1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef BASE_PICKLE_H__
#define BASE_PICKLE_H__
#include <string>
#include "base/basictypes.h"
#include "base/logging.h"
#include "base/string16.h"
#include "mozilla/Attributes.h"
#include "mozilla/BufferList.h"
#include "mozilla/mozalloc.h"
#ifdef MOZ_FAULTY
#include "base/singleton.h"
#include "mozilla/ipc/Faulty.h"
#endif
#if !defined(RELEASE_OR_BETA) || defined(DEBUG)
#define MOZ_PICKLE_SENTINEL_CHECKING
#endif
class Pickle;
class PickleIterator {
public:
explicit PickleIterator(const Pickle& pickle);
private:
friend class Pickle;
mozilla::BufferList<InfallibleAllocPolicy>::IterImpl iter_;
template<typename T>
void CopyInto(T* dest);
};
// This class provides facilities for basic binary value packing and unpacking.
//
// The Pickle class supports appending primitive values (ints, strings, etc.)
// to a pickle instance. The Pickle instance grows its internal memory buffer
// dynamically to hold the sequence of primitive values. The internal memory
// buffer is exposed as the "data" of the Pickle. This "data" can be passed
// to a Pickle object to initialize it for reading.
//
// When reading from a Pickle object, it is important for the consumer to know
// what value types to read and in what order to read them as the Pickle does
// not keep track of the type of data written to it.
//
// The Pickle's data has a header which contains the size of the Pickle's
// payload. It can optionally support additional space in the header. That
// space is controlled by the header_size parameter passed to the Pickle
// constructor.
//
class Pickle {
public:
~Pickle();
Pickle() = delete;
// Initialize a Pickle object with the specified header size in bytes, which
// must be greater-than-or-equal-to sizeof(Pickle::Header). The header size
// will be rounded up to ensure that the header size is 32bit-aligned.
explicit Pickle(uint32_t header_size);
Pickle(uint32_t header_size, const char* data, uint32_t length);
Pickle(const Pickle& other) = delete;
Pickle(Pickle&& other);
// Performs a deep copy.
Pickle& operator=(const Pickle& other) = delete;
Pickle& operator=(Pickle&& other);
// Returns the size of the Pickle's data.
uint32_t size() const { return header_size_ + header_->payload_size; }
typedef mozilla::BufferList<InfallibleAllocPolicy> BufferList;
const BufferList& Buffers() const { return buffers_; }
uint32_t CurrentSize() const { return buffers_.Size(); }
// Methods for reading the payload of the Pickle. To read from the start of
// the Pickle, initialize *iter to NULL. If successful, these methods return
// true. Otherwise, false is returned to indicate that the result could not
// be extracted.
MOZ_MUST_USE bool ReadBool(PickleIterator* iter, bool* result) const;
MOZ_MUST_USE bool ReadInt16(PickleIterator* iter, int16_t* result) const;
MOZ_MUST_USE bool ReadUInt16(PickleIterator* iter, uint16_t* result) const;
MOZ_MUST_USE bool ReadShort(PickleIterator* iter, short* result) const;
MOZ_MUST_USE bool ReadInt(PickleIterator* iter, int* result) const;
MOZ_MUST_USE bool ReadLong(PickleIterator* iter, long* result) const;
MOZ_MUST_USE bool ReadULong(PickleIterator* iter, unsigned long* result) const;
MOZ_MUST_USE bool ReadSize(PickleIterator* iter, size_t* result) const;
MOZ_MUST_USE bool ReadInt32(PickleIterator* iter, int32_t* result) const;
MOZ_MUST_USE bool ReadUInt32(PickleIterator* iter, uint32_t* result) const;
MOZ_MUST_USE bool ReadInt64(PickleIterator* iter, int64_t* result) const;
MOZ_MUST_USE bool ReadUInt64(PickleIterator* iter, uint64_t* result) const;
MOZ_MUST_USE bool ReadDouble(PickleIterator* iter, double* result) const;
MOZ_MUST_USE bool ReadIntPtr(PickleIterator* iter, intptr_t* result) const;
MOZ_MUST_USE bool ReadUnsignedChar(PickleIterator* iter, unsigned char* result) const;
MOZ_MUST_USE bool ReadString(PickleIterator* iter, std::string* result) const;
MOZ_MUST_USE bool ReadWString(PickleIterator* iter, std::wstring* result) const;
MOZ_MUST_USE bool ReadBytesInto(PickleIterator* iter, void* data, uint32_t length) const;
MOZ_MUST_USE bool ExtractBuffers(PickleIterator* iter, size_t length, BufferList* buffers,
uint32_t alignment = sizeof(memberAlignmentType)) const;
// Safer version of ReadInt() checks for the result not being negative.
