1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "base/pickle.h" 6 7 #include <stdlib.h> 8 9 #include <algorithm> // for max() 10 #include <limits> 11 12 #include "base/bits.h" 13 #include "base/macros.h" 14 #include "base/numerics/safe_conversions.h" 15 #include "build/build_config.h" 16 17 namespace base { 18 19 // static 20 const int Pickle::kPayloadUnit = 64; 21 22 static const size_t kCapacityReadOnly = static_cast<size_t>(-1); 23 24 PickleIterator::PickleIterator(const Pickle& pickle) 25 : payload_(pickle.payload()), 26 read_index_(0), 27 end_index_(pickle.payload_size()) { 28 } 29 30 template <typename Type> 31 inline bool PickleIterator::ReadBuiltinType(Type* result) { 32 const char* read_from = GetReadPointerAndAdvance<Type>(); 33 if (!read_from) 34 return false; 35 if (sizeof(Type) > sizeof(uint32_t)) 36 memcpy(result, read_from, sizeof(*result)); 37 else 38 *result = *reinterpret_cast<const Type*>(read_from); 39 return true; 40 } 41 42 inline void PickleIterator::Advance(size_t size) { 43 size_t aligned_size = bits::Align(size, sizeof(uint32_t)); 44 if (end_index_ - read_index_ < aligned_size) { 45 read_index_ = end_index_; 46 } else { 47 read_index_ += aligned_size; 48 } 49 } 50 51 template<typename Type> 52 inline const char* PickleIterator::GetReadPointerAndAdvance() { 53 if (sizeof(Type) > end_index_ - read_index_) { 54 read_index_ = end_index_; 55 return NULL; 56 } 57 const char* current_read_ptr = payload_ + read_index_; 58 Advance(sizeof(Type)); 59 return current_read_ptr; 60 } 61 62 const char* PickleIterator::GetReadPointerAndAdvance(int num_bytes) { 63 if (num_bytes < 0 || 64 end_index_ - read_index_ < static_cast<size_t>(num_bytes)) { 65 read_index_ = end_index_; 66 return NULL; 67 } 68 const char* current_read_ptr = payload_ + read_index_; 69 Advance(num_bytes); 70 return current_read_ptr; 71 } 72 73 inline const char* PickleIterator::GetReadPointerAndAdvance( 74 int num_elements, 75 size_t size_element) { 76 // Check for int32_t overflow. 77 int64_t num_bytes = static_cast<int64_t>(num_elements) * size_element; 78 int num_bytes32 = static_cast<int>(num_bytes); 79 if (num_bytes != static_cast<int64_t>(num_bytes32)) 80 return NULL; 81 return GetReadPointerAndAdvance(num_bytes32); 82 } 83 84 bool PickleIterator::ReadBool(bool* result) { 85 return ReadBuiltinType(result); 86 } 87 88 bool PickleIterator::ReadInt(int* result) { 89 return ReadBuiltinType(result); 90 } 91 92 bool PickleIterator::ReadLong(long* result) { 93 // Always read long as a 64-bit value to ensure compatibility between 32-bit 94 // and 64-bit processes. 95 int64_t result_int64 = 0; 96 if (!ReadBuiltinType(&result_int64)) 97 return false; 98 // CHECK if the cast truncates the value so that we know to change this IPC 99 // parameter to use int64_t. 100 *result = base::checked_cast<long>(result_int64); 101 return true; 102 } 103 104 bool PickleIterator::ReadUInt16(uint16_t* result) { 105 return ReadBuiltinType(result); 106 } 107 108 bool PickleIterator::ReadUInt32(uint32_t* result) { 109 return ReadBuiltinType(result); 110 } 111 112 bool PickleIterator::ReadInt64(int64_t* result) { 113 return ReadBuiltinType(result); 114 } 115 116 bool PickleIterator::ReadUInt64(uint64_t* result) { 117 return ReadBuiltinType(result); 118 } 119 120 bool PickleIterator::ReadFloat(float* result) { 121 // crbug.com/315213 122 // The source data may not be properly aligned, and unaligned float reads 123 // cause SIGBUS on some ARM platforms, so force using memcpy to copy the data 124 // into the result. 