summaryrefslogtreecommitdiffstats
path: root/net/disk_cache/block_files.cc
diff options
context:
space:
mode:
authormattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2009-08-08 00:49:14 +0000
committermattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2009-08-08 00:49:14 +0000
commit21fc9dc4cbe2c771e357f4dbed0d2b5131599f8a (patch)
tree48106c981d524a2c14557d3cb764789996af65c7 /net/disk_cache/block_files.cc
parent11da7028425a758f1b30d19c802410747b4a98ad (diff)
downloadchromium_src-21fc9dc4cbe2c771e357f4dbed0d2b5131599f8a.zip
chromium_src-21fc9dc4cbe2c771e357f4dbed0d2b5131599f8a.tar.gz
chromium_src-21fc9dc4cbe2c771e357f4dbed0d2b5131599f8a.tar.bz2
Try again: Check blockfile size before attempting to read the header.
Reading past the last page of a mmapped file will SIGBUS. BUG=18174 TEST=truncate Default/Cache/data_* to zero bytes, launch chrome, try to load a website. It shouldn't crash. Review URL: http://codereview.chromium.org/165174 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@22843 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/disk_cache/block_files.cc')
-rw-r--r--net/disk_cache/block_files.cc6
1 files changed, 6 insertions, 0 deletions
diff --git a/net/disk_cache/block_files.cc b/net/disk_cache/block_files.cc
index cd7e5cf..0e9eb04 100644
--- a/net/disk_cache/block_files.cc
+++ b/net/disk_cache/block_files.cc
@@ -247,6 +247,12 @@ bool BlockFiles::OpenBlockFile(int index) {
return false;
}
+ if (file->GetLength() < static_cast<size_t>(kBlockHeaderSize)) {
+ LOG(ERROR) << "File too small " << name;
+ file->Release();
+ return false;
+ }
+
block_files_[index] = file;
BlockFileHeader* header = reinterpret_cast<BlockFileHeader*>(file->buffer());
generated by cgit v1.1 at 2025-02-19 07:03:05 +0000