// Use it for reading the object sizes.
MOZ_MUST_USE bool ReadLength(PickleIterator* iter, int* result) const;
MOZ_MUST_USE bool ReadSentinel(PickleIterator* iter, uint32_t sentinel) const
#ifdef MOZ_PICKLE_SENTINEL_CHECKING
;
#else
{
return true;
}
#endif
void EndRead(PickleIterator& iter) const;
// Methods for adding to the payload of the Pickle. These values are
// appended to the end of the Pickle's payload. When reading values from a
// Pickle, it is important to read them in the order in which they were added
// to the Pickle.
bool WriteBool(bool value) {
#ifdef MOZ_FAULTY
Singleton<mozilla::ipc::Faulty>::get()->FuzzBool(&value);
#endif
return WriteInt(value ? 1 : 0);
}
bool WriteInt16(int16_t value) {
#ifdef MOZ_FAULTY
Singleton<mozilla::ipc::Faulty>::get()->FuzzInt16(&value);
#endif
return WriteBytes(&value, sizeof(value));
}
bool WriteUInt16(uint16_t value) {
#ifdef MOZ_FAULTY
Singleton<mozilla::ipc::Faulty>::get()->FuzzUInt16(&value);
#endif
return WriteBytes(&value, sizeof(value));
}
bool WriteInt(int value) {
#ifdef MOZ_FAULTY
Singleton<mozilla::ipc::Faulty>::get()->FuzzInt(&value);
#endif
return WriteBytes(&value, sizeof(value));
}
bool WriteLong(long value) {
// Always written as a 64-bit value since the size for this type can
// differ between architectures.
#ifdef MOZ_FAULTY
Singleton<mozilla::ipc::Faulty>::get()->FuzzLong(&value);
#endif
return WriteInt64(int64_t(value));
}
bool WriteULong(unsigned long value) {
// Always written as a 64-bit value since the size for this type can
// differ between architectures.
#ifdef MOZ_FAULTY
Singleton<mozilla::ipc::Faulty>::get()->FuzzULong(&value);
#endif
return WriteUInt64(uint64_t(value));
}
bool WriteSize(size_t value) {
// Always written as a 64-bit value since the size for this type can
// differ between architectures.
#ifdef MOZ_FAULTY
Singleton<mozilla::ipc::Faulty>::get()->FuzzSize(&value);
#endif
return WriteUInt64(uint64_t(value));
}
bool WriteInt32(int32_t value) {
#ifdef MOZ_FAULTY
Singleton<mozilla::ipc::Faulty>::get()->FuzzInt(&value);
#endif
return WriteBytes(&value, sizeof(value));
}
bool WriteUInt32(uint32_t value) {
#ifdef MOZ_FAULTY
Singleton<mozilla::ipc::Faulty>::get()->FuzzUInt32(&value);
#endif
return WriteBytes(&value, sizeof(value));
}
bool WriteInt64(int64_t value) {
#ifdef MOZ_FAULTY
Singleton<mozilla::ipc::Faulty>::get()->FuzzInt64(&value);
#endif
return WriteBytes(&value, sizeof(value));
}
bool WriteUInt64(uint64_t value) {
#ifdef MOZ_FAULTY
Singleton<mozilla::ipc::Faulty>::get()->FuzzUInt64(&value);
#endif
return WriteBytes(&value, sizeof(value));
}
bool WriteDouble(double value) {
#ifdef MOZ_FAULTY
Singleton<mozilla::ipc::Faulty>::get()->FuzzDouble(&value);
#endif
return WriteBytes(&value, sizeof(value));
}
bool WriteIntPtr(intptr_t value) {
// Always written as a 64-bit value since the size for this type can
// differ between architectures.
