diff options
| -rw-r--r-- | chrome/browser/renderer_host/resource_message_filter.cc | 2 | ||||
| -rw-r--r-- | chrome/common/appcache/appcache_dispatcher_host.cc | 128 | ||||
| -rw-r--r-- | chrome/common/appcache/appcache_dispatcher_host.h | 9 |
3 files changed, 101 insertions, 38 deletions
diff --git a/chrome/browser/renderer_host/resource_message_filter.cc b/chrome/browser/renderer_host/resource_message_filter.cc index 51023c5..5912750 100644 --- a/chrome/browser/renderer_host/resource_message_filter.cc +++ b/chrome/browser/renderer_host/resource_message_filter.cc @@ -233,7 +233,7 @@ void ResourceMessageFilter::OnChannelConnected(int32 peer_pid) { WorkerService::GetInstance()->Initialize( resource_dispatcher_host_, ui_loop()); - appcache_dispatcher_host_->Initialize(this, id()); + appcache_dispatcher_host_->Initialize(this, id(), handle()); dom_storage_dispatcher_host_->Init(handle()); } diff --git a/chrome/common/appcache/appcache_dispatcher_host.cc b/chrome/common/appcache/appcache_dispatcher_host.cc index 0fac0cf..91a181f 100644 --- a/chrome/common/appcache/appcache_dispatcher_host.cc +++ b/chrome/common/appcache/appcache_dispatcher_host.cc @@ -4,17 +4,21 @@ #include "chrome/common/appcache/appcache_dispatcher_host.h" +#include "chrome/browser/renderer_host/browser_render_process_host.h" #include "chrome/common/appcache/chrome_appcache_service.h" #include "chrome/common/render_messages.h" AppCacheDispatcherHost::AppCacheDispatcherHost( ChromeAppCacheService* appcache_service) - : appcache_service_(appcache_service) { + : appcache_service_(appcache_service), + process_handle_(0) { } void AppCacheDispatcherHost::Initialize(IPC::Message::Sender* sender, - int process_id) { + int process_id, base::ProcessHandle process_handle) { DCHECK(sender); + DCHECK(process_handle && !process_handle_); + process_handle_ = process_handle; frontend_proxy_.set_sender(sender); if (appcache_service_.get()) { backend_impl_.Initialize( @@ -30,7 +34,7 @@ void AppCacheDispatcherHost::Initialize(IPC::Message::Sender* sender, bool AppCacheDispatcherHost::OnMessageReceived(const IPC::Message& msg, bool *msg_ok) { - DCHECK(frontend_proxy_.sender()); + DCHECK(process_handle_); *msg_ok = true; bool handled = true; IPC_BEGIN_MESSAGE_MAP_EX(AppCacheDispatcherHost, msg, *msg_ok) @@ -46,82 +50,134 @@ bool AppCacheDispatcherHost::OnMessageReceived(const IPC::Message& msg, return handled; } -// TODO(michaeln): Handle the invalid host id error condition, probably -// terminate the child process. - void AppCacheDispatcherHost::OnRegisterHost(int host_id) { - if (appcache_service_.get()) - backend_impl_.RegisterHost(host_id); + if (appcache_service_.get()) { + if (!backend_impl_.RegisterHost(host_id)) { + ReceivedBadMessage(AppCacheMsg_RegisterHost::ID); + } + } } void AppCacheDispatcherHost::OnUnregisterHost(int host_id) { - if (appcache_service_.get()) - backend_impl_.UnregisterHost(host_id); + if (appcache_service_.get()) { + if (!backend_impl_.UnregisterHost(host_id)) { + ReceivedBadMessage(AppCacheMsg_UnregisterHost::ID); + } + } } void AppCacheDispatcherHost::OnSelectCache( int host_id, const GURL& document_url, int64 cache_document_was_loaded_from, const GURL& opt_manifest_url) { - if (appcache_service_.get()) - backend_impl_.SelectCache(host_id, document_url, - cache_document_was_loaded_from, - opt_manifest_url); - else + if (appcache_service_.get()) { + if (!backend_impl_.SelectCache(host_id, document_url, + cache_document_was_loaded_from, + opt_manifest_url)) { + ReceivedBadMessage(AppCacheMsg_SelectCache::ID); + } + } else { frontend_proxy_.OnCacheSelected( host_id, appcache::kNoCacheId, appcache::UNCACHED); + } } void AppCacheDispatcherHost::OnMarkAsForeignEntry( int host_id, const GURL& document_url, int64 cache_document_was_loaded_from) { - if (appcache_service_.get()) - backend_impl_.MarkAsForeignEntry(host_id, document_url, - cache_document_was_loaded_from); + if (appcache_service_.get()) { + if (!backend_impl_.MarkAsForeignEntry(host_id, document_url, + cache_document_was_loaded_from)) { + ReceivedBadMessage(AppCacheMsg_MarkAsForeignEntry::ID); + } + } } void AppCacheDispatcherHost::OnGetStatus(int host_id, IPC::Message* reply_msg) { - if (appcache_service_.get()) - backend_impl_.GetStatusWithCallback( - host_id, get_status_callback_.get(), reply_msg); - else - GetStatusCallback(appcache::UNCACHED, reply_msg); + if (pending_reply_msg_.get()) { + ReceivedBadMessage(AppCacheMsg_GetStatus::ID); + delete reply_msg; + return; + } + + pending_reply_msg_.reset(reply_msg); + if (appcache_service_.get()) { + if (!backend_impl_.GetStatusWithCallback( + host_id, get_status_callback_.get(), reply_msg)) { + ReceivedBadMessage(AppCacheMsg_GetStatus::ID); + } + return; + } + + GetStatusCallback(appcache::UNCACHED, reply_msg); } void AppCacheDispatcherHost::OnStartUpdate(int host_id, IPC::Message* reply_msg) { - if (appcache_service_.get()) - backend_impl_.StartUpdateWithCallback( - host_id, start_update_callback_.get(), reply_msg); - else - StartUpdateCallback(false, reply_msg); + if (pending_reply_msg_.get()) { + ReceivedBadMessage(AppCacheMsg_StartUpdate::ID); + delete reply_msg; + return; + } + + pending_reply_msg_.reset(reply_msg); + if (appcache_service_.get()) { + if (!backend_impl_.StartUpdateWithCallback( + host_id, start_update_callback_.get(), reply_msg)) { + ReceivedBadMessage(AppCacheMsg_StartUpdate::ID); + } + return; + } + + StartUpdateCallback(false, reply_msg); } void AppCacheDispatcherHost::OnSwapCache(int host_id, IPC::Message* reply_msg) { - if (appcache_service_.get()) - backend_impl_.SwapCacheWithCallback( - host_id, swap_cache_callback_.get(), reply_msg); - else - SwapCacheCallback(false, reply_msg); + if (pending_reply_msg_.get()) { + ReceivedBadMessage(AppCacheMsg_SwapCache::ID); + delete reply_msg; + return; + } + + pending_reply_msg_.reset(reply_msg); + if (appcache_service_.get()) { + if (!backend_impl_.SwapCacheWithCallback( + host_id, swap_cache_callback_.get(), reply_msg)) { + ReceivedBadMessage(AppCacheMsg_SwapCache::ID); + } + return; + } + + SwapCacheCallback(false, reply_msg); } void AppCacheDispatcherHost::GetStatusCallback( appcache::Status status, void* param) { IPC::Message* reply_msg = reinterpret_cast<IPC::Message*>(param); + DCHECK(reply_msg == pending_reply_msg_.get()); AppCacheMsg_GetStatus::WriteReplyParams(reply_msg, status); - frontend_proxy_.sender()->Send(reply_msg); + frontend_proxy_.sender()->Send(pending_reply_msg_.release()); } void AppCacheDispatcherHost::StartUpdateCallback(bool result, void* param) { IPC::Message* reply_msg = reinterpret_cast<IPC::Message*>(param); + DCHECK(reply_msg == pending_reply_msg_.get()); AppCacheMsg_StartUpdate::WriteReplyParams(reply_msg, result); - frontend_proxy_.sender()->Send(reply_msg); + frontend_proxy_.sender()->Send(pending_reply_msg_.release()); } void AppCacheDispatcherHost::SwapCacheCallback(bool result, void* param) { IPC::Message* reply_msg = reinterpret_cast<IPC::Message*>(param); + DCHECK(reply_msg == pending_reply_msg_.get()); AppCacheMsg_SwapCache::WriteReplyParams(reply_msg, result); - frontend_proxy_.sender()->Send(reply_msg); + frontend_proxy_.sender()->Send(pending_reply_msg_.release()); +} + +void AppCacheDispatcherHost::ReceivedBadMessage(uint16 msg_type) { + // TODO(michaeln): Consider gathering UMA stats + // http://code.google.com/p/chromium/issues/detail?id=24634 + BrowserRenderProcessHost::BadMessageTerminateProcess( + msg_type, process_handle_); } diff --git a/chrome/common/appcache/appcache_dispatcher_host.h b/chrome/common/appcache/appcache_dispatcher_host.h index 47f245a..31adcdf 100644 --- a/chrome/common/appcache/appcache_dispatcher_host.h +++ b/chrome/common/appcache/appcache_dispatcher_host.h @@ -6,6 +6,8 @@ #define CHROME_COMMON_APPCACHE_APPCACHE_DISPATCHER_HOST_H_ #include <vector> + +#include "base/process.h" #include "base/ref_counted.h" #include "base/scoped_ptr.h" #include "chrome/common/appcache/appcache_frontend_proxy.h" @@ -22,7 +24,8 @@ class AppCacheDispatcherHost { public: explicit AppCacheDispatcherHost(ChromeAppCacheService* appcache_service); - void Initialize(IPC::Message::Sender* sender, int process_id); + void Initialize(IPC::Message::Sender* sender, int process_id, + base::ProcessHandle process_handle); bool OnMessageReceived(const IPC::Message& msg, bool* msg_is_ok); int process_id() const { return backend_impl_.process_id(); } @@ -49,12 +52,16 @@ class AppCacheDispatcherHost { void StartUpdateCallback(bool result, void* param); void SwapCacheCallback(bool result, void* param); + void ReceivedBadMessage(uint16 msg_type); + AppCacheFrontendProxy frontend_proxy_; appcache::AppCacheBackendImpl backend_impl_; scoped_refptr<ChromeAppCacheService> appcache_service_; scoped_ptr<appcache::GetStatusCallback> get_status_callback_; scoped_ptr<appcache::StartUpdateCallback> start_update_callback_; scoped_ptr<appcache::SwapCacheCallback> swap_cache_callback_; + base::ProcessHandle process_handle_; + scoped_ptr<IPC::Message> pending_reply_msg_; DISALLOW_COPY_AND_ASSIGN(AppCacheDispatcherHost); }; |