| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "mojo/system/options_validation.h" | 5 #include "mojo/system/options_validation.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include "mojo/public/c/system/macros.h" | 10 #include "mojo/public/c/system/macros.h" |
| (...skipping 12 matching lines...) Expand all Loading... |
| 23 uint32_t struct_size; | 23 uint32_t struct_size; |
| 24 TestOptionsFlags flags; | 24 TestOptionsFlags flags; |
| 25 uint32_t member1; | 25 uint32_t member1; |
| 26 uint32_t member2; | 26 uint32_t member2; |
| 27 }; | 27 }; |
| 28 MOJO_COMPILE_ASSERT(sizeof(TestOptions) == 16, TestOptions_has_wrong_size); | 28 MOJO_COMPILE_ASSERT(sizeof(TestOptions) == 16, TestOptions_has_wrong_size); |
| 29 | 29 |
| 30 const uint32_t kSizeOfTestOptions = static_cast<uint32_t>(sizeof(TestOptions)); | 30 const uint32_t kSizeOfTestOptions = static_cast<uint32_t>(sizeof(TestOptions)); |
| 31 | 31 |
| 32 TEST(OptionsValidationTest, Valid) { | 32 TEST(OptionsValidationTest, Valid) { |
| 33 const TestOptions kOptions1 = { | 33 { |
| 34 kSizeOfTestOptions | 34 const TestOptions kOptions = { |
| 35 }; | 35 kSizeOfTestOptions |
| 36 }; |
| 37 UserOptionsReader<TestOptions> reader(MakeUserPointer(&kOptions)); |
| 38 EXPECT_TRUE(reader.is_valid()); |
| 39 EXPECT_TRUE(OPTIONS_STRUCT_HAS_MEMBER(TestOptions, flags, reader)); |
| 40 EXPECT_TRUE(OPTIONS_STRUCT_HAS_MEMBER(TestOptions, member1, reader)); |
| 41 EXPECT_TRUE(OPTIONS_STRUCT_HAS_MEMBER(TestOptions, member2, reader)); |
| 42 } |
| 43 { |
| 44 const TestOptions kOptions = { |
| 45 static_cast<uint32_t>(offsetof(TestOptions, struct_size) + |
| 46 sizeof(uint32_t)) |
| 47 }; |
| 48 UserOptionsReader<TestOptions> reader(MakeUserPointer(&kOptions)); |
| 49 EXPECT_TRUE(reader.is_valid()); |
| 50 EXPECT_FALSE(OPTIONS_STRUCT_HAS_MEMBER(TestOptions, flags, reader)); |
| 51 EXPECT_FALSE(OPTIONS_STRUCT_HAS_MEMBER(TestOptions, member1, reader)); |
| 52 EXPECT_FALSE(OPTIONS_STRUCT_HAS_MEMBER(TestOptions, member2, reader)); |
| 53 } |
| 36 | 54 |
| 37 EXPECT_TRUE(IsOptionsStructPointerAndSizeValid<TestOptions>(&kOptions1)); | 55 { |
| 38 EXPECT_TRUE(HAS_OPTIONS_STRUCT_MEMBER(TestOptions, flags, &kOptions1)); | 56 const TestOptions kOptions = { |
| 39 EXPECT_TRUE(HAS_OPTIONS_STRUCT_MEMBER(TestOptions, member1, &kOptions1)); | 57 static_cast<uint32_t>(offsetof(TestOptions, flags) + sizeof(uint32_t)) |
| 40 EXPECT_TRUE(HAS_OPTIONS_STRUCT_MEMBER(TestOptions, member2, &kOptions1)); | 58 }; |
| 41 | 59 UserOptionsReader<TestOptions> reader(MakeUserPointer(&kOptions)); |
| 42 const TestOptions kOptions2 = { | 60 EXPECT_TRUE(reader.is_valid()); |
| 43 static_cast<uint32_t>(offsetof(TestOptions, struct_size) + sizeof(uint32_t)) | 61 EXPECT_TRUE(OPTIONS_STRUCT_HAS_MEMBER(TestOptions, flags, reader)); |
| 44 }; | 62 EXPECT_FALSE(OPTIONS_STRUCT_HAS_MEMBER(TestOptions, member1, reader)); |
| 45 EXPECT_TRUE(IsOptionsStructPointerAndSizeValid<TestOptions>(&kOptions2)); | 63 EXPECT_FALSE(OPTIONS_STRUCT_HAS_MEMBER(TestOptions, member2, reader)); |
| 46 EXPECT_FALSE(HAS_OPTIONS_STRUCT_MEMBER(TestOptions, flags, &kOptions2)); | 64 } |
| 47 EXPECT_FALSE(HAS_OPTIONS_STRUCT_MEMBER(TestOptions, member1, &kOptions2)); | 65 { |
| 48 EXPECT_FALSE(HAS_OPTIONS_STRUCT_MEMBER(TestOptions, member2, &kOptions2)); | 66 MOJO_ALIGNAS(8) char buf[sizeof(TestOptions) + 100] = {}; |
| 49 | 67 TestOptions* options = reinterpret_cast<TestOptions*>(buf); |
