Pepper: Fix crash on allocation failure.

GetPNaClResourceInfo() currently performs a 1 megabyte allocation. Though any memory allocation can fail, this one is more likely due to its size. This change mitigates this problem in two ways. If memory allocation fails, we report an error and return early instead of using memory. Additionally, this change checks the size of the file before performing a memory allocation. This should lead to smaller allocations and more successful plugin loads. BUG=370965 Review URL: https://codereview.chromium.org/274673002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@269791 0039d316-1c4b-4281-b951-d872f2087c98

Pepper: Fix crash on allocation failure.
GetPNaClResourceInfo() currently performs a 1 megabyte allocation. Though any memory allocation can fail, this one is more likely due to its size. This change mitigates this problem in two ways. If memory allocation fails, we report an error and return early instead of using memory. Additionally, this change checks the size of the file before performing a memory allocation. This should lead to smaller allocations and more successful plugin loads. BUG=370965 Review URL: https://codereview.chromium.org/274673002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@269791 0039d316-1c4b-4281-b951-d872f2087c98
0c4e4903 · teravest@chromium.org · 0cb28a73 · 0c4e4903
Commit 0c4e4903 authored May 12, 2014 by teravest@chromium.org
Hide whitespace changes
Inline Side-by-side

Showing with 26 additions and 4 deletions

components/nacl/renderer/ppb_nacl_private_impl.cc components/nacl/renderer/ppb_nacl_private_impl.cc +26 -4

No files found.
--- a/components/nacl/renderer/ppb_nacl_private_impl.cc
+++ b/components/nacl/renderer/ppb_nacl_private_impl.cc
@@ -1114,16 +1114,38 @@ PP_Bool GetPNaClResourceInfo(PP_Instance instance,
    return PP_FALSE;
  }
-  const int kBufferSize = 1 << 20;
+  base::PlatformFileInfo file_info;
-  scoped_ptr<char[]> buffer(new char[kBufferSize]);
+  if (!GetPlatformFileInfo(file, &file_info)) {
-  if (base::ReadPlatformFile(file, 0, buffer.get(), kBufferSize) < 0) {
    load_manager->ReportLoadError(
        PP_NACL_ERROR_PNACL_RESOURCE_FETCH,
-        std::string("PnaclResources::ReadResourceInfo reading failed for: ") +
+        std::string("GetPNaClResourceInfo, GetFileInfo failed for: ") +
            filename);
    return PP_FALSE;
  }
+  if (file_info.size > 1 << 20) {
+    load_manager->ReportLoadError(
+        PP_NACL_ERROR_PNACL_RESOURCE_FETCH,
+        std::string("GetPNaClResourceInfo, file too large: ") + filename);
+    return PP_FALSE;
+  }
+  scoped_ptr<char[]> buffer(new char[file_info.size]);
+  if (buffer.get() == NULL) {
+    load_manager->ReportLoadError(
+        PP_NACL_ERROR_PNACL_RESOURCE_FETCH,
+        std::string("GetPNaClResourceInfo, couldn't allocate for: ") +
+            filename);
+    return PP_FALSE;
+  }
+  if (base::ReadPlatformFile(file, 0, buffer.get(), file_info.size) < 0) {
+    load_manager->ReportLoadError(
+        PP_NACL_ERROR_PNACL_RESOURCE_FETCH,
+        std::string("GetPNaClResourceInfo, reading failed for: ") + filename);
+    return PP_FALSE;
+  }
  // Expect the JSON file to contain a top-level object (dictionary).
  Json::Reader json_reader;
  Json::Value json_data;