Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(667)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: runtime/vm/snapshot.cc

Issue 10829444: Avoid trusting the length encoded in the Snapshot if there is an (Closed) Base URL: http://dart.googlecode.com/svn/branches/bleeding_edge/dart/
Patch Set: Created 8 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« runtime/vm/isolate.cc ('K') | « runtime/vm/snapshot.h ('k') | runtime/vm/snapshot_test.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file 1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file
2 // for details. All rights reserved. Use of this source code is governed by a 2 // for details. All rights reserved. Use of this source code is governed by a
3 // BSD-style license that can be found in the LICENSE file. 3 // BSD-style license that can be found in the LICENSE file.
4 4
5 #include "vm/snapshot.h" 5 #include "vm/snapshot.h"
6 6
7 #include "platform/assert.h" 7 #include "platform/assert.h"
8 #include "vm/bigint_operations.h" 8 #include "vm/bigint_operations.h"
9 #include "vm/bootstrap.h" 9 #include "vm/bootstrap.h"
10 #include "vm/exceptions.h" 10 #include "vm/exceptions.h"
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after
100 return kListInterface; 100 return kListInterface;
101 } else if (raw_type == object_store->byte_array_interface()) { 101 } else if (raw_type == object_store->byte_array_interface()) {
102 return kByteArrayInterface; 102 return kByteArrayInterface;
103 } 103 }
104 return kInvalidIndex; 104 return kInvalidIndex;
105 } 105 }
106 106
107 107
108 // TODO(5411462): Temporary setup of snapshot for testing purposes, 108 // TODO(5411462): Temporary setup of snapshot for testing purposes,
109 // the actual creation of a snapshot maybe done differently. 109 // the actual creation of a snapshot maybe done differently.
110 const Snapshot* Snapshot::SetupFromBuffer(const void* raw_memory) { 110 const Snapshot* Snapshot::SetupFromBuffer(const void* buffer,
111 ASSERT(raw_memory != NULL); 111 intptr_t buffer_len) {
112 ASSERT(buffer != NULL);
112 ASSERT(kHeaderSize == sizeof(Snapshot)); 113 ASSERT(kHeaderSize == sizeof(Snapshot));
113 ASSERT(kLengthIndex == length_offset()); 114 ASSERT(kLengthIndex == length_offset());
115 if (buffer_len != Snapshot::kTrustedLength &&
116 buffer_len < kHeaderSize) {
117 // The buffer is too short to be a valid message.
118 return NULL;
119 }
114 ASSERT((kSnapshotFlagIndex * sizeof(int32_t)) == kind_offset()); 120 ASSERT((kSnapshotFlagIndex * sizeof(int32_t)) == kind_offset());
115 ASSERT((kHeapObjectTag & kInlined)); 121 ASSERT((kHeapObjectTag & kInlined));
116 // No object can have kFreeBit and kMarkBit set simultaneously. If kFreeBit 122 // No object can have kFreeBit and kMarkBit set simultaneously. If kFreeBit
117 // is set then the rest of tags is a pointer to the next FreeListElement which 123 // is set then the rest of tags is a pointer to the next FreeListElement which
118 // is kObjectAlignment aligned and has at least 2 lower bits set to zero. 124 // is kObjectAlignment aligned and has at least 2 lower bits set to zero.
119 ASSERT(kObjectId == 125 ASSERT(kObjectId ==
120 ((1 << RawObject::kFreeBit) | (1 << RawObject::kMarkBit))); 126 ((1 << RawObject::kFreeBit) | (1 << RawObject::kMarkBit)));
121 ASSERT((kObjectAlignmentMask & kObjectId) == kObjectId); 127 ASSERT((kObjectAlignmentMask & kObjectId) == kObjectId);
122 const Snapshot* snapshot = reinterpret_cast<const Snapshot*>(raw_memory); 128 const Snapshot* snapshot = reinterpret_cast<const Snapshot*>(buffer);
129 if (buffer_len != Snapshot::kTrustedLength &&
130 buffer_len != snapshot->length()) {
131 // There is a mismatch between the buffer length and the
132 // snapshot's internal length.
