Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(161)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: base/files/file.h

Issue 702473009: Add memory corruption checking to base::File(). (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@protect_fds
Patch Set: rebase to master Created 6 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | base/files/file_posix.cc » ('j') | base/files/file_posix.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef BASE_FILES_FILE_H_ 5 #ifndef BASE_FILES_FILE_H_
6 #define BASE_FILES_FILE_H_ 6 #define BASE_FILES_FILE_H_
7 7
8 #include "build/build_config.h" 8 #include "build/build_config.h"
9 #if defined(OS_WIN) 9 #if defined(OS_WIN)
10 #include <windows.h> 10 #include <windows.h>
11 #endif 11 #endif
12 12
13 #if defined(OS_POSIX) 13 #if defined(OS_POSIX)
14 #include <sys/stat.h> 14 #include <sys/stat.h>
15 #endif 15 #endif
16 16
17 #include <string> 17 #include <string>
18 18
19 #include "base/base_export.h" 19 #include "base/base_export.h"
20 #include "base/basictypes.h" 20 #include "base/basictypes.h"
21 #include "base/files/scoped_file.h" 21 #include "base/files/scoped_file.h"
22 #include "base/gtest_prod_util.h"
22 #include "base/move.h" 23 #include "base/move.h"
23 #include "base/time/time.h" 24 #include "base/time/time.h"
24 25
25 #if defined(OS_WIN) 26 #if defined(OS_WIN)
26 #include "base/win/scoped_handle.h" 27 #include "base/win/scoped_handle.h"
27 #endif 28 #endif
28 29
30 FORWARD_DECLARE_TEST(FileTest, MemoryCorruption);
31
29 namespace base { 32 namespace base {
30 33
31 class FilePath; 34 class FilePath;
32 35
33 #if defined(OS_WIN) 36 #if defined(OS_WIN)
34 typedef HANDLE PlatformFile; 37 typedef HANDLE PlatformFile;
35 #elif defined(OS_POSIX) 38 #elif defined(OS_POSIX)
36 typedef int PlatformFile; 39 typedef int PlatformFile;
37 40
38 #if defined(OS_BSD) || defined(OS_MACOSX) || defined(OS_NACL) 41 #if defined(OS_BSD) || defined(OS_MACOSX) || defined(OS_NACL)
(...skipping 250 matching lines...) Expand 10 before | Expand all | Expand 10 after
289 #if defined(OS_WIN) 292 #if defined(OS_WIN)
290 static Error OSErrorToFileError(DWORD last_error); 293 static Error OSErrorToFileError(DWORD last_error);
291 #elif defined(OS_POSIX) 294 #elif defined(OS_POSIX)
292 static Error OSErrorToFileError(int saved_errno); 295 static Error OSErrorToFileError(int saved_errno);
293 #endif 296 #endif
294 297
295 // Converts an error value to a human-readable form. Used for logging. 298 // Converts an error value to a human-readable form. Used for logging.
296 static std::string ErrorToString(Error error); 299 static std::string ErrorToString(Error error);
297 300
298 private: 301 private:
302 FRIEND_TEST_ALL_PREFIXES(::FileTest, MemoryCorruption);
303
304 #if defined(OS_POSIX)
305 // Encloses a single ScopedFD, saving a cheap tamper resistent memory checksum
306 // alongside it. This checksum is validated at every access, allowing early
307 // detection of memory corruption.
308 class MemoryCheckingScopedFD {
309 public:
310 MemoryCheckingScopedFD();
311 MemoryCheckingScopedFD(int fd);
312 ~MemoryCheckingScopedFD();
313
314 bool is_valid() const { Check(); return file_.is_valid(); }
315 int get() const { Check(); return file_.get(); }
316
317 void reset() { Check(); file_.reset(); UpdateChecksum(); }
318 void reset(int fd) { Check(); file_.reset(fd); UpdateChecksum(); }
319 int release() {
320 Check();
321 int fd = file_.release();
322 UpdateChecksum();
323 return fd;
324 }
325
326 private:
327 FRIEND_TEST_ALL_PREFIXES(::FileTest, MemoryCorruption);
328
329 // Computes the checksum for the current value of |file_|. Returns via an
330 // out parameter to guard against implicit conversions of unsigned integral
331 // types.
332 void ComputeMemoryChecksum(unsigned int* out_checksum) const;
333
334 // Confirms that the current |file_| and |file_memory_checksum_| agree,
335 // failing a CHECK if they do not.
336 void Check() const;
337
338 void UpdateChecksum();
339
340 ScopedFD file_;
341 unsigned int file_memory_checksum_;
342 };
343 #endif
344
299 void SetPlatformFile(PlatformFile file); 345 void SetPlatformFile(PlatformFile file);
300 346
301 #if defined(OS_WIN) 347 #if defined(OS_WIN)
302 win::ScopedHandle file_; 348 win::ScopedHandle file_;
303 #elif defined(OS_POSIX) 349 #elif defined(OS_POSIX)
304 ScopedFD file_; 350 MemoryCheckingScopedFD file_;
305 #endif 351 #endif
306 352
307 Error error_details_; 353 Error error_details_;
308 bool created_; 354 bool created_;
309 bool async_; 355 bool async_;
310 }; 356 };
311 357
312 } // namespace base 358 } // namespace base
313 359
314 #endif // BASE_FILES_FILE_H_ 360 #endif // BASE_FILES_FILE_H_
OLDNEW
« no previous file with comments | « no previous file | base/files/file_posix.cc » ('j') | base/files/file_posix.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698