125 const char* read_from = GetReadPointerAndAdvance<float>(); 126 if (!read_from) 127 return false; 128 memcpy(result, read_from, sizeof(*result)); 129 return true; 130 } 131 132 bool PickleIterator::ReadDouble(double* result) { 133 // crbug.com/315213 134 // The source data may not be properly aligned, and unaligned double reads 135 // cause SIGBUS on some ARM platforms, so force using memcpy to copy the data 136 // into the result. 137 const char* read_from = GetReadPointerAndAdvance<double>(); 138 if (!read_from) 139 return false; 140 memcpy(result, read_from, sizeof(*result)); 141 return true; 142 } 143 144 bool PickleIterator::ReadString(std::string* result) { 145 int len; 146 if (!ReadInt(&len)) 147 return false; 148 const char* read_from = GetReadPointerAndAdvance(len); 149 if (!read_from) 150 return false; 151 152 result->assign(read_from, len); 153 return true; 154 } 155 156 bool PickleIterator::ReadStringPiece(StringPiece* result) { 157 int len; 158 if (!ReadInt(&len)) 159 return false; 160 const char* read_from = GetReadPointerAndAdvance(len); 161 if (!read_from) 162 return false; 163 164 *result = StringPiece(read_from, len); 165 return true; 166 } 167 168 bool PickleIterator::ReadString16(string16* result) { 169 int len; 170 if (!ReadInt(&len)) 171 return false; 172 const char* read_from = GetReadPointerAndAdvance(len, sizeof(char16)); 173 if (!read_from) 174 return false; 175 176 result->assign(reinterpret_cast<const char16*>(read_from), len); 177 return true; 178 } 179 180 bool PickleIterator::ReadStringPiece16(StringPiece16* result) { 181 int len; 182 if (!ReadInt(&len)) 183 return false; 184 const char* read_from = GetReadPointerAndAdvance(len, sizeof(char16)); 185 if (!read_from) 186 return false; 187 188 *result = StringPiece16(reinterpret_cast<const char16*>(read_from), len); 189 return true; 190 } 191 192 bool PickleIterator::ReadData(const char** data, int* length) { 193 *length = 0; 194 *data = 0; 195 196 if (!ReadInt(length)) 197 return false; 198 199 return ReadBytes(data, *length); 200 } 201 202 bool PickleIterator::ReadBytes(const char** data, int length) { 203 const char* read_from = GetReadPointerAndAdvance(length); 204 if (!read_from) 205 return false; 206 *data = read_from; 207 return true; 208 } 209 210 PickleSizer::PickleSizer() {} 211 212 PickleSizer::~PickleSizer() {} 213 214 void PickleSizer::AddString(const StringPiece& value) { 215 AddInt(); 216 AddBytes(static_cast<int>(value.size())); 217 } 218 219 void PickleSizer::AddString16(const StringPiece16& value) { 220 AddInt(); 221 AddBytes(static_cast<int>(value.size() * sizeof(char16))); 222 } 223 224 void PickleSizer::AddData(int length) { 225 CHECK_GE(length, 0); 226 AddInt(); 227 AddBytes(length); 228 } 229 230 void PickleSizer::AddBytes(int length) { 231 payload_size_ += bits::Align(length, sizeof(uint32_t)); 232 } 233 234 void PickleSizer::AddAttachment() { 235 // From IPC::Message::WriteAttachment 236 AddBool(); 237 AddInt(); 238 } 239 240 template <size_t length> void PickleSizer::AddBytesStatic() { 241 DCHECK_LE(length, static_cast<size_t>(std::numeric_limits<int>::max())); 242 AddBytes(length); 243 } 244 245 template void PickleSizer::AddBytesStatic<2>(); 246 template void PickleSizer::AddBytesStatic<4>(); 247 template void PickleSizer::AddBytesStatic<8>(); 248 249 Pickle::Attachment::Attachment() {} 250 251 Pickle::Attachment::~Attachment() {} 252 253 // Payload is uint32_t aligned. 