Don't send PP_Vars/V8 values with cycles across PostMessage

This prevents PP_Vars/V8 values with cycles being transmitted across PostMessage. An undefined value will be sent instead and an error will be logged to the console.

BUG=236958

Review URL: https://chromiumcodereview.appspot.com/16140011

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@207040 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 10 insertions, 0 deletions

diff --git a/ppapi/proxy/ppb_instance_proxy.cc b/ppapi/proxy/ppb_instance_proxy.cc
index 4009a19..e3948f06a 100644
--- a/ppapi/proxy/ppb_instance_proxy.cc
+++ b/ppapi/proxy/ppb_instance_proxy.cc
@@ -56,6 +56,10 @@ namespace proxy {
 
 namespace {
 
+const char kSerializationError[] = "Failed to convert a PostMessage "
+    "argument from a PP_Var to a Javascript value. It may have cycles or be of "
+    "an unsupported type.";
+
 InterfaceProxy* CreateInstanceProxy(Dispatcher* dispatcher) {
   return new PPB_Instance_Proxy(dispatcher);
 }
@@ -933,6 +937,12 @@ void PPB_Instance_Proxy::OnHostMsgPostMessage(
     PP_Instance instance,
     SerializedVarReceiveInput message) {
   EnterInstanceNoLock enter(instance);
+  if (!message.is_valid_var()) {
+    PpapiGlobals::Get()->LogWithSource(
+        instance, PP_LOGLEVEL_ERROR, std::string(), kSerializationError);
+    return;
+  }
+
   if (enter.succeeded())
     enter.functions()->PostMessage(instance,
                                    message.GetForInstance(dispatcher(),