mojo/public/cpp/bindings/lib/message_header_validator.cc - mojo-tools - Git at Google

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "mojo/public/cpp/bindings/lib/message_header_validator.h"

 #include "mojo/public/cpp/bindings/lib/bindings_serialization.h"
 #include "mojo/public/cpp/bindings/lib/bounds_checker.h"
 #include "mojo/public/cpp/bindings/lib/validation_errors.h"

 namespace mojo {
 namespace internal {
 namespace {

 bool IsValidMessageHeader(const MessageHeader* header) {
   // NOTE: Our goal is to preserve support for future extension of the message
   // header. If we encounter fields we do not understand, we must ignore them.

   // Extra validation of the struct header:
   if (header->num_fields == 2) {
     if (header->num_bytes != sizeof(MessageHeader)) {
       ReportValidationError(VALIDATION_ERROR_UNEXPECTED_STRUCT_HEADER);
       return false;
     }
   } else if (header->num_fields == 3) {
     if (header->num_bytes != sizeof(MessageHeaderWithRequestID)) {
       ReportValidationError(VALIDATION_ERROR_UNEXPECTED_STRUCT_HEADER);
       return false;
     }
   } else if (header->num_fields > 3) {
     if (header->num_bytes < sizeof(MessageHeaderWithRequestID)) {
       ReportValidationError(VALIDATION_ERROR_UNEXPECTED_STRUCT_HEADER);
       return false;
     }
   }

   // Validate flags (allow unknown bits):

   // These flags require a RequestID.
   if (header->num_fields < 3 &&
         ((header->flags & kMessageExpectsResponse) ||
          (header->flags & kMessageIsResponse))) {
     ReportValidationError(VALIDATION_ERROR_MESSAGE_HEADER_MISSING_REQUEST_ID);
     return false;
   }

   // These flags are mutually exclusive.
   if ((header->flags & kMessageExpectsResponse) &&
       (header->flags & kMessageIsResponse)) {
     ReportValidationError(
         VALIDATION_ERROR_MESSAGE_HEADER_INVALID_FLAG_COMBINATION);
     return false;
   }

   return true;
 }

 }  // namespace

 MessageHeaderValidator::MessageHeaderValidator(MessageReceiver* sink)
     : MessageFilter(sink) {
 }

 bool MessageHeaderValidator::Accept(Message* message) {
   // Pass 0 as number of handles because we don't expect any in the header, even
   // if |message| contains handles.
   BoundsChecker bounds_checker(message->data(), message->data_num_bytes(), 0);

   if (!ValidateStructHeader(message->data(), sizeof(MessageHeader), 2,
                             &bounds_checker)) {
     return false;
   }

   if (!IsValidMessageHeader(message->header()))
     return false;

   return sink_->Accept(message);
 }

 }  // namespace internal
 }  // namespace mojo
	// Copyright 2014 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "mojo/public/cpp/bindings/lib/message_header_validator.h"

	#include "mojo/public/cpp/bindings/lib/bindings_serialization.h"
	#include "mojo/public/cpp/bindings/lib/bounds_checker.h"
	#include "mojo/public/cpp/bindings/lib/validation_errors.h"

	namespace mojo {
	namespace internal {
	namespace {

	bool IsValidMessageHeader(const MessageHeader* header) {
	// NOTE: Our goal is to preserve support for future extension of the message
	// header. If we encounter fields we do not understand, we must ignore them.

	// Extra validation of the struct header:
	if (header->num_fields == 2) {
	if (header->num_bytes != sizeof(MessageHeader)) {
	ReportValidationError(VALIDATION_ERROR_UNEXPECTED_STRUCT_HEADER);
	return false;
	}
	} else if (header->num_fields == 3) {
	if (header->num_bytes != sizeof(MessageHeaderWithRequestID)) {
	ReportValidationError(VALIDATION_ERROR_UNEXPECTED_STRUCT_HEADER);
	return false;
	}
	} else if (header->num_fields > 3) {
	if (header->num_bytes < sizeof(MessageHeaderWithRequestID)) {
	ReportValidationError(VALIDATION_ERROR_UNEXPECTED_STRUCT_HEADER);
	return false;
	}
	}

	// Validate flags (allow unknown bits):

	// These flags require a RequestID.
	if (header->num_fields < 3 &&
	((header->flags & kMessageExpectsResponse) \|\|
	(header->flags & kMessageIsResponse))) {
	ReportValidationError(VALIDATION_ERROR_MESSAGE_HEADER_MISSING_REQUEST_ID);
	return false;
	}

	// These flags are mutually exclusive.
	if ((header->flags & kMessageExpectsResponse) &&
	(header->flags & kMessageIsResponse)) {
	ReportValidationError(
	VALIDATION_ERROR_MESSAGE_HEADER_INVALID_FLAG_COMBINATION);
	return false;
	}

	return true;
	}

	} // namespace

	MessageHeaderValidator::MessageHeaderValidator(MessageReceiver* sink)
	: MessageFilter(sink) {
	}

	bool MessageHeaderValidator::Accept(Message* message) {
	// Pass 0 as number of handles because we don't expect any in the header, even
	// if \|message\| contains handles.
	BoundsChecker bounds_checker(message->data(), message->data_num_bytes(), 0);

	if (!ValidateStructHeader(message->data(), sizeof(MessageHeader), 2,
	&bounds_checker)) {
	return false;
	}

	if (!IsValidMessageHeader(message->header()))
	return false;

	return sink_->Accept(message);
	}

	} // namespace internal
	} // namespace mojo