Revert of Revert of IPC::ChannelMojo: Make IPC handling robust against bad...

Revert of Revert of IPC::ChannelMojo: Make IPC handling robust against bad messages. (patchset #1 id:1 of https://codereview.chromium.org/883373002/) Reason for revert: Wrong revert, ipc fuzzer broke because of something else. Original issue's description: > Revert of IPC::ChannelMojo: Make IPC handling robust against bad messages. (patchset #3 id:40001 of https://codereview.chromium.org/725733002/) > > Reason for revert: > Broke ipc fuzzer > > Original issue's description: > > IPC::ChannelMojo: Make IPC handling robust against bad messages. > > > > This change replaces some DCHECK()s with real error handling. > > They happen when it receives broken messages. > > > > BUG=428800 > > R=viettrungluu@chromium.org > > > > Committed: https://crrev.com/185ffdf58f85e47db9666d2ad9b80ff9bd7fa54b > > Cr-Commit-Position: refs/heads/master@{#304102} > > TBR=viettrungluu@chromium.org,morrita@chromium.org > NOPRESUBMIT=true > NOTREECHECKS=true > NOTRY=true > BUG=428800 > > Committed: https://crrev.com/726621f93d2802dfc2c90732c7133145c9854e38 > Cr-Commit-Position: refs/heads/master@{#313778} TBR=viettrungluu@chromium.org,morrita@chromium.org,tsepez@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=428800 Review URL: https://codereview.chromium.org/892503002 Cr-Commit-Position: refs/heads/master@{#313780}

Revert of Revert of IPC::ChannelMojo: Make IPC handling robust against bad...
Revert of Revert of IPC::ChannelMojo: Make IPC handling robust against bad messages. (patchset #1 id:1 of https://codereview.chromium.org/883373002/) Reason for revert: Wrong revert, ipc fuzzer broke because of something else. Original issue's description: > Revert of IPC::ChannelMojo: Make IPC handling robust against bad messages. (patchset #3 id:40001 of https://codereview.chromium.org/725733002/) > > Reason for revert: > Broke ipc fuzzer > > Original issue's description: > > IPC::ChannelMojo: Make IPC handling robust against bad messages. > > > > This change replaces some DCHECK()s with real error handling. > > They happen when it receives broken messages. > > > > BUG=428800 > > R=viettrungluu@chromium.org > > > > Committed: https://crrev.com/185ffdf58f85e47db9666d2ad9b80ff9bd7fa54b > > Cr-Commit-Position: refs/heads/master@{#304102} > > TBR=viettrungluu@chromium.org,morrita@chromium.org > NOPRESUBMIT=true > NOTREECHECKS=true > NOTRY=true > BUG=428800 > > Committed: https://crrev.com/726621f93d2802dfc2c90732c7133145c9854e38 > Cr-Commit-Position: refs/heads/master@{#313778} TBR=viettrungluu@chromium.org,morrita@chromium.org,tsepez@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=428800 Review URL: https://codereview.chromium.org/892503002 Cr-Commit-Position: refs/heads/master@{#313780}
1f289ac9 · inferno · Commit bot · a5cc14a2 · 1f289ac9 · 1f289ac9
Commit 1f289ac9 authored Jan 29, 2015 by inferno Committed by Commit bot Jan 29, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 16 additions and 2 deletions

ipc/mojo/ipc_mojo_bootstrap.cc ipc/mojo/ipc_mojo_bootstrap.cc +13 -2

ipc/mojo/ipc_mojo_bootstrap.h ipc/mojo/ipc_mojo_bootstrap.h +3 -0

No files found.
--- a/ipc/mojo/ipc_mojo_bootstrap.cc
+++ b/ipc/mojo/ipc_mojo_bootstrap.cc
@@ -100,9 +100,14 @@ void MojoServerBootstrap::OnChannelConnected(int32 peer_pid) {
 }
 bool MojoServerBootstrap::OnMessageReceived(const Message&) {
-  DCHECK_EQ(state(), STATE_WAITING_ACK);
+  if (state() != STATE_WAITING_ACK) {
-  set_state(STATE_READY);
+    set_state(STATE_ERROR);
+    LOG(ERROR) << "Got inconsistent message from client.";
+    return false;
+  }
+  set_state(STATE_READY);
+  CHECK(server_pipe_.is_valid());
  delegate()->OnPipeAvailable(
      mojo::embedder::ScopedPlatformHandle(server_pipe_.release()));
@@ -129,6 +134,12 @@ MojoClientBootstrap::MojoClientBootstrap() {
 }
 bool MojoClientBootstrap::OnMessageReceived(const Message& message) {
+  if (state() != STATE_INITIALIZED) {
+    set_state(STATE_ERROR);
+    LOG(ERROR) << "Got inconsistent message from server.";
+    return false;
+  }
  PlatformFileForTransit pipe;
  PickleIterator iter(message);
  if (!ParamTraits<PlatformFileForTransit>::Read(&message, &iter, &pipe)) {

--- a/ipc/mojo/ipc_mojo_bootstrap.h
+++ b/ipc/mojo/ipc_mojo_bootstrap.h
@@ -55,6 +55,9 @@ class IPC_MOJO_EXPORT MojoBootstrap : public Listener {
 #endif  // defined(OS_POSIX) && !defined(OS_NACL)
 protected:
+  // On MojoServerBootstrap: INITIALIZED -> WAITING_ACK -> READY
+  // On MojoClientBootstrap: INITIALIZED -> READY
+  // STATE_ERROR is a catch-all state that captures any observed error.
  enum State { STATE_INITIALIZED, STATE_WAITING_ACK, STATE_READY, STATE_ERROR };
  Delegate* delegate() const { return delegate_; }