle>(handles, num_handles))
return MOJO_RESULT_INVALID_ARGUMENT;
if (num_handles > kMaxMessageNumHandles)
return MOJO_RESULT_RESOURCE_EXHAUSTED;
@@ -251,9 +252,9 @@ MojoResult Core::ReadMessage(MojoHandle message_pipe_handle,
return MOJO_RESULT_INVALID_ARGUMENT;
if (num_handles) {
- if (!VerifyUserPointer<uint32_t>(num_handles, 1))
+ if (!VerifyUserPointer<uint32_t>(num_handles))
return MOJO_RESULT_INVALID_ARGUMENT;
- if (!VerifyUserPointer<MojoHandle>(handles, *num_handles))
+ if (!VerifyUserPointerWithCount<MojoHandle>(handles, *num_handles))
return MOJO_RESULT_INVALID_ARGUMENT;
}
@@ -294,15 +295,16 @@ MojoResult Core::CreateDataPipe(const MojoCreateDataPipeOptions* options,
MojoHandle* data_pipe_consumer_handle) {
if (options) {
// The |struct_size| field must be valid to read.
- if (!VerifyUserPointer<uint32_t>(&options->struct_size, 1))
+ if (!VerifyUserPointer<uint32_t>(&options->struct_size))
return MOJO_RESULT_INVALID_ARGUMENT;
// And then |options| must point to at least |options->struct_size| bytes.
- if (!VerifyUserPointer<void>(options, options->struct_size))
+ if (!VerifyUserPointerWithSize<MOJO_ALIGNOF(int64_t)>(options,
+ options->struct_size))
return MOJO_RESULT_INVALID_ARGUMENT;
}
- if (!VerifyUserPointer<MojoHandle>(data_pipe_producer_handle, 1))
+ if (!VerifyUserPointer<MojoHandle>(data_pipe_producer_handle))
return MOJO_RESULT_INVALID_ARGUMENT;
- if (!VerifyUserPointer<MojoHandle>(data_pipe_consumer_handle, 1))
+ if (!VerifyUserPointer<MojoHandle>(data_pipe_consumer_handle))
return MOJO_RESULT_INVALID_ARGUMENT;
MojoCreateDataPipeOptions validated_options = { 0 };
@@ -413,13 +415,14 @@ MojoResult Core::CreateSharedBuffer(
MojoHandle* shared_buffer_handle) {
if (options) {
// The |struct_size| field must be valid to read.
- if (!VerifyUserPointer<uint32_t>(&options->struct_size, 1))
+ if (!VerifyUserPointer<uint32_t>(&options->struct_size))
return MOJO_RESULT_INVALID_ARGUMENT;
// And then |options| must point to at least |options->struct_size| bytes.
- if (!VerifyUserPointer<void>(options, options->struct_size))
+ if (!VerifyUserPointerWithSize<MOJO_ALIGNOF(int64_t)>(options,
+ options->struct_size))
return MOJO_RESULT_INVALID_ARGUMENT;
}
- if (!VerifyUserPointer<MojoHandle>(shared_buffer_handle, 1))
+ if (!VerifyUserPointer<MojoHandle>(shared_buffer_handle))
return MOJO_RESULT_INVALID_ARGUMENT;
MojoCreateSharedBufferOptions validated_options = { 0 };
@@ -456,7 +459,7 @@ MojoResult Core::DuplicateBufferHandle(
return MOJO_RESULT_INVALID_ARGUMENT;
// Don't verify |options| here; that's the dispatcher's job.
- if (!VerifyUserPointer<MojoHandle>(new_buffer_handle, 1))
+ if (!VerifyUserPointer<MojoHandle>(new_buffer_handle))
return MOJO_RESULT_INVALID_ARGUMENT;
scoped_refptr<Dispatcher> new_dispatcher;
@@ -485,7 +488,7 @@ MojoResult Core::MapBuffer(MojoHandle buffer_handle,
if (!dispatcher)
return MOJO_RESULT_INVALID_ARGUMENT;
- if (!VerifyUserPointer<void*>(buffer, 1))
+ if (!VerifyUserPointerWithCount<void*>(buffer, 1))
return MOJO_RESULT_INVALID_ARGUMENT;
scoped_ptr<RawSharedBufferMapping> mapping;
« no previous file with comments | « mojo/mojo.gyp ('k') | mojo/system/core_test_base.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698