| 50 const TestOptions kOptions3 = { | 68 options->struct_size = kSizeOfTestOptions + 1; |
| 51 static_cast<uint32_t>(offsetof(TestOptions, flags) + sizeof(uint32_t)) | 69 UserOptionsReader<TestOptions> reader(MakeUserPointer(options)); |
| 52 }; | 70 EXPECT_TRUE(reader.is_valid()); |
| 53 EXPECT_TRUE(IsOptionsStructPointerAndSizeValid<TestOptions>(&kOptions3)); | 71 EXPECT_TRUE(OPTIONS_STRUCT_HAS_MEMBER(TestOptions, flags, reader)); |
| 54 EXPECT_TRUE(HAS_OPTIONS_STRUCT_MEMBER(TestOptions, flags, &kOptions3)); | 72 EXPECT_TRUE(OPTIONS_STRUCT_HAS_MEMBER(TestOptions, member1, reader)); |
| 55 EXPECT_FALSE(HAS_OPTIONS_STRUCT_MEMBER(TestOptions, member1, &kOptions3)); | 73 EXPECT_TRUE(OPTIONS_STRUCT_HAS_MEMBER(TestOptions, member2, reader)); |
| 56 EXPECT_FALSE(HAS_OPTIONS_STRUCT_MEMBER(TestOptions, member2, &kOptions3)); | 74 } |
| 57 | 75 { |
| 58 MOJO_ALIGNAS(8) char buf[sizeof(TestOptions) + 100] = {}; | 76 MOJO_ALIGNAS(8) char buf[sizeof(TestOptions) + 100] = {}; |
| 59 TestOptions* options = reinterpret_cast<TestOptions*>(buf); | 77 TestOptions* options = reinterpret_cast<TestOptions*>(buf); |
| 60 options->struct_size = kSizeOfTestOptions + 1; | 78 options->struct_size = kSizeOfTestOptions + 4; |
| 61 EXPECT_TRUE(IsOptionsStructPointerAndSizeValid<TestOptions>(options)); | 79 UserOptionsReader<TestOptions> reader(MakeUserPointer(options)); |
| 62 EXPECT_TRUE(HAS_OPTIONS_STRUCT_MEMBER(TestOptions, flags, options)); | 80 EXPECT_TRUE(reader.is_valid()); |
| 63 EXPECT_TRUE(HAS_OPTIONS_STRUCT_MEMBER(TestOptions, member1, options)); | 81 EXPECT_TRUE(OPTIONS_STRUCT_HAS_MEMBER(TestOptions, flags, reader)); |
| 64 EXPECT_TRUE(HAS_OPTIONS_STRUCT_MEMBER(TestOptions, member2, options)); | 82 EXPECT_TRUE(OPTIONS_STRUCT_HAS_MEMBER(TestOptions, member1, reader)); |
| 65 | 83 EXPECT_TRUE(OPTIONS_STRUCT_HAS_MEMBER(TestOptions, member2, reader)); |
| 66 options->struct_size = kSizeOfTestOptions + 4; | 84 } |
| 67 EXPECT_TRUE(IsOptionsStructPointerAndSizeValid<TestOptions>(options)); | |
| 68 EXPECT_TRUE(HAS_OPTIONS_STRUCT_MEMBER(TestOptions, flags, options)); | |
| 69 EXPECT_TRUE(HAS_OPTIONS_STRUCT_MEMBER(TestOptions, member1, options)); | |
| 70 EXPECT_TRUE(HAS_OPTIONS_STRUCT_MEMBER(TestOptions, member2, options)); | |
| 71 } | 85 } |
| 72 | 86 |
| 73 TEST(OptionsValidationTest, Invalid) { | 87 TEST(OptionsValidationTest, Invalid) { |
| 74 // Null: | |
| 75 EXPECT_FALSE(IsOptionsStructPointerAndSizeValid<TestOptions>(NULL)); | |
| 76 | |
| 77 // Unaligned: | |
| 78 EXPECT_FALSE(IsOptionsStructPointerAndSizeValid<TestOptions>( | |
| 79 reinterpret_cast<const void*>(1))); | |
| 80 EXPECT_FALSE(IsOptionsStructPointerAndSizeValid<TestOptions>( | |
| 81 reinterpret_cast<const void*>(4))); | |
| 82 | |
| 83 // Size too small: | 88 // Size too small: |
| 84 for (size_t i = 0; i < sizeof(uint32_t); i++) { | 89 for (size_t i = 0; i < sizeof(uint32_t); i++) { |
| 85 TestOptions options = {static_cast<uint32_t>(i)}; | 90 TestOptions options = {static_cast<uint32_t>(i)}; |
| 86 EXPECT_FALSE(IsOptionsStructPointerAndSizeValid<TestOptions>(&options)) | 91 UserOptionsReader<TestOptions> reader(MakeUserPointer(&options)); |
| 87 << i; | 92 EXPECT_FALSE(reader.is_valid()) << i; |
| 88 } | 93 } |
| 89 } | 94 } |
| 90 | 95 |
| 91 TEST(OptionsValidationTest, CheckFlags) { | 96 // These test invalid arguments that should cause death if we're being paranoid |
