diff options
| author | sleffler@chromium.org <sleffler@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-05-10 17:41:10 +0000 |
|---|---|---|
| committer | sleffler@chromium.org <sleffler@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-05-10 17:41:10 +0000 |
| commit | 8bd4a46da03767be3a2fa16c9fc32ed2233e47f7 (patch) | |
| tree | adb9fd02a778de7be36503996878ac426d7bda2e /dbus/message.cc | |
| parent | 1223c1ea076e566ba2ab1bf9c676b5c008c4657c (diff) | |
| download | chromium_src-8bd4a46da03767be3a2fa16c9fc32ed2233e47f7.zip chromium_src-8bd4a46da03767be3a2fa16c9fc32ed2233e47f7.tar.gz chromium_src-8bd4a46da03767be3a2fa16c9fc32ed2233e47f7.tar.bz2 | |
dbus: revamp fd passing support for i/o restrictions
Encapsulate file descriptor validity checking and status in the companion FileDescriptor class so callers can do descriptor checking in a context where i/o is allowed.
Update the debug daemon client support to validate the pipe descriptors in a worker thread so it is not done on the UI thread.
BUG=126142
TEST=new unit tests + collect trace data on chrome os and verify no assert is triggered
Review URL: https://chromiumcodereview.appspot.com/10382021
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@136331 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'dbus/message.cc')
| -rw-r--r-- | dbus/message.cc | 16 |
1 files changed, 3 insertions, 13 deletions
diff --git a/dbus/message.cc b/dbus/message.cc index d525912..400c1bc 100644 --- a/dbus/message.cc +++ b/dbus/message.cc @@ -9,7 +9,6 @@ #include "base/basictypes.h" #include "base/format_macros.h" #include "base/logging.h" -#include "base/platform_file.h" #include "base/stringprintf.h" #include "dbus/object_path.h" #include "third_party/protobuf/src/google/protobuf/message_lite.h" @@ -691,13 +690,11 @@ void MessageWriter::AppendVariantOfBasic(int dbus_type, const void* value) { void MessageWriter::AppendFileDescriptor(const FileDescriptor& value) { CHECK(kDBusTypeUnixFdIsSupported); - base::PlatformFileInfo info; - int fd = value.value(); - bool ok = base::GetPlatformFileInfo(fd, &info); - if (!ok || info.is_directory) { + if (!value.is_valid()) { // NB: sending a directory potentially enables sandbox escape LOG(FATAL) << "Attempt to pass invalid file descriptor"; } + int fd = value.value(); AppendBasic(DBUS_TYPE_UNIX_FD, &fd); } @@ -968,15 +965,8 @@ bool MessageReader::PopFileDescriptor(FileDescriptor* value) { if (!success) return false; - base::PlatformFileInfo info; - bool ok = base::GetPlatformFileInfo(fd, &info); - if (!ok || info.is_directory) { - base::ClosePlatformFile(fd); - // NB: receiving a directory potentially enables sandbox escape - LOG(FATAL) << "Attempt to receive invalid file descriptor"; - return false; // NB: not reached - } value->PutValue(fd); + // NB: the caller must check validity before using the value return true; } |