1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "base/pickle.h"
6
7 #include <stdlib.h>
8
9 #include <algorithm> // for max()
10 #include <limits>
11
12 #include "base/bits.h"
13 #include "base/macros.h"
14 #include "base/numerics/safe_conversions.h"
15 #include "build/build_config.h"
16
17 namespace base {
18
19 // static
20 const int Pickle::kPayloadUnit = 64;
21
22 static const size_t kCapacityReadOnly = static_cast<size_t>(-1);
23
PickleIterator(const Pickle & pickle)24 PickleIterator::PickleIterator(const Pickle& pickle)
25 : payload_(pickle.payload()),
26 read_index_(0),
27 end_index_(pickle.payload_size()) {
28 }
29
30 template <typename Type>
ReadBuiltinType(Type * result)31 inline bool PickleIterator::ReadBuiltinType(Type* result) {
32 const char* read_from = GetReadPointerAndAdvance<Type>();
33 if (!read_from)
34 return false;
35 if (sizeof(Type) > sizeof(uint32_t))
36 memcpy(result, read_from, sizeof(*result));
37 else
38 *result = *reinterpret_cast<const Type*>(read_from);
39 return true;
40 }
41
Advance(size_t size)42 inline void PickleIterator::Advance(size_t size) {
43 size_t aligned_size = bits::Align(size, sizeof(uint32_t));
44 if (end_index_ - read_index_ < aligned_size) {
45 read_index_ = end_index_;
46 } else {
47 read_index_ += aligned_size;
48 }
49 }
50
51 template<typename Type>
GetReadPointerAndAdvance()52 inline const char* PickleIterator::GetReadPointerAndAdvance() {
53 if (sizeof(Type) > end_index_ - read_index_) {
54 read_index_ = end_index_;
55 return NULL;
56 }
57 const char* current_read_ptr = payload_ + read_index_;
58 Advance(sizeof(Type));
59 return current_read_ptr;
60 }
61
GetReadPointerAndAdvance(int num_bytes)62 const char* PickleIterator::GetReadPointerAndAdvance(int num_bytes) {
63 if (num_bytes < 0 ||
64 end_index_ - read_index_ < static_cast<size_t>(num_bytes)) {
65 read_index_ = end_index_;
66 return NULL;
67 }
68 const char* current_read_ptr = payload_ + read_index_;
69 Advance(num_bytes);
70 return current_read_ptr;
71 }
72
GetReadPointerAndAdvance(int num_elements,size_t size_element)73 inline const char* PickleIterator::GetReadPointerAndAdvance(
74 int num_elements,
75 size_t size_element) {
76 // Check for int32_t overflow.
77 int64_t num_bytes = static_cast<int64_t>(num_elements) * size_element;
78 int num_bytes32 = static_cast<int>(num_bytes);
79 if (num_bytes != static_cast<int64_t>(num_bytes32))
80 return NULL;
81 return GetReadPointerAndAdvance(num_bytes32);
82 }
83
ReadBool(bool * result)84 bool PickleIterator::ReadBool(bool* result) {
85 return ReadBuiltinType(result);
86 }
87
ReadInt(int * result)88 bool PickleIterator::ReadInt(int* result) {
89 return ReadBuiltinType(result);
90 }
91
ReadLong(long * result)92 bool PickleIterator::ReadLong(long* result) {
93 // Always read long as a 64-bit value to ensure compatibility between 32-bit
94 // and 64-bit processes.
95 int64_t result_int64 = 0;
96 if (!ReadBuiltinType(&result_int64))
97 return false;
98 // CHECK if the cast truncates the value so that we know to change this IPC
99 // parameter to use int64_t.
100 *result = base::checked_cast<long>(result_int64);
101 return true;
102 }
103
ReadUInt16(uint16_t * result)104 bool PickleIterator::ReadUInt16(uint16_t* result) {
105 return ReadBuiltinType(result);
106 }
107
ReadUInt32(uint32_t * result)108 bool PickleIterator::ReadUInt32(uint32_t* result) {
109 return ReadBuiltinType(result);
110 }
111
ReadInt64(int64_t * result)112 bool PickleIterator::ReadInt64(int64_t* result) {
113 return ReadBuiltinType(result);
114 }
115
ReadUInt64(uint64_t * result)116 bool PickleIterator::ReadUInt64(uint64_t* result) {
117 return ReadBuiltinType(result);
118 }
119
ReadFloat(float * result)120 bool PickleIterator::ReadFloat(float* result) {
121 // crbug.com/315213
122 // The source data may not be properly aligned, and unaligned float reads
123 // cause SIGBUS on some ARM platforms, so force using memcpy to copy the data
124 // into the result.
