New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 784888 link

Starred by 2 users
Status: Fixed
Owner:
jonr...@chromium.org
Closed: Jan 2018
Cc:
danakj@chromium.org
fsam...@chromium.org
rjkroege@chromium.org
sadrul@chromium.org
piman@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

SurfaceId Verification for Chrome IPC

Project Member Reported by jonr...@chromium.org, Nov 14 2017 
Currently Mojo IPCs enforce that information sent is valid. This is done during the serialization steps by calling is_valid() on some classes. 

This currently guarantees that only valid SurfaceIds are being sent.

This is not directly enforced for classic Chrome IPCs.

We should go and find where classic Chrome IPCs are sending SurfaceIds, LocalSurfaceIds, and FrameSinkIds. And ensure that they are only sending when valid.

Comment 1 by fsam...@chromium.org, Nov 14 2017

Cc: danakj@chromium.org rjkroege@chromium.org sadrul@chromium.org piman@chromium.org

Comment 2 by piman@chromium.org, Nov 14 2017 

We should be able to add a DCHECK in the ParamTraits.

Comment 3 by jonr...@chromium.org, Dec 21 2017

Status: Started (was: Assigned)
Project Member

Comment 4 by bugdroid1@chromium.org, Jan 11 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/288809e277eb622527ea5f3798122d8e55bbda98

commit 288809e277eb622527ea5f3798122d8e55bbda98
Author: Jonathan <jonross@chromium.org>
Date: Thu Jan 11 18:59:35 2018

Validate SurfaceId for classic IPC

We want to always use valid SurfaceIds. The Mojo IPCs were already enforcing
this, but classic IPC wasn't. I've added the validation in the ParamTraits
for reads. I've also put DCHECKs are writes so we can catch errors earlier.

TSET=CCParamTraitsTest.SurfaceId

Bug:  784888 
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.android:android_optional_gpu_tests_rel
Change-Id: I6ea596092e916d36cf49e4e40bf026f9cf11afa8
Reviewed-on: https://chromium-review.googlesource.com/839782
Commit-Queue: Jonathan Ross <jonross@chromium.org>
Reviewed-by: kylechar <kylechar@chromium.org>
Reviewed-by: Ken Buchanan <kenrb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#528693}
[modify] https://crrev.com/288809e277eb622527ea5f3798122d8e55bbda98/cc/ipc/cc_param_traits.cc
[modify] https://crrev.com/288809e277eb622527ea5f3798122d8e55bbda98/services/viz/public/cpp/compositing/frame_sink_id_struct_traits.h
[modify] https://crrev.com/288809e277eb622527ea5f3798122d8e55bbda98/services/viz/public/cpp/compositing/local_surface_id_struct_traits.h
[modify] https://crrev.com/288809e277eb622527ea5f3798122d8e55bbda98/testing/buildbot/filters/mash.browser_tests.filter
[modify] https://crrev.com/288809e277eb622527ea5f3798122d8e55bbda98/testing/buildbot/filters/mojo.fyi.mash.browser_tests.filter

Comment 5 by jonr...@chromium.org, Jan 11 2018

Status: Fixed (was: Started)

Sign in to add a comment