Take out intptr_t IPC serialization support to prevent people from sending pointers between trusted and untrusted processes. Move HWNDs and other Windows HANDLEs serialization to use 32 bits even on 64 bit platforms since that's all that's needed.

Review URL: http://codereview.chromium.org/565001

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@38455 0039d316-1c4b-4281-b951-d872f2087c98

6 files changed, 39 insertions, 47 deletions

diff --git a/base/pickle.cc b/base/pickle.cc
index 2b5b905..2540391 100644
--- a/base/pickle.cc
+++ b/base/pickle.cc
@@ -195,20 +195,6 @@ bool Pickle::ReadUInt64(void** iter, uint64* result) const {
   return true;
 }
 
-bool Pickle::ReadIntPtr(void** iter, intptr_t* result) const {
-  DCHECK(iter);
-  if (!*iter)
-    *iter = const_cast<char*>(payload());
-
-  if (!IteratorHasRoomFor(*iter, sizeof(*result)))
-    return false;
-
-  memcpy(result, *iter, sizeof(*result));
-
-  UpdateIter(iter, sizeof(*result));
-  return true;
-}
-
 bool Pickle::ReadString(void** iter, std::string* result) const {
   DCHECK(iter);
 
diff --git a/base/pickle.h b/base/pickle.h
index 850d4dc..3ba60fd 100644
--- a/base/pickle.h
+++ b/base/pickle.h
@@ -71,7 +71,6 @@ class Pickle {
   bool ReadUInt32(void** iter, uint32* result) const;
   bool ReadInt64(void** iter, int64* result) const;
   bool ReadUInt64(void** iter, uint64* result) const;
-  bool ReadIntPtr(void** iter, intptr_t* result) const;
   bool ReadString(void** iter, std::string* result) const;
   bool ReadWString(void** iter, std::wstring* result) const;
   bool ReadString16(void** iter, string16* result) const;
@@ -107,9 +106,6 @@ class Pickle {
   bool WriteUInt64(uint64 value) {
     return WriteBytes(&value, sizeof(value));
   }
-  bool WriteIntPtr(intptr_t value) {
-    return WriteBytes(&value, sizeof(value));
-  }
   bool WriteString(const std::string& value);
   bool WriteWString(const std::wstring& value);
   bool WriteString16(const string16& value);
diff --git a/chrome/common/common_param_traits.h b/chrome/common/common_param_traits.h
index 97cf7e8..83148a6 100644
--- a/chrome/common/common_param_traits.h
+++ b/chrome/common/common_param_traits.h
@@ -120,17 +120,31 @@ template <>
 struct ParamTraits<gfx::NativeWindow> {
   typedef gfx::NativeWindow param_type;
   static void Write(Message* m, const param_type& p) {
-    WriteParam(m, reinterpret_cast<intptr_t>(p));
+#if defined(OS_WIN)
+    // HWNDs are always 32 bits on Windows, even on 64 bit systems.
+    m->WriteUInt32(reinterpret_cast<uint32>(p));
+#else
+    m->WriteData(reinterpret_cast<const char*>(&p), sizeof(p));
+#endif
   }
   static bool Read(const Message* m, void** iter, param_type* r) {
-    intptr_t value;
-    if (!ReadParam(m, iter, &value))
-      return false;
-    *r = reinterpret_cast<param_type>(value);
-    return true;
+#if defined(OS_WIN)
+    return m->ReadUInt32(iter, reinterpret_cast<uint32*>(r));
+#else
+    const char *data;
+    int data_size = 0;
+    bool result = m->ReadData(iter, &data, &data_size);
+    if (result && data_size == sizeof(gfx::NativeWindow)) {
+      memcpy(r, data, sizeof(gfx::NativeWindow));
+    } else {
+      result = false;
+      NOTREACHED();
+    }
+    return result;
+#endif
   }
   static void Log(const param_type& p, std::wstring* l) {
-    LogParam(reinterpret_cast<intptr_t>(p), l);
+    l->append(L"<gfx::NativeWindow>");
   }
 };
 