125 const char* read_from = GetReadPointerAndAdvance<float>();
126 if (!read_from)
127 return false;
128 memcpy(result, read_from, sizeof(*result));
129 return true;
130 }
131
ReadDouble(double * result)132 bool PickleIterator::ReadDouble(double* result) {
133 // crbug.com/315213
134 // The source data may not be properly aligned, and unaligned double reads
135 // cause SIGBUS on some ARM platforms, so force using memcpy to copy the data
136 // into the result.
137 const char* read_from = GetReadPointerAndAdvance<double>();
138 if (!read_from)
139 return false;
140 memcpy(result, read_from, sizeof(*result));
141 return true;
142 }
143
ReadString(std::string * result)144 bool PickleIterator::ReadString(std::string* result) {
145 int len;
146 if (!ReadInt(&len))
147 return false;
148 const char* read_from = GetReadPointerAndAdvance(len);
149 if (!read_from)
150 return false;
151
152 result->assign(read_from, len);
153 return true;
154 }
155
ReadStringPiece(StringPiece * result)156 bool PickleIterator::ReadStringPiece(StringPiece* result) {
157 int len;
158 if (!ReadInt(&len))
159 return false;
160 const char* read_from = GetReadPointerAndAdvance(len);
161 if (!read_from)
162 return false;
163
164 *result = StringPiece(read_from, len);
165 return true;
166 }
167
ReadString16(string16 * result)168 bool PickleIterator::ReadString16(string16* result) {
169 int len;
170 if (!ReadInt(&len))
171 return false;
172 const char* read_from = GetReadPointerAndAdvance(len, sizeof(char16));
173 if (!read_from)
174 return false;
175
176 result->assign(reinterpret_cast<const char16*>(read_from), len);
177 return true;
178 }
179
ReadStringPiece16(StringPiece16 * result)180 bool PickleIterator::ReadStringPiece16(StringPiece16* result) {
181 int len;
182 if (!ReadInt(&len))
183 return false;
184 const char* read_from = GetReadPointerAndAdvance(len, sizeof(char16));
185 if (!read_from)
186 return false;
187
188 *result = StringPiece16(reinterpret_cast<const char16*>(read_from), len);
189 return true;
190 }
191
ReadData(const char ** data,int * length)192 bool PickleIterator::ReadData(const char** data, int* length) {
193 *length = 0;
194 *data = 0;
195
196 if (!ReadInt(length))
197 return false;
198
199 return ReadBytes(data, *length);
200 }
201
ReadBytes(const char ** data,int length)202 bool PickleIterator::ReadBytes(const char** data, int length) {
203 const char* read_from = GetReadPointerAndAdvance(length);
204 if (!read_from)
205 return false;
206 *data = read_from;
207 return true;
208 }
209
PickleSizer()210 PickleSizer::PickleSizer() {}
211
~PickleSizer()212 PickleSizer::~PickleSizer() {}
213
AddString(const StringPiece & value)214 void PickleSizer::AddString(const StringPiece& value) {
215 AddInt();
216 AddBytes(static_cast<int>(value.size()));
217 }
218
AddString16(const StringPiece16 & value)219 void PickleSizer::AddString16(const StringPiece16& value) {
220 AddInt();
221 AddBytes(static_cast<int>(value.size() * sizeof(char16)));
222 }
223
AddData(int length)224 void PickleSizer::AddData(int length) {
225 CHECK_GE(length, 0);
226 AddInt();
227 AddBytes(length);
228 }
229
AddBytes(int length)230 void PickleSizer::AddBytes(int length) {
231 payload_size_ += bits::Align(length, sizeof(uint32_t));
232 }
233
AddAttachment()234 void PickleSizer::AddAttachment() {
235 // From IPC::Message::WriteAttachment
236 AddBool();
237 AddInt();
238 }
239
AddBytesStatic()240 template <size_t length> void PickleSizer::AddBytesStatic() {
241 DCHECK_LE(length, static_cast<size_t>(std::numeric_limits<int>::max()));
242 AddBytes(length);
243 }
244
245 template void PickleSizer::AddBytesStatic<2>();
246 template void PickleSizer::AddBytesStatic<4>();
247 template void PickleSizer::AddBytesStatic<8>();
248
Attachment()249 Pickle::Attachment::Attachment() {}
250
~Attachment()251 Pickle::Attachment::~Attachment() {}
252
253 // Payload is uint32_t aligned.
