summaryrefslogtreecommitdiffstats
path: root/webkit/blob
diff options
context:
space:
mode:
authorericu@chromium.org <ericu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-05-24 02:02:15 +0000
committerericu@chromium.org <ericu@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-05-24 02:02:15 +0000
commit1978b883c3f0bc39ae116c2359a8ea264249b4a9 (patch)
tree99622b904ffc302c585c3adbd4acf7b03d885b80 /webkit/blob
parent374372ab9713c90a71a03ff4705ad8e46faf93c3 (diff)
downloadchromium_src-1978b883c3f0bc39ae116c2359a8ea264249b4a9.zip
chromium_src-1978b883c3f0bc39ae116c2359a8ea264249b4a9.tar.gz
chromium_src-1978b883c3f0bc39ae116c2359a8ea264249b4a9.tar.bz2
Prevent zero-length items from being appended to a blob.
BUG=128266 TEST=as in the bug Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=138554 Review URL: https://chromiumcodereview.appspot.com/10386183 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@138702 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit/blob')
-rw-r--r--webkit/blob/blob_data.cc45
-rw-r--r--webkit/blob/blob_data.h30
-rw-r--r--webkit/blob/blob_storage_controller.cc1
3 files changed, 45 insertions, 31 deletions
diff --git a/webkit/blob/blob_data.cc b/webkit/blob/blob_data.cc
index 33090e7..33ee36b 100644
--- a/webkit/blob/blob_data.cc
+++ b/webkit/blob/blob_data.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
@@ -60,11 +60,13 @@ BlobData::BlobData(const WebBlobData& data) {
}
break;
case WebBlobData::Item::TypeFile:
- AppendFile(
- WebStringToFilePath(item.filePath),
- static_cast<uint64>(item.offset),
- static_cast<uint64>(item.length),
- base::Time::FromDoubleT(item.expectedModificationTime));
+ if (item.length) {
+ AppendFile(
+ WebStringToFilePath(item.filePath),
+ static_cast<uint64>(item.offset),
+ static_cast<uint64>(item.length),
+ base::Time::FromDoubleT(item.expectedModificationTime));
+ }
break;
case WebBlobData::Item::TypeBlob:
if (item.length) {
@@ -84,4 +86,35 @@ BlobData::BlobData(const WebBlobData& data) {
BlobData::~BlobData() {}
+void BlobData::AppendData(const char* data, size_t length) {
+ DCHECK(length > 0);
+ items_.push_back(Item());
+ items_.back().SetToData(data, length);
+}
+
+void BlobData::AppendFile(const FilePath& file_path, uint64 offset,
+ uint64 length,
+ const base::Time& expected_modification_time) {
+ DCHECK(length > 0);
+ items_.push_back(Item());
+ items_.back().SetToFile(file_path, offset, length,
+ expected_modification_time);
+}
+
+void BlobData::AppendBlob(const GURL& blob_url, uint64 offset, uint64 length) {
+ DCHECK(length > 0);
+ items_.push_back(Item());
+ items_.back().SetToBlob(blob_url, offset, length);
+}
+
+int64 BlobData::GetMemoryUsage() const {
+ int64 memory = 0;
+ for (std::vector<Item>::const_iterator iter = items_.begin();
+ iter != items_.end(); ++iter) {
+ if (iter->type == TYPE_DATA)
+ memory += iter->data.size();
+ }
+ return memory;
+}
+
} // namespace webkit_blob
diff --git a/webkit/blob/blob_data.h b/webkit/blob/blob_data.h
index c1296a3..3d276f0 100644
--- a/webkit/blob/blob_data.h
+++ b/webkit/blob/blob_data.h
@@ -1,4 +1,4 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
@@ -85,24 +85,12 @@ class BLOB_EXPORT BlobData : public base::RefCounted<BlobData> {
AppendData(data.c_str(), data.size());
}
- void AppendData(const char* data, size_t length) {
- if (length > 0) {
- items_.push_back(Item());
- items_.back().SetToData(data, length);
- }
- }
+ void AppendData(const char* data, size_t length);
void AppendFile(const FilePath& file_path, uint64 offset, uint64 length,
- const base::Time& expected_modification_time) {
- items_.push_back(Item());
- items_.back().SetToFile(file_path, offset, length,
- expected_modification_time);
- }
+ const base::Time& expected_modification_time);
- void AppendBlob(const GURL& blob_url, uint64 offset, uint64 length) {
- items_.push_back(Item());
- items_.back().SetToBlob(blob_url, offset, length);
- }
+ void AppendBlob(const GURL& blob_url, uint64 offset, uint64 length);
void AttachShareableFileReference(ShareableFileReference* reference) {
shareable_files_.push_back(reference);
@@ -122,15 +110,7 @@ class BLOB_EXPORT BlobData : public base::RefCounted<BlobData> {
content_disposition_ = content_disposition;
}
- int64 GetMemoryUsage() const {
- int64 memory = 0;
- for (std::vector<Item>::const_iterator iter = items_.begin();
- iter != items_.end(); ++iter) {
- if (iter->type == TYPE_DATA)
- memory += iter->data.size();
- }
- return memory;
- }
+ int64 GetMemoryUsage() const;
private:
friend class base::RefCounted<BlobData>;
diff --git a/webkit/blob/blob_storage_controller.cc b/webkit/blob/blob_storage_controller.cc
index ed617e6..9dcbc33 100644
--- a/webkit/blob/blob_storage_controller.cc
+++ b/webkit/blob/blob_storage_controller.cc
@@ -68,6 +68,7 @@ void BlobStorageController::AppendBlobDataItem(
// All the Blob items in the passing blob data are resolved and expanded into
// a set of Data and File items.
+ DCHECK(item.length > 0);
switch (item.type) {
case BlobData::TYPE_DATA:
// WebBlobData does not allow partial data.