diff options
| author | kkania@chromium.org <kkania@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-05-07 17:22:40 +0000 |
|---|---|---|
| committer | kkania@chromium.org <kkania@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-05-07 17:22:40 +0000 |
| commit | b74538cf2eb1e4052422ba1c12ab3de21b5e3aeb (patch) | |
| tree | e6bd0e67a02f1b7c444ed7f3519ab84615599507 /chrome/browser/zygote_host_linux.cc | |
| parent | 716726ed94affaff96391b9c80a9662dd915a6bb (diff) | |
| download | chromium_src-b74538cf2eb1e4052422ba1c12ab3de21b5e3aeb.zip chromium_src-b74538cf2eb1e4052422ba1c12ab3de21b5e3aeb.tar.gz chromium_src-b74538cf2eb1e4052422ba1c12ab3de21b5e3aeb.tar.bz2 | |
[Linux] Fix race in ZygoteHost where socket read and writes were getting interleaved.
BUG=31737
TEST=none
Review URL: http://codereview.chromium.org/1921006
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@46702 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/zygote_host_linux.cc')
| -rw-r--r-- | chrome/browser/zygote_host_linux.cc | 25 |
1 files changed, 16 insertions, 9 deletions
diff --git a/chrome/browser/zygote_host_linux.cc b/chrome/browser/zygote_host_linux.cc index 9885234..051fc3d 100644 --- a/chrome/browser/zygote_host_linux.cc +++ b/chrome/browser/zygote_host_linux.cc @@ -211,12 +211,15 @@ pid_t ZygoteHost::ForkRenderer( fds.push_back(i->second); } - if (!base::SendMsg(control_fd_, pickle.data(), pickle.size(), fds)) - return base::kNullProcessHandle; - pid_t pid; - if (HANDLE_EINTR(read(control_fd_, &pid, sizeof(pid))) != sizeof(pid)) - return base::kNullProcessHandle; + { + AutoLock lock(control_lock_); + if (!base::SendMsg(control_fd_, pickle.data(), pickle.size(), fds)) + return base::kNullProcessHandle; + + if (HANDLE_EINTR(read(control_fd_, &pid, sizeof(pid))) != sizeof(pid)) + return base::kNullProcessHandle; + } const int kRendererScore = 5; if (using_suid_sandbox_) { @@ -258,12 +261,16 @@ bool ZygoteHost::DidProcessCrash(base::ProcessHandle handle, pickle.WriteInt(kCmdDidProcessCrash); pickle.WriteInt(handle); - if (HANDLE_EINTR(write(control_fd_, pickle.data(), pickle.size())) < 0) - PLOG(ERROR) << "write"; - static const unsigned kMaxMessageLength = 128; char buf[kMaxMessageLength]; - const ssize_t len = HANDLE_EINTR(read(control_fd_, buf, sizeof(buf))); + ssize_t len; + { + AutoLock lock(control_lock_); + if (HANDLE_EINTR(write(control_fd_, pickle.data(), pickle.size())) < 0) + PLOG(ERROR) << "write"; + + len = HANDLE_EINTR(read(control_fd_, buf, sizeof(buf))); + } if (len == -1) { LOG(WARNING) << "Error reading message from zygote: " << errno; |