Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(899)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: mojo/system/core.cc

Issue 320263004: Mojo: Remove redundant verification of Options pointers. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "mojo/system/core.h" 5 #include "mojo/system/core.h"
6 6
7 #include <vector> 7 #include <vector>
8 8
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "base/time/time.h" 10 #include "base/time/time.h"
(...skipping 275 matching lines...) Expand 10 before | Expand all | Expand 10 after
286 } 286 }
287 } 287 }
288 } 288 }
289 289
290 return rv; 290 return rv;
291 } 291 }
292 292
293 MojoResult Core::CreateDataPipe(const MojoCreateDataPipeOptions* options, 293 MojoResult Core::CreateDataPipe(const MojoCreateDataPipeOptions* options,
294 MojoHandle* data_pipe_producer_handle, 294 MojoHandle* data_pipe_producer_handle,
295 MojoHandle* data_pipe_consumer_handle) { 295 MojoHandle* data_pipe_consumer_handle) {
296 if (options) { 296 MojoCreateDataPipeOptions validated_options = {};
297 // The |struct_size| field must be valid to read. 297 // This will verify the |options| pointer.
298 if (!VerifyUserPointer<uint32_t>(&options->struct_size)) 298 MojoResult result = DataPipe::ValidateCreateOptions(options,
299 return MOJO_RESULT_INVALID_ARGUMENT; 299 &validated_options);
300 // And then |options| must point to at least |options->struct_size| bytes. 300 if (result != MOJO_RESULT_OK)
301 if (!VerifyUserPointerWithSize<MOJO_ALIGNOF(int64_t)>(options, 301 return result;
302 options->struct_size))
303 return MOJO_RESULT_INVALID_ARGUMENT;
304 }
305 if (!VerifyUserPointer<MojoHandle>(data_pipe_producer_handle)) 302 if (!VerifyUserPointer<MojoHandle>(data_pipe_producer_handle))
306 return MOJO_RESULT_INVALID_ARGUMENT; 303 return MOJO_RESULT_INVALID_ARGUMENT;
307 if (!VerifyUserPointer<MojoHandle>(data_pipe_consumer_handle)) 304 if (!VerifyUserPointer<MojoHandle>(data_pipe_consumer_handle))
308 return MOJO_RESULT_INVALID_ARGUMENT; 305 return MOJO_RESULT_INVALID_ARGUMENT;
309 306
310 MojoCreateDataPipeOptions validated_options = { 0 };
311 MojoResult result = DataPipe::ValidateCreateOptions(options,
312 &validated_options);
313 if (result != MOJO_RESULT_OK)
314 return result;
315
316 scoped_refptr<DataPipeProducerDispatcher> producer_dispatcher( 307 scoped_refptr<DataPipeProducerDispatcher> producer_dispatcher(
317 new DataPipeProducerDispatcher()); 308 new DataPipeProducerDispatcher());
318 scoped_refptr<DataPipeConsumerDispatcher> consumer_dispatcher( 309 scoped_refptr<DataPipeConsumerDispatcher> consumer_dispatcher(
319 new DataPipeConsumerDispatcher()); 310 new DataPipeConsumerDispatcher());
320 311
321 std::pair<MojoHandle, MojoHandle> handle_pair; 312 std::pair<MojoHandle, MojoHandle> handle_pair;
322 { 313 {
323 base::AutoLock locker(handle_table_lock_); 314 base::AutoLock locker(handle_table_lock_);
324 handle_pair = handle_table_.AddDispatcherPair(producer_dispatcher, 315 handle_pair = handle_table_.AddDispatcherPair(producer_dispatcher,
325 consumer_dispatcher); 316 consumer_dispatcher);
(...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after
407 if (!dispatcher) 398 if (!dispatcher)
408 return MOJO_RESULT_INVALID_ARGUMENT; 399 return MOJO_RESULT_INVALID_ARGUMENT;
409 400
410 return dispatcher->EndReadData(num_bytes_read); 401 return dispatcher->EndReadData(num_bytes_read);
411 } 402 }
412 403
413 MojoResult Core::CreateSharedBuffer( 404 MojoResult Core::CreateSharedBuffer(
414 const MojoCreateSharedBufferOptions* options, 405 const MojoCreateSharedBufferOptions* options,
415 uint64_t num_bytes, 406 uint64_t num_bytes,
416 MojoHandle* shared_buffer_handle) { 407 MojoHandle* shared_buffer_handle) {
417 if (options) { 408 MojoCreateSharedBufferOptions validated_options = {};
418 // The |struct_size| field must be valid to read. 409 // This will verify the |options| pointer.
419 if (!VerifyUserPointer<uint32_t>(&options->struct_size))
420 return MOJO_RESULT_INVALID_ARGUMENT;
421 // And then |options| must point to at least |options->struct_size| bytes.
422 if (!VerifyUserPointerWithSize<MOJO_ALIGNOF(int64_t)>(options,
423 options->struct_size))
424 return MOJO_RESULT_INVALID_ARGUMENT;
425 }
426 if (!VerifyUserPointer<MojoHandle>(shared_buffer_handle))
427 return MOJO_RESULT_INVALID_ARGUMENT;
428
429 MojoCreateSharedBufferOptions validated_options = { 0 };
430 MojoResult result = 410 MojoResult result =
431 SharedBufferDispatcher::ValidateCreateOptions(options, 411 SharedBufferDispatcher::ValidateCreateOptions(options,
432 &validated_options); 412 &validated_options);
433 if (result != MOJO_RESULT_OK) 413 if (result != MOJO_RESULT_OK)
434 return result; 414 return result;
415 if (!VerifyUserPointer<MojoHandle>(shared_buffer_handle))
416 return MOJO_RESULT_INVALID_ARGUMENT;
435 417
436 scoped_refptr<SharedBufferDispatcher> dispatcher; 418 scoped_refptr<SharedBufferDispatcher> dispatcher;
437 result = SharedBufferDispatcher::Create(validated_options, num_bytes, 419 result = SharedBufferDispatcher::Create(validated_options, num_bytes,
438 &dispatcher); 420 &dispatcher);
439 if (result != MOJO_RESULT_OK) { 421 if (result != MOJO_RESULT_OK) {
440 DCHECK(!dispatcher); 422 DCHECK(!dispatcher);
441 return result; 423 return result;
442 } 424 }
443 425
444 MojoHandle h = AddDispatcher(dispatcher); 426 MojoHandle h = AddDispatcher(dispatcher);
(...skipping 114 matching lines...) Expand 10 before | Expand all | Expand 10 after
559 // |Wait()|/|WaitMany()| call. (Only after doing this can |waiter| be 541 // |Wait()|/|WaitMany()| call. (Only after doing this can |waiter| be
560 // destroyed, but this would still be required if the waiter were in TLS.) 542 // destroyed, but this would still be required if the waiter were in TLS.)
561 for (i = 0; i < num_added; i++) 543 for (i = 0; i < num_added; i++)
562 dispatchers[i]->RemoveWaiter(&waiter); 544 dispatchers[i]->RemoveWaiter(&waiter);
563 545
564 return rv; 546 return rv;
565 } 547 }
566 548
567 } // namespace system 549 } // namespace system
568 } // namespace mojo 550 } // namespace mojo
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698