254 255 Pickle::Pickle() 256 : header_(NULL), 257 header_size_(sizeof(Header)), 258 capacity_after_header_(0), 259 write_offset_(0) { 260 static_assert((Pickle::kPayloadUnit & (Pickle::kPayloadUnit - 1)) == 0, 261 "Pickle::kPayloadUnit must be a power of two"); 262 Resize(kPayloadUnit); 263 header_->payload_size = 0; 264 } 265 266 Pickle::Pickle(int header_size) 267 : header_(NULL), 268 header_size_(bits::Align(header_size, sizeof(uint32_t))), 269 capacity_after_header_(0), 270 write_offset_(0) { 271 DCHECK_GE(static_cast<size_t>(header_size), sizeof(Header)); 272 DCHECK_LE(header_size, kPayloadUnit); 273 Resize(kPayloadUnit); 274 header_->payload_size = 0; 275 } 276 277 Pickle::Pickle(const char* data, int data_len) 278 : header_(reinterpret_cast<Header*>(const_cast<char*>(data))), 279 header_size_(0), 280 capacity_after_header_(kCapacityReadOnly), 281 write_offset_(0) { 282 if (data_len >= static_cast<int>(sizeof(Header))) 283 header_size_ = data_len - header_->payload_size; 284 285 if (header_size_ > static_cast<unsigned int>(data_len)) 286 header_size_ = 0; 287 288 if (header_size_ != bits::Align(header_size_, sizeof(uint32_t))) 289 header_size_ = 0; 290 291 // If there is anything wrong with the data, we're not going to use it. 292 if (!header_size_) 293 header_ = NULL; 294 } 295 296 Pickle::Pickle(const Pickle& other) 297 : header_(NULL), 298 header_size_(other.header_size_), 299 capacity_after_header_(0), 300 write_offset_(other.write_offset_) { 301 Resize(other.header_->payload_size); 302 memcpy(header_, other.header_, header_size_ + other.header_->payload_size); 303 } 304 305 Pickle::~Pickle() { 306 if (capacity_after_header_ != kCapacityReadOnly) 307 free(header_); 308 } 309 310 Pickle& Pickle::operator=(const Pickle& other) { 311 if (this == &other) { 312 NOTREACHED(); 313 return *this; 314 } 315 if (capacity_after_header_ == kCapacityReadOnly) { 316 header_ = NULL; 317 capacity_after_header_ = 0; 318 } 319 if (header_size_ != other.header_size_) { 320 free(header_); 321 header_ = NULL; 322 header_size_ = other.header_size_; 323 } 324 Resize(other.header_->payload_size); 325 memcpy(header_, other.header_, 326 other.header_size_ + other.header_->payload_size); 327 write_offset_ = other.write_offset_; 328 return *this; 329 } 330 331 bool Pickle::WriteString(const StringPiece& value) { 332 if (!WriteInt(static_cast<int>(value.size()))) 333 return false; 334 335 return WriteBytes(value.data(), static_cast<int>(value.size())); 336 } 337 338 bool Pickle::WriteString16(const StringPiece16& value) { 339 if (!WriteInt(static_cast<int>(value.size()))) 340 return false; 341 342 return WriteBytes(value.data(), 343 static_cast<int>(value.size()) * sizeof(char16)); 344 } 345 346 bool Pickle::WriteData(const char* data, int length) { 347 return length >= 0 && WriteInt(length) && WriteBytes(data, length); 348 } 349 350 bool Pickle::WriteBytes(const void* data, int length) { 351 WriteBytesCommon(data, length); 352 return true; 353 } 354 355 void Pickle::Reserve(size_t length) { 356 size_t data_len = bits::Align(length, sizeof(uint32_t)); 357 DCHECK_GE(data_len, length); 358 #ifdef ARCH_CPU_64_BITS 359 DCHECK_LE(data_len, std::numeric_limits<uint32_t>::max()); 360 #endif 361 DCHECK_LE(write_offset_, std::numeric_limits<uint32_t>::max() - data_len); 362 size_t new_size = write_offset_ + data_len; 363 if (new_size > capacity_after_header_) 364 Resize(capacity_after_header_ * 2 + new_size); 365 } 366 367 bool Pickle::WriteAttachment(scoped_refptr<Attachment> /*attachment*/) { 368 return false; 369 } 370 371 bool Pickle::ReadAttachment(base::PickleIterator* /*iter*/, 372 scoped_refptr<Attachment>* /*attachment*/) const { 373 return false; 374 } 375 376 bool Pickle::HasAttachments() const { 377 return false; 378 } 379 380 void