diff options
| author | tsepez@chromium.org <tsepez@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-05-04 17:14:16 +0000 |
|---|---|---|
| committer | tsepez@chromium.org <tsepez@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-05-04 17:14:16 +0000 |
| commit | 894803199a98888bcbf913557e0952ae64cd0bf5 (patch) | |
| tree | 53de7430f6db15e914e3ec5c965e2f3735cc4f91 /ipc | |
| parent | 2ad3f3364a83bf499a43fdc8967f32d34c52ce7c (diff) | |
| download | chromium_src-894803199a98888bcbf913557e0952ae64cd0bf5.zip chromium_src-894803199a98888bcbf913557e0952ae64cd0bf5.tar.gz chromium_src-894803199a98888bcbf913557e0952ae64cd0bf5.tar.bz2 | |
IPC outgoing message filters interpose yourself in a message stream. Minimally invasive baseline for building IPC tests to abuse browser along the lines of a compromised renderer.
Review URL: http://codereview.chromium.org/6711024
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@84076 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'ipc')
| -rw-r--r-- | ipc/ipc_channel_proxy.cc | 9 | ||||
| -rw-r--r-- | ipc/ipc_channel_proxy.h | 19 |
2 files changed, 26 insertions, 2 deletions
diff --git a/ipc/ipc_channel_proxy.cc b/ipc/ipc_channel_proxy.cc index 8f981f4..cbc18bc 100644 --- a/ipc/ipc_channel_proxy.cc +++ b/ipc/ipc_channel_proxy.cc @@ -283,7 +283,8 @@ ChannelProxy::ChannelProxy(const IPC::ChannelHandle& channel_handle, Channel::Mode mode, Channel::Listener* listener, base::MessageLoopProxy* ipc_thread) - : context_(new Context(listener, ipc_thread)) { + : context_(new Context(listener, ipc_thread)), + outgoing_message_filter_(NULL) { Init(channel_handle, mode, ipc_thread, true); } @@ -292,7 +293,8 @@ ChannelProxy::ChannelProxy(const IPC::ChannelHandle& channel_handle, base::MessageLoopProxy* ipc_thread, Context* context, bool create_pipe_now) - : context_(context) { + : context_(context), + outgoing_message_filter_(NULL) { Init(channel_handle, mode, ipc_thread, create_pipe_now); } @@ -343,6 +345,9 @@ void ChannelProxy::Close() { } bool ChannelProxy::Send(Message* message) { + if (outgoing_message_filter()) + message = outgoing_message_filter()->Rewrite(message); + #ifdef IPC_MESSAGE_LOG_ENABLED Logging::GetInstance()->OnSendMessage(message, context_->channel_id()); #endif diff --git a/ipc/ipc_channel_proxy.h b/ipc/ipc_channel_proxy.h index 2b1dea8..bcdeaac 100644 --- a/ipc/ipc_channel_proxy.h +++ b/ipc/ipc_channel_proxy.h @@ -98,6 +98,15 @@ class ChannelProxy : public Message::Sender { } }; + // Interface for a filter to be imposed on outgoing messages which can + // re-write the message. Used mainly for testing. + class OutgoingMessageFilter { + public: + // Returns a re-written message, freeing the original, or simply the + // original unchanged if no rewrite indicated. + virtual Message *Rewrite(Message *message) = 0; + }; + // Initializes a channel proxy. The channel_handle and mode parameters are // passed directly to the underlying IPC::Channel. The listener is called on // the thread that creates the ChannelProxy. The filter's OnMessageReceived @@ -139,6 +148,10 @@ class ChannelProxy : public Message::Sender { void AddFilter(MessageFilter* filter); void RemoveFilter(MessageFilter* filter); + void set_outgoing_message_filter(OutgoingMessageFilter* filter) { + outgoing_message_filter_ = filter; + } + // Called to clear the pointer to the IPC message loop when it's going away. void ClearIPCMessageLoop(); @@ -236,6 +249,10 @@ class ChannelProxy : public Message::Sender { Context* context() { return context_; } + OutgoingMessageFilter* outgoing_message_filter() { + return outgoing_message_filter_; + } + private: friend class SendTask; @@ -246,6 +263,8 @@ class ChannelProxy : public Message::Sender { // can safely be destroyed while the background thread continues to do stuff // that involves this data. scoped_refptr<Context> context_; + + OutgoingMessageFilter* outgoing_message_filter_; }; } // namespace IPC |