254
Pickle()255 Pickle::Pickle()
256 : header_(NULL),
257 header_size_(sizeof(Header)),
258 capacity_after_header_(0),
259 write_offset_(0) {
260 static_assert((Pickle::kPayloadUnit & (Pickle::kPayloadUnit - 1)) == 0,
261 "Pickle::kPayloadUnit must be a power of two");
262 Resize(kPayloadUnit);
263 header_->payload_size = 0;
264 }
265
Pickle(int header_size)266 Pickle::Pickle(int header_size)
267 : header_(NULL),
268 header_size_(bits::Align(header_size, sizeof(uint32_t))),
269 capacity_after_header_(0),
270 write_offset_(0) {
271 DCHECK_GE(static_cast<size_t>(header_size), sizeof(Header));
272 DCHECK_LE(header_size, kPayloadUnit);
273 Resize(kPayloadUnit);
274 header_->payload_size = 0;
275 }
276
Pickle(const char * data,int data_len)277 Pickle::Pickle(const char* data, int data_len)
278 : header_(reinterpret_cast<Header*>(const_cast<char*>(data))),
279 header_size_(0),
280 capacity_after_header_(kCapacityReadOnly),
281 write_offset_(0) {
282 if (data_len >= static_cast<int>(sizeof(Header)))
283 header_size_ = data_len - header_->payload_size;
284
285 if (header_size_ > static_cast<unsigned int>(data_len))
286 header_size_ = 0;
287
288 if (header_size_ != bits::Align(header_size_, sizeof(uint32_t)))
289 header_size_ = 0;
290
291 // If there is anything wrong with the data, we're not going to use it.
292 if (!header_size_)
293 header_ = NULL;
294 }
295
Pickle(const Pickle & other)296 Pickle::Pickle(const Pickle& other)
297 : header_(NULL),
298 header_size_(other.header_size_),
299 capacity_after_header_(0),
300 write_offset_(other.write_offset_) {
301 Resize(other.header_->payload_size);
302 memcpy(header_, other.header_, header_size_ + other.header_->payload_size);
303 }
304
~Pickle()305 Pickle::~Pickle() {
306 if (capacity_after_header_ != kCapacityReadOnly)
307 free(header_);
308 }
309
operator =(const Pickle & other)310 Pickle& Pickle::operator=(const Pickle& other) {
311 if (this == &other) {
312 NOTREACHED();
313 return *this;
314 }
315 if (capacity_after_header_ == kCapacityReadOnly) {
316 header_ = NULL;
317 capacity_after_header_ = 0;
318 }
319 if (header_size_ != other.header_size_) {
320 free(header_);
321 header_ = NULL;
322 header_size_ = other.header_size_;
323 }
324 Resize(other.header_->payload_size);
325 memcpy(header_, other.header_,
326 other.header_size_ + other.header_->payload_size);
327 write_offset_ = other.write_offset_;
328 return *this;
329 }
330
WriteString(const StringPiece & value)331 bool Pickle::WriteString(const StringPiece& value) {
332 if (!WriteInt(static_cast<int>(value.size())))
333 return false;
334
335 return WriteBytes(value.data(), static_cast<int>(value.size()));
336 }
337
WriteString16(const StringPiece16 & value)338 bool Pickle::WriteString16(const StringPiece16& value) {
339 if (!WriteInt(static_cast<int>(value.size())))
340 return false;
341
342 return WriteBytes(value.data(),
343 static_cast<int>(value.size()) * sizeof(char16));
344 }
345
WriteData(const char * data,int length)346 bool Pickle::WriteData(const char* data, int length) {
347 return length >= 0 && WriteInt(length) && WriteBytes(data, length);
348 }
349
WriteBytes(const void * data,int length)350 bool Pickle::WriteBytes(const void* data, int length) {
351 WriteBytesCommon(data, length);
352 return true;
353 }
354
Reserve(size_t length)355 void Pickle::Reserve(size_t length) {
356 size_t data_len = bits::Align(length, sizeof(uint32_t));
357 DCHECK_GE(data_len, length);
358 #ifdef ARCH_CPU_64_BITS
359 DCHECK_LE(data_len, std::numeric_limits<uint32_t>::max());
360 #endif
361 DCHECK_LE(write_offset_, std::numeric_limits<uint32_t>::max() - data_len);
362 size_t new_size = write_offset_ + data_len;
363 if (new_size > capacity_after_header_)
364 Resize(capacity_after_header_ * 2 + new_size);
365 }
366
WriteAttachment(scoped_refptr<Attachment>)367 bool Pickle::WriteAttachment(scoped_refptr<Attachment> /*attachment*/) {
368 return false;
369 }
370
ReadAttachment(base::PickleIterator *,scoped_refptr<Attachment> *) const371 bool Pickle::ReadAttachment(base::PickleIterator* /*iter*/,
372 scoped_refptr<Attachment>* /*attachment*/) const {
