From 0d4eb8a5f8d99d365459af21442cbc7b8648cf66 Mon Sep 17 00:00:00 2001 From: Ken Rockot Date: Thu, 14 Sep 2017 02:18:40 +0000 Subject: [PATCH] Mojo: Force crash when sending oversized messages This causes a CHECK failure when any process attempts to send a message which exceeds the maxmimum allowed message size. We used to only validate message size on receipt and shoot the sending Channel if receiving an oversized message. We still do, but we used to, too. This change should make it much easier to identify offending code responsible for sending oversized messages in any process type. BUG=758902 Change-Id: I1a175f25d3e2f0be4ef9a8dc2af1b46ba282fa0c Reviewed-on: https://chromium-review.googlesource.com/666082 Reviewed-by: Daniel Cheng Commit-Queue: Ken Rockot Cr-Commit-Position: refs/heads/master@{#501844} --- mojo/edk/system/node_channel.cc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/mojo/edk/system/node_channel.cc b/mojo/edk/system/node_channel.cc index 7508d3a5479896..963fa33812481f 100644 --- a/mojo/edk/system/node_channel.cc +++ b/mojo/edk/system/node_channel.cc @@ -13,6 +13,7 @@ #include "base/logging.h" #include "base/memory/ptr_util.h" #include "mojo/edk/system/channel.h" +#include "mojo/edk/system/configuration.h" #include "mojo/edk/system/request_context.h" #if defined(OS_MACOSX) && !defined(OS_IOS) @@ -907,6 +908,12 @@ void NodeChannel::WriteChannelMessage(Channel::MessagePtr message) { } #endif + // Force a crash if this process attempts to send a message larger than the + // maximum allowed size. This is more useful than killing a Channel when we + // *receive* an oversized message, as we should consider oversized message + // transmission to be a bug and this helps easily identify offending code. + CHECK(message->data_num_bytes() < GetConfiguration().max_message_num_bytes); + base::AutoLock lock(channel_lock_); if (!channel_) DLOG(ERROR) << "Dropping message on closed channel.";