Pickle::Resize(size_t new_capacity) { 381 CHECK_NE(capacity_after_header_, kCapacityReadOnly); 382 capacity_after_header_ = bits::Align(new_capacity, kPayloadUnit); 383 void* p = realloc(header_, GetTotalAllocatedSize()); 384 CHECK(p); 385 header_ = reinterpret_cast<Header*>(p); 386 } 387 388 void* Pickle::ClaimBytes(size_t num_bytes) { 389 void* p = ClaimUninitializedBytesInternal(num_bytes); 390 CHECK(p); 391 memset(p, 0, num_bytes); 392 return p; 393 } 394 395 size_t Pickle::GetTotalAllocatedSize() const { 396 if (capacity_after_header_ == kCapacityReadOnly) 397 return 0; 398 return header_size_ + capacity_after_header_; 399 } 400 401 // static 402 const char* Pickle::FindNext(size_t header_size, 403 const char* start, 404 const char* end) { 405 size_t pickle_size = 0; 406 if (!PeekNext(header_size, start, end, &pickle_size)) 407 return NULL; 408 409 if (pickle_size > static_cast<size_t>(end - start)) 410 return NULL; 411 412 return start + pickle_size; 413 } 414 415 // static 416 bool Pickle::PeekNext(size_t header_size, 417 const char* start, 418 const char* end, 419 size_t* pickle_size) { 420 DCHECK_EQ(header_size, bits::Align(header_size, sizeof(uint32_t))); 421 DCHECK_GE(header_size, sizeof(Header)); 422 DCHECK_LE(header_size, static_cast<size_t>(kPayloadUnit)); 423 424 size_t length = static_cast<size_t>(end - start); 425 if (length < sizeof(Header)) 426 return false; 427 428 const Header* hdr = reinterpret_cast<const Header*>(start); 429 if (length < header_size) 430 return false; 431 432 if (hdr->payload_size > std::numeric_limits<size_t>::max() - header_size) { 433 // If payload_size causes an overflow, we return maximum possible 434 // pickle size to indicate that. 435 *pickle_size = std::numeric_limits<size_t>::max(); 436 } else { 437 *pickle_size = header_size + hdr->payload_size; 438 } 439 return true; 440 } 441 442 template <size_t length> void Pickle::WriteBytesStatic(const void* data) { 443 WriteBytesCommon(data, length); 444 } 445 446 template void Pickle::WriteBytesStatic<2>(const void* data); 447 template void Pickle::WriteBytesStatic<4>(const void* data); 448 template void Pickle::WriteBytesStatic<8>(const void* data); 449 450 inline void* Pickle::ClaimUninitializedBytesInternal(size_t length) { 451 DCHECK_NE(kCapacityReadOnly, capacity_after_header_) 452 << "oops: pickle is readonly"; 453 size_t data_len = bits::Align(length, sizeof(uint32_t)); 454 DCHECK_GE(data_len, length); 455 #ifdef ARCH_CPU_64_BITS 456 DCHECK_LE(data_len, std::numeric_limits<uint32_t>::max()); 457 #endif 458 DCHECK_LE(write_offset_, std::numeric_limits<uint32_t>::max() - data_len); 459 size_t new_size = write_offset_ + data_len; 460 if (new_size > capacity_after_header_) { 461 size_t new_capacity = capacity_after_header_ * 2; 462 const size_t kPickleHeapAlign = 4096; 463 if (new_capacity > kPickleHeapAlign) 464 new_capacity = bits::Align(new_capacity, kPickleHeapAlign) - kPayloadUnit; 465 Resize(std::max(new_capacity, new_size)); 466 } 467 468 char* write = mutable_payload() + write_offset_; 469 memset(write + length, 0, data_len - length); // Always initialize padding 470 header_->payload_size = static_cast<uint32_t>(new_size); 471 write_offset_ = new_size; 472 return write; 473 } 474 475 inline void Pickle::WriteBytesCommon(const void* data, size_t length) { 476 DCHECK_NE(kCapacityReadOnly, capacity_after_header_) 477 << "oops: pickle is readonly"; 478 MSAN_CHECK_MEM_IS_INITIALIZED(data, length); 479 void* write = ClaimUninitializedBytesInternal(length); 480 memcpy(write, data, length); 481 } 482 483 } // namespace base 484