373 return false;
374 }
375
HasAttachments() const376 bool Pickle::HasAttachments() const {
377 return false;
378 }
379
Resize(size_t new_capacity)380 void Pickle::Resize(size_t new_capacity) {
381 CHECK_NE(capacity_after_header_, kCapacityReadOnly);
382 capacity_after_header_ = bits::Align(new_capacity, kPayloadUnit);
383 void* p = realloc(header_, GetTotalAllocatedSize());
384 CHECK(p);
385 header_ = reinterpret_cast<Header*>(p);
386 }
387
ClaimBytes(size_t num_bytes)388 void* Pickle::ClaimBytes(size_t num_bytes) {
389 void* p = ClaimUninitializedBytesInternal(num_bytes);
390 CHECK(p);
391 memset(p, 0, num_bytes);
392 return p;
393 }
394
GetTotalAllocatedSize() const395 size_t Pickle::GetTotalAllocatedSize() const {
396 if (capacity_after_header_ == kCapacityReadOnly)
397 return 0;
398 return header_size_ + capacity_after_header_;
399 }
400
401 // static
FindNext(size_t header_size,const char * start,const char * end)402 const char* Pickle::FindNext(size_t header_size,
403 const char* start,
404 const char* end) {
405 size_t pickle_size = 0;
406 if (!PeekNext(header_size, start, end, &pickle_size))
407 return NULL;
408
409 if (pickle_size > static_cast<size_t>(end - start))
410 return NULL;
411
412 return start + pickle_size;
413 }
414
415 // static
PeekNext(size_t header_size,const char * start,const char * end,size_t * pickle_size)416 bool Pickle::PeekNext(size_t header_size,
417 const char* start,
418 const char* end,
419 size_t* pickle_size) {
420 DCHECK_EQ(header_size, bits::Align(header_size, sizeof(uint32_t)));
421 DCHECK_GE(header_size, sizeof(Header));
422 DCHECK_LE(header_size, static_cast<size_t>(kPayloadUnit));
423
424 size_t length = static_cast<size_t>(end - start);
425 if (length < sizeof(Header))
426 return false;
427
428 const Header* hdr = reinterpret_cast<const Header*>(start);
429 if (length < header_size)
430 return false;
431
432 if (hdr->payload_size > std::numeric_limits<size_t>::max() - header_size) {
433 // If payload_size causes an overflow, we return maximum possible
434 // pickle size to indicate that.
435 *pickle_size = std::numeric_limits<size_t>::max();
436 } else {
437 *pickle_size = header_size + hdr->payload_size;
438 }
439 return true;
440 }
441
WriteBytesStatic(const void * data)442 template <size_t length> void Pickle::WriteBytesStatic(const void* data) {
443 WriteBytesCommon(data, length);
444 }
445
446 template void Pickle::WriteBytesStatic<2>(const void* data);
447 template void Pickle::WriteBytesStatic<4>(const void* data);
448 template void Pickle::WriteBytesStatic<8>(const void* data);
449
ClaimUninitializedBytesInternal(size_t length)450 inline void* Pickle::ClaimUninitializedBytesInternal(size_t length) {
451 DCHECK_NE(kCapacityReadOnly, capacity_after_header_)
452 << "oops: pickle is readonly";
453 size_t data_len = bits::Align(length, sizeof(uint32_t));
454 DCHECK_GE(data_len, length);
455 #ifdef ARCH_CPU_64_BITS
456 DCHECK_LE(data_len, std::numeric_limits<uint32_t>::max());
457 #endif
458 DCHECK_LE(write_offset_, std::numeric_limits<uint32_t>::max() - data_len);
459 size_t new_size = write_offset_ + data_len;
460 if (new_size > capacity_after_header_) {
461 size_t new_capacity = capacity_after_header_ * 2;
462 const size_t kPickleHeapAlign = 4096;
463 if (new_capacity > kPickleHeapAlign)
464 new_capacity = bits::Align(new_capacity, kPickleHeapAlign) - kPayloadUnit;
465 Resize(std::max(new_capacity, new_size));
466 }
467
468 char* write = mutable_payload() + write_offset_;
469 memset(write + length, 0, data_len - length); // Always initialize padding
470 header_->payload_size = static_cast<uint32_t>(new_size);
471 write_offset_ = new_size;
472 return write;
473 }
474
WriteBytesCommon(const void * data,size_t length)475 inline void Pickle::WriteBytesCommon(const void* data, size_t length) {
476 DCHECK_NE(kCapacityReadOnly, capacity_after_header_)
477 << "oops: pickle is readonly";
478 MSAN_CHECK_MEM_IS_INITIALIZED(data, length);
479 void* write = ClaimUninitializedBytesInternal(length);
480 memcpy(write, data, length);
481 }
482
483 } // namespace base
484