diff options
| author | miket@chromium.org <miket@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-09-11 22:39:07 +0000 |
|---|---|---|
| committer | miket@chromium.org <miket@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-09-11 22:39:07 +0000 |
| commit | 0942685d61d6a040a82bffd24728b5ac12b94e27 (patch) | |
| tree | 582becb1a972155217e5d08e4afde171e3e3992f /chrome/browser/extensions/api/socket/socket_api.cc | |
| parent | 26dae7de0ce12e5ada8bdc2c956e46de9c13d80a (diff) | |
| download | chromium_src-0942685d61d6a040a82bffd24728b5ac12b94e27.zip chromium_src-0942685d61d6a040a82bffd24728b5ac12b94e27.tar.gz chromium_src-0942685d61d6a040a82bffd24728b5ac12b94e27.tar.bz2 | |
Make sure that a given app/extension requests only its own resources.
All ApiResources of a given type live in a single pool. Until now, one
app could send arbitrary resource IDs in and get another app's resources
if it were lucky. Now we check that an app is getting back only its own
resources.
Note that this CL could have been shorter if I hadn't decided to break
out the owner_extension_id in ApiResource's constructor. I decided to
do this anyway because the other way to get that information (asking
ApiResourceEventNotifier) violated the Law of Demeter, or even if it
was a technical non-violation, I didn't feel good about relying on
the incidental fact that AREN knew the extension ID.
Ben for OWNERS
TBR=ben@chromium.org
BUG=142521
TEST=added
Review URL: https://chromiumcodereview.appspot.com/10919201
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156149 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/extensions/api/socket/socket_api.cc')
| -rw-r--r-- | chrome/browser/extensions/api/socket/socket_api.cc | 34 |
1 files changed, 21 insertions, 13 deletions
diff --git a/chrome/browser/extensions/api/socket/socket_api.cc b/chrome/browser/extensions/api/socket/socket_api.cc index fb23691..ce400e5 100644 --- a/chrome/browser/extensions/api/socket/socket_api.cc +++ b/chrome/browser/extensions/api/socket/socket_api.cc @@ -58,6 +58,14 @@ bool SocketAsyncApiFunction::Respond() { return error_.empty(); } +Socket* SocketAsyncApiFunction::GetSocket(int api_resource_id) { + return manager_->Get(extension_->id(), api_resource_id); +} + +void SocketAsyncApiFunction::RemoveSocket(int api_resource_id) { + manager_->Remove(extension_->id(), api_resource_id); +} + SocketExtensionWithDnsLookupFunction::SocketExtensionWithDnsLookupFunction() : io_thread_(g_browser_process->io_thread()), request_handle_(new net::HostResolver::RequestHandle), @@ -132,9 +140,9 @@ bool SocketCreateFunction::Prepare() { void SocketCreateFunction::Work() { Socket* socket = NULL; if (socket_type_ == kSocketTypeTCP) { - socket = new TCPSocket(event_notifier_); + socket = new TCPSocket(extension_->id(), event_notifier_); } else if (socket_type_== kSocketTypeUDP) { - socket = new UDPSocket(event_notifier_); + socket = new UDPSocket(extension_->id(), event_notifier_); } DCHECK(socket); @@ -149,7 +157,7 @@ bool SocketDestroyFunction::Prepare() { } void SocketDestroyFunction::Work() { - manager_->Remove(socket_id_); + RemoveSocket(socket_id_); } SocketConnectFunction::SocketConnectFunction() @@ -168,7 +176,7 @@ bool SocketConnectFunction::Prepare() { } void SocketConnectFunction::AsyncWorkStart() { - socket_ = manager_->Get(socket_id_); + socket_ = GetSocket(socket_id_); if (!socket_) { error_ = kSocketNotFoundError; SetResult(Value::CreateIntegerValue(-1)); @@ -227,7 +235,7 @@ bool SocketDisconnectFunction::Prepare() { } void SocketDisconnectFunction::Work() { - Socket* socket = manager_->Get(socket_id_); + Socket* socket = GetSocket(socket_id_); if (socket) socket->Disconnect(); else @@ -244,7 +252,7 @@ bool SocketBindFunction::Prepare() { void SocketBindFunction::Work() { int result = -1; - Socket* socket = manager_->Get(socket_id_); + Socket* socket = GetSocket(socket_id_); if (!socket) { error_ = kSocketNotFoundError; @@ -280,7 +288,7 @@ bool SocketReadFunction::Prepare() { } void SocketReadFunction::AsyncWorkStart() { - Socket* socket = manager_->Get(params_->socket_id); + Socket* socket = GetSocket(params_->socket_id); if (!socket) { error_ = kSocketNotFoundError; OnCompleted(-1, NULL); @@ -328,7 +336,7 @@ bool SocketWriteFunction::Prepare() { } void SocketWriteFunction::AsyncWorkStart() { - Socket* socket = manager_->Get(socket_id_); + Socket* socket = GetSocket(socket_id_); if (!socket) { error_ = kSocketNotFoundError; @@ -361,7 +369,7 @@ bool SocketRecvFromFunction::Prepare() { } void SocketRecvFromFunction::AsyncWorkStart() { - Socket* socket = manager_->Get(params_->socket_id); + Socket* socket = GetSocket(params_->socket_id); if (!socket) { error_ = kSocketNotFoundError; OnCompleted(-1, NULL, std::string(), 0); @@ -416,7 +424,7 @@ bool SocketSendToFunction::Prepare() { } void SocketSendToFunction::AsyncWorkStart() { - socket_ = manager_->Get(socket_id_); + socket_ = GetSocket(socket_id_); if (!socket_) { error_ = kSocketNotFoundError; SetResult(Value::CreateIntegerValue(-1)); @@ -475,7 +483,7 @@ bool SocketSetKeepAliveFunction::Prepare() { void SocketSetKeepAliveFunction::Work() { bool result = false; - Socket* socket = manager_->Get(params_->socket_id); + Socket* socket = GetSocket(params_->socket_id); if (socket) { int delay = 0; if (params_->delay.get()) @@ -501,7 +509,7 @@ bool SocketSetNoDelayFunction::Prepare() { void SocketSetNoDelayFunction::Work() { bool result = false; - Socket* socket = manager_->Get(params_->socket_id); + Socket* socket = GetSocket(params_->socket_id); if (socket) result = socket->SetNoDelay(params_->no_delay); else @@ -522,7 +530,7 @@ bool SocketGetInfoFunction::Prepare() { void SocketGetInfoFunction::Work() { api::socket::SocketInfo info; - Socket* socket = manager_->Get(params_->socket_id); + Socket* socket = GetSocket(params_->socket_id); if (socket) { // This represents what we know about the socket, and does not call through // to the system. |