133 return NULL;
134 }
123 return snapshot; 135 return snapshot;
124 } 136 }
125 137
126 138
127 RawSmi* BaseReader::ReadAsSmi() { 139 RawSmi* BaseReader::ReadAsSmi() {
128 intptr_t value = ReadIntptrValue(); 140 intptr_t value = ReadIntptrValue();
129 ASSERT((value & kSmiTagMask) == 0); 141 ASSERT((value & kSmiTagMask) == 0);
130 return reinterpret_cast<RawSmi*>(value); 142 return reinterpret_cast<RawSmi*>(value);
131 } 143 }
132 144
(...skipping 697 matching lines...) Expand 10 before | Expand all | Expand 10 after
830 } \ 842 } \
831 843
832 CLASS_LIST_NO_OBJECT(SNAPSHOT_WRITE) 844 CLASS_LIST_NO_OBJECT(SNAPSHOT_WRITE)
833 #undef SNAPSHOT_WRITE 845 #undef SNAPSHOT_WRITE
834 default: break; 846 default: break;
835 } 847 }
836 UNREACHABLE(); 848 UNREACHABLE();
837 } 849 }
838 850
839 851
840 void SnapshotWriter::WriteFullSnapshot() { 852 intptr_t SnapshotWriter::WriteFullSnapshot() {
841 ASSERT(kind_ == Snapshot::kFull); 853 ASSERT(kind_ == Snapshot::kFull);
842 Isolate* isolate = Isolate::Current(); 854 Isolate* isolate = Isolate::Current();
843 ASSERT(isolate != NULL); 855 ASSERT(isolate != NULL);
844 ObjectStore* object_store = isolate->object_store(); 856 ObjectStore* object_store = isolate->object_store();
845 ASSERT(object_store != NULL); 857 ASSERT(object_store != NULL);
846 858
847 // Write out all the objects in the object store of the isolate which 859 // Write out all the objects in the object store of the isolate which
848 // is the root set for all dart allocated objects at this point. 860 // is the root set for all dart allocated objects at this point.
849 SnapshotWriterVisitor visitor(this, false); 861 SnapshotWriterVisitor visitor(this, false);
850 object_store->VisitObjectPointers(&visitor); 862 object_store->VisitObjectPointers(&visitor);
851 863
852 // Write out all forwarded objects. 864 // Write out all forwarded objects.
853 WriteForwardedObjects(); 865 WriteForwardedObjects();
854 866
855 // Finalize the snapshot buffer. 867 // Finalize the snapshot buffer.
856 FinalizeBuffer(); 868 return FinalizeBuffer();
857 } 869 }
858 870
859 871
860 uword SnapshotWriter::GetObjectTags(RawObject* raw) { 872 uword SnapshotWriter::GetObjectTags(RawObject* raw) {
861 uword tags = raw->ptr()->tags_; 873 uword tags = raw->ptr()->tags_;
862 if (SerializedHeaderTag::decode(tags) == kObjectId) { 874 if (SerializedHeaderTag::decode(tags) == kObjectId) {
863 intptr_t id = SerializedHeaderData::decode(tags); 875 intptr_t id = SerializedHeaderData::decode(tags);
864 return forward_list_[id - kMaxPredefinedObjectIds]->tags(); 876 return forward_list_[id - kMaxPredefinedObjectIds]->tags();
865 } else { 877 } else {
866 return tags; 878 return tags;
(...skipping 230 matching lines...) Expand 10 before | Expand all | Expand 10 after
1097 // Write out the type arguments. 1109 // Write out the type arguments.
1098 WriteObjectImpl(type_arguments); 1110 WriteObjectImpl(type_arguments);
1099 1111
1100 // Write out the individual object ids. 1112 // Write out the individual object ids.
1101 for (intptr_t i = 0; i < len; i++) { 1113 for (intptr_t i = 0; i < len; i++) {
1102 WriteObjectRef(data[i]); 1114 WriteObjectRef(data[i]);
1103 } 1115 }
1104 } 1116 }
1105 1117
1106 1118
1107 void ScriptSnapshotWriter::WriteScriptSnapshot(const Library& lib) { 1119 intptr_t ScriptSnapshotWriter::WriteScriptSnapshot(const Library& lib) {
1108 ASSERT(kind() == Snapshot::kScript); 1120 ASSERT(kind() == Snapshot::kScript);
1109 1121
1110 // Write out the library object. 1122 // Write out the library object.
1111 WriteObject(lib.raw()); 1123 WriteObject(lib.raw());
1112 1124
1113 // Finalize the snapshot buffer. 1125 // Finalize the snapshot buffer.
1114 FinalizeBuffer(); 1126 return FinalizeBuffer();
1115 } 1127 }
1116 1128
1117 1129
1118 void SnapshotWriterVisitor::VisitPointers(RawObject** first, RawObject** last) { 1130 void SnapshotWriterVisitor::VisitPointers(RawObject** first, RawObject** last) {
1119 for (RawObject** current = first; current <= last; current++) { 1131 for (RawObject** current = first; current <= last; current++) {
1120 RawObject* raw_obj = *current; 1132 RawObject* raw_obj = *current;
1121 if (as_references_) { 1133 if (as_references_) {
1122 writer_->WriteObjectRef(raw_obj); 1134 writer_->WriteObjectRef(raw_obj);
1123 } else { 1135 } else {
1124 writer_->WriteObjectImpl(raw_obj); 1136 writer_->WriteObjectImpl(raw_obj);
1125 } 1137 }
1126 } 1138 }
1127 } 1139 }
1128 1140
1129 } // namespace dart 1141 } // namespace dart
OLDNEW
« runtime/vm/isolate.cc ('K') | « runtime/vm/snapshot.h ('k') | runtime/vm/snapshot_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698