| 92 const TestOptions kOptions1 = {kSizeOfTestOptions, 0}; | 97 // about checking arguments (which we would want to do if, e.g., we were in a |
| 93 EXPECT_TRUE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions1, 0u)); | 98 // true "kernel" situation, but we might not want to do otherwise for |
| 94 EXPECT_TRUE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions1, 1u)); | 99 // performance reasons). Probably blatant errors like passing in null pointers |
| 95 EXPECT_TRUE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions1, 3u)); | 100 // (for required pointer arguments) will still cause death, but perhaps not |
| 96 EXPECT_TRUE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions1, 7u)); | 101 // predictably. |
| 97 EXPECT_TRUE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions1, ~0u)); | 102 TEST(OptionsValidationTest, InvalidDeath) { |
| 103 const char kMemoryCheckFailedRegex[] = "Check failed"; |
| 98 | 104 |
| 99 const TestOptions kOptions2 = {kSizeOfTestOptions, 1}; | 105 // Null: |
| 100 EXPECT_FALSE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions2, 0u)); | 106 EXPECT_DEATH_IF_SUPPORTED( |
| 101 EXPECT_TRUE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions2, 1u)); | 107 { UserOptionsReader<TestOptions> reader((NullUserPointer())); }, |
| 102 EXPECT_TRUE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions2, 3u)); | 108 kMemoryCheckFailedRegex); |
| 103 EXPECT_TRUE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions2, 7u)); | |
| 104 EXPECT_TRUE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions2, ~0u)); | |
| 105 | |
| 106 const TestOptions kOptions3 = {kSizeOfTestOptions, 2}; | |
| 107 EXPECT_FALSE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions3, 0u)); | |
| 108 EXPECT_FALSE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions3, 1u)); | |
| 109 EXPECT_TRUE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions3, 3u)); | |
| 110 EXPECT_TRUE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions3, 7u)); | |
| 111 EXPECT_TRUE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions3, ~0u)); | |
| 112 | |
| 113 const TestOptions kOptions4 = {kSizeOfTestOptions, 5}; | |
| 114 EXPECT_FALSE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions4, 0u)); | |
| 115 EXPECT_FALSE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions4, 1u)); | |
| 116 EXPECT_FALSE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions4, 3u)); | |
| 117 EXPECT_TRUE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions4, 7u)); | |
| 118 EXPECT_TRUE(AreOptionsFlagsAllKnown<TestOptions>(&kOptions4, ~0u)); | |
| 119 } | |
| 120 | |
| 121 TEST(OptionsValidationTest, ValidateOptionsStructPointerSizeAndFlags) { | |
| 122 const TestOptions kDefaultOptions = {kSizeOfTestOptions, 1u, 123u, 456u}; | |
| 123 | |
| 124 // Valid cases: | |
| 125 | |
| 126 // "Normal": | |
| 127 { | |
| 128 const TestOptions kOptions = {kSizeOfTestOptions, 0u, 12u, 34u}; | |
| 129 TestOptions validated_options = kDefaultOptions; | |
| 130 EXPECT_EQ(MOJO_RESULT_OK, | |
| 131 ValidateOptionsStructPointerSizeAndFlags<TestOptions>( | |
| 132 &kOptions, 3u, &validated_options)); | |
| 133 EXPECT_EQ(kDefaultOptions.struct_size, validated_options.struct_size); | |
| 134 // Copied |flags|. | |
| 135 EXPECT_EQ(kOptions.flags, validated_options.flags); | |
| 136 // Didn't touch subsequent members. | |
