Prevent reading invalid memory in IPC code caused by assumption of contiguity in std::deque<>.

std::vector<int> guarantees contiguous storage (as of C++2003, 23.2.4p1,
although in practice this is true with all known STL implementations), but
std::deque<> typically uses linked chains of array blocks, so specifically
*doesn't* provide contiguity once its size grows above its basic block size
(usually 512bytes on our linux systems).

BUG=117341
TEST=test in bug stops reproducing with this.


Review URL: http://codereview.chromium.org/10019018

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@131443 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 4 insertions, 1 deletions

diff --git a/ipc/ipc_channel_posix.h b/ipc/ipc_channel_posix.h
index cb7eb84..c71370f 100644
--- a/ipc/ipc_channel_posix.h
+++ b/ipc/ipc_channel_posix.h
@@ -179,7 +179,10 @@ class Channel::ChannelImpl : public internal::ChannelReader,
   // File descriptors extracted from messages coming off of the channel. The
   // handles may span messages and come off different channels from the message
   // data (in the case of READWRITE), and are processed in FIFO here.
-  std::deque<int> input_fds_;
+  // NOTE: The implementation assumes underlying storage here is contiguous, so
+  // don't change to something like std::deque<> without changing the
+  // implementation!
+  std::vector<int> input_fds_;
 
   // True if we are responsible for unlinking the unix domain socket file.
   bool must_unlink_;