| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <stdio.h> | 5 #include <stdio.h> |
| 6 #include <string> | 6 #include <string> |
| 7 #include <sstream> | 7 #include <sstream> |
| 8 | 8 |
| 9 #include "base/message_loop.h" | 9 #include "base/message_loop.h" |
| 10 #include "base/process_util.h" | 10 #include "base/process_util.h" |
| (...skipping 26 matching lines...) Expand all Loading... |
| 37 // ---------------------------------------------------------------------------- | 37 // ---------------------------------------------------------------------------- |
| 38 | 38 |
| 39 TEST(IPCMessageIntegrity, ReadBeyondBufferStr) { | 39 TEST(IPCMessageIntegrity, ReadBeyondBufferStr) { |
| 40 //This was BUG 984408. | 40 //This was BUG 984408. |
| 41 uint32 v1 = kuint32max - 1; | 41 uint32 v1 = kuint32max - 1; |
| 42 int v2 = 666; | 42 int v2 = 666; |
| 43 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); | 43 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); |
| 44 EXPECT_TRUE(m.WriteInt(v1)); | 44 EXPECT_TRUE(m.WriteInt(v1)); |
| 45 EXPECT_TRUE(m.WriteInt(v2)); | 45 EXPECT_TRUE(m.WriteInt(v2)); |
| 46 | 46 |
| 47 void* iter = NULL; | 47 PickleIterator iter(m); |
| 48 std::string vs; | 48 std::string vs; |
| 49 EXPECT_FALSE(m.ReadString(&iter, &vs)); | 49 EXPECT_FALSE(m.ReadString(&iter, &vs)); |
| 50 } | 50 } |
| 51 | 51 |
| 52 TEST(IPCMessageIntegrity, ReadBeyondBufferWStr) { | 52 TEST(IPCMessageIntegrity, ReadBeyondBufferWStr) { |
| 53 //This was BUG 984408. | 53 //This was BUG 984408. |
| 54 uint32 v1 = kuint32max - 1; | 54 uint32 v1 = kuint32max - 1; |
| 55 int v2 = 777; | 55 int v2 = 777; |
| 56 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); | 56 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); |
| 57 EXPECT_TRUE(m.WriteInt(v1)); | 57 EXPECT_TRUE(m.WriteInt(v1)); |
| 58 EXPECT_TRUE(m.WriteInt(v2)); | 58 EXPECT_TRUE(m.WriteInt(v2)); |
| 59 | 59 |
| 60 void* iter = NULL; | 60 PickleIterator iter(m); |
| 61 std::wstring vs; | 61 std::wstring vs; |
| 62 EXPECT_FALSE(m.ReadWString(&iter, &vs)); | 62 EXPECT_FALSE(m.ReadWString(&iter, &vs)); |
| 63 } | 63 } |
| 64 | 64 |
| 65 TEST(IPCMessageIntegrity, ReadBytesBadIterator) { | 65 TEST(IPCMessageIntegrity, ReadBytesBadIterator) { |
| 66 // This was BUG 1035467. | 66 // This was BUG 1035467. |
| 67 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); | 67 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); |
| 68 EXPECT_TRUE(m.WriteInt(1)); | 68 EXPECT_TRUE(m.WriteInt(1)); |
| 69 EXPECT_TRUE(m.WriteInt(2)); | 69 EXPECT_TRUE(m.WriteInt(2)); |
| 70 | 70 |
| 71 void* iter = NULL; | 71 PickleIterator iter(m); |
| 72 const char* data = NULL; | 72 const char* data = NULL; |
| 73 EXPECT_TRUE(m.ReadBytes(&iter, &data, sizeof(int))); | 73 EXPECT_TRUE(m.ReadBytes(&iter, &data, sizeof(int))); |
| 74 } | 74 } |
| 75 | 75 |
| 76 TEST(IPCMessageIntegrity, ReadVectorNegativeSize) { | 76 TEST(IPCMessageIntegrity, ReadVectorNegativeSize) { |
| 77 // A slight variation of BUG 984408. Note that the pickling of vector<char> | 77 // A slight variation of BUG 984408. Note that the pickling of vector<char> |
| 78 // has a specialized template which is not vulnerable to this bug. So here | 78 // has a specialized template which is not vulnerable to this bug. So here |
| 79 // try to hit the non-specialized case vector<P>. | 79 // try to hit the non-specialized case vector<P>. |
| 80 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); | 80 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); |
| 81 EXPECT_TRUE(m.WriteInt(-1)); // This is the count of elements. | 81 EXPECT_TRUE(m.WriteInt(-1)); // This is the count of elements. |
| 82 EXPECT_TRUE(m.WriteInt(1)); | 82 EXPECT_TRUE(m.WriteInt(1)); |
| 83 EXPECT_TRUE(m.WriteInt(2)); | 83 EXPECT_TRUE(m.WriteInt(2)); |
| 84 EXPECT_TRUE(m.WriteInt(3)); | 84 EXPECT_TRUE(m.WriteInt(3)); |
| 85 | 85 |
| 86 std::vector<double> vec; | 86 std::vector<double> vec; |
| 87 void* iter = 0; | 87 PickleIterator iter(m); |
| 88 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); | 88 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); |
| 89 } | 89 } |
| 90 | 90 |
| 91 TEST(IPCMessageIntegrity, ReadVectorTooLarge1) { | 91 TEST(IPCMessageIntegrity, ReadVectorTooLarge1) { |
| 92 // This was BUG 1006367. This is the large but positive length case. Again | 92 // This was BUG 1006367. This is the large but positive length case. Again |
| 93 // we try to hit the non-specialized case vector<P>. | 93 // we try to hit the non-specialized case vector<P>. |