diff --git a/ipc/ipc_message_utils.h b/ipc/ipc_message_utils.h
index e05c9c0..9a8ccf4 100644
--- a/ipc/ipc_message_utils.h
+++ b/ipc/ipc_message_utils.h
@@ -70,12 +70,6 @@ class MessageIterator {
       NOTREACHED();
     return val;
   }
-  intptr_t NextIntPtr() const {
-    intptr_t val = 0;
-    if (!msg_.ReadIntPtr(&iter_, &val))
-      NOTREACHED();
-    return val;
-  }
   const std::string NextString() const {
     std::string val;
     if (!msg_.ReadString(&iter_, &val))
@@ -590,11 +584,13 @@ template <>
 struct ParamTraits<HANDLE> {
   typedef HANDLE param_type;
   static void Write(Message* m, const param_type& p) {
-    m->WriteIntPtr(reinterpret_cast<intptr_t>(p));
+    // Note that HWNDs/HANDLE/HCURSOR/HACCEL etc are always 32 bits, even on 64
+    // bit systems.
+    m->WriteUInt32(reinterpret_cast<uint32>(p));
   }
   static bool Read(const Message* m, void** iter, param_type* r) {
-    DCHECK_EQ(sizeof(param_type), sizeof(intptr_t));
-    return m->ReadIntPtr(iter, reinterpret_cast<intptr_t*>(r));
+    DCHECK_EQ(sizeof(param_type), sizeof(uint32));
+    return m->ReadUInt32(iter, reinterpret_cast<uint32*>(r));
   }
   static void Log(const param_type& p, std::wstring* l) {
     l->append(StringPrintf(L"0x%X", p));
@@ -605,11 +601,11 @@ template <>
 struct ParamTraits<HCURSOR> {
   typedef HCURSOR param_type;
   static void Write(Message* m, const param_type& p) {
-    m->WriteIntPtr(reinterpret_cast<intptr_t>(p));
+    m->WriteUInt32(reinterpret_cast<uint32>(p));
   }
   static bool Read(const Message* m, void** iter, param_type* r) {
-    DCHECK_EQ(sizeof(param_type), sizeof(intptr_t));
-    return m->ReadIntPtr(iter, reinterpret_cast<intptr_t*>(r));
+    DCHECK_EQ(sizeof(param_type), sizeof(uint32));
+    return m->ReadUInt32(iter, reinterpret_cast<uint32*>(r));
   }
   static void Log(const param_type& p, std::wstring* l) {
     l->append(StringPrintf(L"0x%X", p));
@@ -620,11 +616,11 @@ template <>
 struct ParamTraits<HACCEL> {
   typedef HACCEL param_type;
   static void Write(Message* m, const param_type& p) {
-    m->WriteIntPtr(reinterpret_cast<intptr_t>(p));
+    m->WriteUInt32(reinterpret_cast<uint32>(p));
   }
   static bool Read(const Message* m, void** iter, param_type* r) {
-    DCHECK_EQ(sizeof(param_type), sizeof(intptr_t));
-    return m->ReadIntPtr(iter, reinterpret_cast<intptr_t*>(r));
+    DCHECK_EQ(sizeof(param_type), sizeof(uint32));
+    return m->ReadUInt32(iter, reinterpret_cast<uint32*>(r));
   }
 };
 
diff --git a/webkit/glue/webcursor_unittest.cc b/webkit/glue/webcursor_unittest.cc
index 51fd433..5c1ddfe 100644
--- a/webkit/glue/webcursor_unittest.cc
+++ b/webkit/glue/webcursor_unittest.cc
@@ -22,7 +22,7 @@ TEST(WebCursorTest, CursorSerialization) {
   ok_custom_pickle.WriteInt(4);
   ok_custom_pickle.WriteUInt32(0);
   // Custom Windows message.
-  ok_custom_pickle.WriteIntPtr(0);
+  ok_custom_pickle.WriteUInt32(0);
   void* iter = NULL;
   EXPECT_TRUE(custom_cursor.Deserialize(&ok_custom_pickle, &iter));
 
@@ -39,7 +39,7 @@ TEST(WebCursorTest, CursorSerialization) {
   short_custom_pickle.WriteInt(3);
   short_custom_pickle.WriteUInt32(0);
   // Custom Windows message.
-  ok_custom_pickle.WriteIntPtr(0);
+  ok_custom_pickle.WriteUInt32(0);
   iter = NULL;
   EXPECT_FALSE(custom_cursor.Deserialize(&short_custom_pickle, &iter));
 
@@ -58,7 +58,7 @@ TEST(WebCursorTest, CursorSerialization) {
   for (int i = 0; i < kTooBigSize; ++i)
     large_custom_pickle.WriteUInt32(0);
   // Custom Windows message.
-  ok_custom_pickle.WriteIntPtr(0);
+  ok_custom_pickle.WriteUInt32(0);
   iter = NULL;
   EXPECT_FALSE(custom_cursor.Deserialize(&large_custom_pickle, &iter));
 
@@ -75,7 +75,7 @@ TEST(WebCursorTest, CursorSerialization) {
   neg_custom_pickle.WriteInt(4);
   neg_custom_pickle.WriteUInt32(0);
   // Custom Windows message.
-  neg_custom_pickle.WriteIntPtr(0);
+  neg_custom_pickle.WriteUInt32(0);
   iter = NULL;
   EXPECT_FALSE(custom_cursor.Deserialize(&neg_custom_pickle, &iter));
 }
diff --git a/webkit/glue/webcursor_win.cc b/webkit/glue/webcursor_win.cc
index 80026a1..9248296 100644
--- a/webkit/glue/webcursor_win.cc
+++ b/webkit/glue/webcursor_win.cc
@@ -203,12 +203,12 @@ void WebCursor::InitPlatformData() {
 bool WebCursor::SerializePlatformData(Pickle* pickle) const {
   // There are some issues with converting certain HCURSORS to bitmaps. The
   // HCURSOR being a user object can be marshaled as is.
-  return pickle->WriteIntPtr(reinterpret_cast<intptr_t>(external_cursor_));
+  // HCURSORs are always 32 bits on Windows, even on 64 bit systems.
+  return pickle->WriteUInt32(reinterpret_cast<uint32>(external_cursor_));
 }
 
 bool WebCursor::DeserializePlatformData(const Pickle* pickle, void** iter) {
-  return pickle->ReadIntPtr(iter,
-                            reinterpret_cast<intptr_t*>(&external_cursor_));
+  return pickle->ReadUInt32(iter, reinterpret_cast<uint32*>(&external_cursor_));
 }
 
 bool WebCursor::IsPlatformDataEqual(const WebCursor& other) const {