return WriteInt64(int64_t(value));
}
bool WriteUnsignedChar(unsigned char value) {
#ifdef MOZ_FAULTY
Singleton<mozilla::ipc::Faulty>::get()->FuzzUChar(&value);
#endif
return WriteBytes(&value, sizeof(value));
}
bool WriteString(const std::string& value);
bool WriteWString(const std::wstring& value);
bool WriteData(const char* data, uint32_t length);
bool WriteBytes(const void* data, uint32_t data_len,
uint32_t alignment = sizeof(memberAlignmentType));
bool WriteSentinel(uint32_t sentinel)
#ifdef MOZ_PICKLE_SENTINEL_CHECKING
;
#else
{
return true;
}
#endif
int32_t* GetInt32PtrForTest(uint32_t offset);
void InputBytes(const char* data, uint32_t length);
// Payload follows after allocation of Header (header size is customizable).
struct Header {
uint32_t payload_size; // Specifies the size of the payload.
};
// Returns the header, cast to a user-specified type T. The type T must be a
// subclass of Header and its size must correspond to the header_size passed
// to the Pickle constructor.
template <class T>
T* headerT() {
DCHECK(sizeof(T) == header_size_);
return static_cast<T*>(header_);
}
template <class T>
const T* headerT() const {
DCHECK(sizeof(T) == header_size_);
return static_cast<const T*>(header_);
}
typedef uint32_t memberAlignmentType;
protected:
uint32_t payload_size() const { return header_->payload_size; }
// Resizes the buffer for use when writing the specified amount of data. The
// location that the data should be written at is returned, or NULL if there
// was an error. Call EndWrite with the returned offset and the given length
// to pad out for the next write.
void BeginWrite(uint32_t length, uint32_t alignment);
// Completes the write operation by padding the data with NULL bytes until it
// is padded. Should be paired with BeginWrite, but it does not necessarily
// have to be called after the data is written.
void EndWrite(uint32_t length);
// Round 'bytes' up to the next multiple of 'alignment'. 'alignment' must be
// a power of 2.
template<uint32_t alignment> struct ConstantAligner {
static uint32_t align(int bytes) {
static_assert((alignment & (alignment - 1)) == 0,
"alignment must be a power of two");
return (bytes + (alignment - 1)) & ~static_cast<uint32_t>(alignment - 1);
}
};
static uint32_t AlignInt(int bytes) {
return ConstantAligner<sizeof(memberAlignmentType)>::align(bytes);
}
static uint32_t AlignCapacity(int bytes) {
return ConstantAligner<kSegmentAlignment>::align(bytes);
}
// Returns true if the given iterator could point to data with the given
// length. If there is no room for the given data before the end of the
// payload, returns false.
bool IteratorHasRoomFor(const PickleIterator& iter, uint32_t len) const;
// Moves the iterator by the given number of bytes, making sure it is aligned.
// Pointer (iterator) is NOT aligned, but the change in the pointer
// is guaranteed to be a multiple of sizeof(memberAlignmentType).
void UpdateIter(PickleIterator* iter, uint32_t bytes) const;
// Figure out how big the message starting at range_start is. Returns 0 if
// there's no enough data to determine (i.e., if [range_start, range_end) does
// not contain enough of the message header to know the size).
static uint32_t MessageSize(uint32_t header_size,
const char* range_start,
const char* range_end);
// Segments capacities are aligned to 8 bytes to ensure that all reads/writes
// at 8-byte aligned offsets will be on 8-byte aligned pointers.
static const uint32_t kSegmentAlignment = 8;
private:
friend class PickleIterator;
BufferList buffers_;
Header* header_;
uint32_t header_size_;
};
#endif // BASE_PICKLE_H__
|