InitFromPickle should return false on any deserialization

error. Require socket_address when deserializing version 2 or later. R=rsleevi@chromium.org,rvargas@chromium.org BUG=none TEST=none Review URL: http://codereview.chromium.org/6880130 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@82700 0039d316-1c4b-4281-b951-d872f2087c98
marcosholgado · Apr 22, 2011 · 681a0d5 · 681a0d5
1 parent 5fd6433
commit 681a0d5
Showing 1 changed file with 9 additions and 4 deletions.
diff --git a/net/http/http_response_info.cc b/net/http/http_response_info.cc
@@ -133,14 +133,17 @@ bool HttpResponseInfo::InitFromPickle(const Pickle& pickle,
 
   // read response-headers
   headers = new HttpResponseHeaders(pickle, &iter);
-  DCHECK_NE(headers->response_code(), -1);
+  if (headers->response_code() == -1)
+    return false;
 
   // read ssl-info
   if (flags & RESPONSE_INFO_HAS_CERT) {
     X509Certificate::PickleType type = (version == 1) ?
         X509Certificate::PICKLETYPE_SINGLE_CERTIFICATE :
         X509Certificate::PICKLETYPE_CERTIFICATE_CHAIN;
     ssl_info.cert = X509Certificate::CreateFromPickle(pickle, &iter, type);
+    if (!ssl_info.cert)
+      return false;
   }
   if (flags & RESPONSE_INFO_HAS_CERT_STATUS) {
     int cert_status;
@@ -161,16 +164,18 @@ bool HttpResponseInfo::InitFromPickle(const Pickle& pickle,
       return false;
   }
 
-  // Read socket_address.  This was not always present in the response info,
-  // so we don't fail if it can't be read.  If additional fields are added in
-  // a future version, then they must only be read if this operation succeeds.
+  // Read socket_address.
   std::string socket_address_host;
   if (pickle.ReadString(&iter, &socket_address_host)) {
     // If the host was written, we always expect the port to follow.
     uint16 socket_address_port;
     if (!pickle.ReadUInt16(&iter, &socket_address_port))
       return false;
     socket_address = HostPortPair(socket_address_host, socket_address_port);
+  } else if (version > 1) {
+    // socket_address was not always present in version 1 of the response
+    // info, so we don't fail if it can't be read.
+    return false;
   }
 
   was_fetched_via_spdy = (flags & RESPONSE_INFO_WAS_SPDY) != 0;