| 137 EXPECT_EQ(kDefaultOptions.member1, validated_options.member1); | |
| 138 EXPECT_EQ(kDefaultOptions.member2, validated_options.member2); | |
| 139 } | |
| 140 | |
| 141 // Doesn't actually have |flags|: | |
| 142 { | |
| 143 const TestOptions kOptions = { | |
| 144 static_cast<uint32_t>(sizeof(uint32_t)), 0u, 12u, 34u | |
| 145 }; | |
| 146 TestOptions validated_options = kDefaultOptions; | |
| 147 EXPECT_EQ(MOJO_RESULT_OK, | |
| 148 ValidateOptionsStructPointerSizeAndFlags<TestOptions>( | |
| 149 &kOptions, 3u, &validated_options)); | |
| 150 EXPECT_EQ(kDefaultOptions.struct_size, validated_options.struct_size); | |
| 151 // Didn't copy |flags|. | |
| 152 EXPECT_EQ(kDefaultOptions.flags, validated_options.flags); | |
| 153 // Didn't touch subsequent members. | |
| 154 EXPECT_EQ(kDefaultOptions.member1, validated_options.member1); | |
| 155 EXPECT_EQ(kDefaultOptions.member2, validated_options.member2); | |
| 156 } | |
| 157 | |
| 158 // Invalid cases: | |
| 159 | 109 |
| 160 // Unaligned: | 110 // Unaligned: |
| 161 { | 111 EXPECT_DEATH_IF_SUPPORTED( |
| 162 TestOptions validated_options = kDefaultOptions; | 112 { UserOptionsReader<TestOptions> reader( |
| 163 EXPECT_EQ(MOJO_RESULT_INVALID_ARGUMENT, | 113 MakeUserPointer(reinterpret_cast<const TestOptions*>(1))); }, |
| 164 ValidateOptionsStructPointerSizeAndFlags<TestOptions>( | 114 kMemoryCheckFailedRegex); |
| 165 reinterpret_cast<const TestOptions*>(1), 3u, | 115 // TODO(vtl): Broken on Windows. Fix this! |
| 166 &validated_options)); | 116 #if 0 |
| 167 } | 117 // Note: The current implementation checks the size only after checking the |
| 168 | 118 // alignment versus that required for the |uint32_t| size, so it won't die in |
| 169 // |struct_size| too small: | 119 // the expected way if you pass, e.g., 4. So we have to manufacture a valid |
| 170 { | 120 // pointer at an offset of alignment 4. |
| 171 const TestOptions kOptions = {1u, 0u, 12u, 34u}; | 121 EXPECT_DEATH_IF_SUPPORTED( |
| 172 TestOptions validated_options = kDefaultOptions; | 122 { |
| 173 EXPECT_EQ(MOJO_RESULT_INVALID_ARGUMENT, | 123 uint32_t buffer[100] = {}; |
| 174 ValidateOptionsStructPointerSizeAndFlags<TestOptions>( | 124 TestOptions* options = (reinterpret_cast<uintptr_t>(buffer) % 4 == 0) ? |
| 175 &kOptions, 3u, &validated_options)); | 125 reinterpret_cast<TestOptions*>(&buffer[1]) : |
| 176 } | 126 reinterpret_cast<TestOptions*>(&buffer[0]); |
| 177 | 127 options->struct_size = static_cast<uint32_t>(sizeof(TestOptions)); |
| 178 // Unknown |flag|: | 128 UserOptionsReader<TestOptions> reader(MakeUserPointer(options)); |
| 179 { | 129 }, |
| 180 const TestOptions kOptions = {kSizeOfTestOptions, 5u, 12u, 34u}; | 130 kMemoryCheckFailedRegex); |
| 181 TestOptions validated_options = kDefaultOptions; | 131 #endif |
| 182 EXPECT_EQ(MOJO_RESULT_UNIMPLEMENTED, | |
| 183 ValidateOptionsStructPointerSizeAndFlags<TestOptions>( | |
| 184 &kOptions, 3u, &validated_options)); | |
| 185 } | |
| 186 } | 132 } |
| 187 | 133 |
| 188 } // namespace | 134 } // namespace |
| 189 } // namespace system | 135 } // namespace system |
| 190 } // namespace mojo | 136 } // namespace mojo |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 414393002:
Convert verification of options structs to use the new user pointer handling (see r285350). (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src