| 94 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); | 94 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); |
| 95 EXPECT_TRUE(m.WriteInt(0x21000003)); // This is the count of elements. | 95 EXPECT_TRUE(m.WriteInt(0x21000003)); // This is the count of elements. |
| 96 EXPECT_TRUE(m.WriteInt64(1)); | 96 EXPECT_TRUE(m.WriteInt64(1)); |
| 97 EXPECT_TRUE(m.WriteInt64(2)); | 97 EXPECT_TRUE(m.WriteInt64(2)); |
| 98 | 98 |
| 99 std::vector<int64> vec; | 99 std::vector<int64> vec; |
| 100 void* iter = 0; | 100 PickleIterator iter(m); |
| 101 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); | 101 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); |
| 102 } | 102 } |
| 103 | 103 |
| 104 TEST(IPCMessageIntegrity, ReadVectorTooLarge2) { | 104 TEST(IPCMessageIntegrity, ReadVectorTooLarge2) { |
| 105 // This was BUG 1006367. This is the large but positive with an additional | 105 // This was BUG 1006367. This is the large but positive with an additional |
| 106 // integer overflow when computing the actual byte size. Again we try to hit | 106 // integer overflow when computing the actual byte size. Again we try to hit |
| 107 // the non-specialized case vector<P>. | 107 // the non-specialized case vector<P>. |
| 108 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); | 108 IPC::Message m(0, 1, IPC::Message::PRIORITY_NORMAL); |
| 109 EXPECT_TRUE(m.WriteInt(0x71000000)); // This is the count of elements. | 109 EXPECT_TRUE(m.WriteInt(0x71000000)); // This is the count of elements. |
| 110 EXPECT_TRUE(m.WriteInt64(1)); | 110 EXPECT_TRUE(m.WriteInt64(1)); |
| 111 EXPECT_TRUE(m.WriteInt64(2)); | 111 EXPECT_TRUE(m.WriteInt64(2)); |
| 112 | 112 |
| 113 std::vector<int64> vec; | 113 std::vector<int64> vec; |
| 114 void* iter = 0; | 114 PickleIterator iter(m); |
| 115 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); | 115 EXPECT_FALSE(ReadParam(&m, &iter, &vec)); |
| 116 } | 116 } |
| 117 | 117 |
| 118 class SimpleListener : public IPC::Channel::Listener { | 118 class SimpleListener : public IPC::Channel::Listener { |
| 119 public: | 119 public: |
| 120 SimpleListener() : other_(NULL) { | 120 SimpleListener() : other_(NULL) { |
| 121 } | 121 } |
| 122 void Init(IPC::Message::Sender* s) { | 122 void Init(IPC::Message::Sender* s) { |
| 123 other_ = s; | 123 other_ = s; |
| 124 } | 124 } |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 205 last_msg_ = new IPC::Message(msg); | 205 last_msg_ = new IPC::Message(msg); |
| 206 MessageLoop::current()->Quit(); | 206 MessageLoop::current()->Quit(); |
| 207 return true; | 207 return true; |
| 208 } | 208 } |
| 209 | 209 |
| 210 bool ExpectMessage(int value, uint32 type_id) { | 210 bool ExpectMessage(int value, uint32 type_id) { |
| 211 if (!MsgHandlerInternal(type_id)) | 211 if (!MsgHandlerInternal(type_id)) |
| 212 return false; | 212 return false; |
| 213 int msg_value1 = 0; | 213 int msg_value1 = 0; |
| 214 int msg_value2 = 0; | 214 int msg_value2 = 0; |
| 215 void* iter = NULL; | 215 PickleIterator iter(*last_msg_); |
| 216 if (!last_msg_->ReadInt(&iter, &msg_value1)) | 216 if (!last_msg_->ReadInt(&iter, &msg_value1)) |
| 217 return false; | 217 return false; |
| 218 if (!last_msg_->ReadInt(&iter, &msg_value2)) | 218 if (!last_msg_->ReadInt(&iter, &msg_value2)) |
| 219 return false; | 219 return false; |
| 220 if ((msg_value2 + 1) != msg_value1) | 220 if ((msg_value2 + 1) != msg_value1) |
| 221 return false; | 221 return false; |
| 222 if (msg_value2 != value) | 222 if (msg_value2 != value) |
| 223 return false; | 223 return false; |
| 224 | 224 |
| 225 delete last_msg_; | 225 delete last_msg_; |
| (...skipping 181 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 407 msg = new IPC::Message(MSG_ROUTING_CONTROL, MsgClassIS::ID, | 407 msg = new IPC::Message(MSG_ROUTING_CONTROL, MsgClassIS::ID, |
| 408 IPC::Message::PRIORITY_NORMAL); | 408 IPC::Message::PRIORITY_NORMAL); |
| 409 msg->WriteInt(0x64); | 409 msg->WriteInt(0x64); |
| 410 msg->WriteInt(0x32); | 410 msg->WriteInt(0x32); |
| 411 EXPECT_FALSE(server.OnMessageReceived(*msg)); | 411 EXPECT_FALSE(server.OnMessageReceived(*msg)); |
| 412 delete msg; | 412 delete msg; |
| 413 | 413 |
| 414 EXPECT_EQ(0, server.unhandled_msgs()); | 414 EXPECT_EQ(0, server.unhandled_msgs()); |
| 415 #endif | 415 #endif |
| 416 } | 416 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9447084:
Refactor Pickle Read methods to use higher performance PickleIterator. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src