github/electron
1
1
Fork 0
mirror of https://github.com/electron/electron.git synced 2026-01-09 23:48:01 -05:00
Code Issues Packages Projects Releases Wiki Activity

7142359: use safe span operations in ProcessSingleton patch

Browse Source 
Fix unsafe buffer manipulation warning introduced by upstream spanification.
Use base::span::subspan() instead of iterator arithmetic, and
base::as_byte_span() for safe type conversion instead of reinterpret_cast.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7142359
This commit is contained in:
Samuel Attard
2025-11-24 16:29:56 -08:00
parent 38306e2bfc
commit f55ec8a46a
1 changed files with 14 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
patches/chromium/feat_add_data_parameter_to_processsingleton.patch
View File

@@ -65,7 +65,7 @@ index 2748dd196fe1f56357348a204e24f0b8a28b97dd..5800dd00b47c657d9e6766f3fc5a3065
#if BUILDFLAG(IS_WIN)
bool EscapeVirtualization(const base::FilePath& user_data_dir);
diff --git a/chrome/browser/process_singleton_posix.cc b/chrome/browser/process_singleton_posix.cc
index 12d50032ed589c861f73fa395156e4a6583f852d..af51f7ed68d3cf4ff11c49c4453873389d6c49d9 100644
index 12d50032ed589c861f73fa395156e4a6583f852d..cd747147cba8ff5c0f52fdbd9436c7abae1eb713 100644
--- a/chrome/browser/process_singleton_posix.cc
+++ b/chrome/browser/process_singleton_posix.cc
@@ -619,6 +619,7 @@ class ProcessSingleton::LinuxWatcher
@@ -104,25 +104,28 @@ index 12d50032ed589c861f73fa395156e4a6583f852d..af51f7ed68d3cf4ff11c49c445387338
const size_t kMinMessageLength = kStartToken.length() + 4;
if (bytes_read_ < kMinMessageLength) {
buf_[bytes_read_] = 0;
@@ -745,10 +751,28 @@ void ProcessSingleton::LinuxWatcher::SocketReader::
@@ -745,10 +751,31 @@ void ProcessSingleton::LinuxWatcher::SocketReader::
tokens.erase(tokens.begin());
tokens.erase(tokens.begin());
+ size_t num_args;
+ base::StringToSizeT(tokens[0], &num_args);
+ std::vector<std::string> command_line(tokens.begin() + 1, tokens.begin() + 1 + num_args);
+ base::span<const std::string> tokens_span(tokens);
+ auto command_line_span = tokens_span.subspan(1u, num_args);
+ std::vector<std::string> command_line(command_line_span.begin(),
+ command_line_span.end());
+
+ std::vector<uint8_t> additional_data;
+ if (tokens.size() >= 3 + num_args) {
+ size_t additional_data_size;
+ base::StringToSizeT(tokens[1 + num_args], &additional_data_size);
+ std::string remaining_args = base::JoinString(
+ base::span(tokens.begin() + 2 + num_args, tokens.end()),
+ tokens_span.subspan(2u + num_args),
+ std::string(1, kTokenDelimiter));
+ const uint8_t* additional_data_bits =
+ reinterpret_cast<const uint8_t*>(remaining_args.c_str());
+ additional_data = std::vector<uint8_t>(
+ additional_data_bits, additional_data_bits + additional_data_size);
+ base::span<const uint8_t> additional_data_span = base::as_byte_span(
+ remaining_args).first(additional_data_size);
+ additional_data = std::vector<uint8_t>(additional_data_span.begin(),
+ additional_data_span.end());
+ }
+
// Return to the UI thread to handle opening a new browser tab.
@@ -134,7 +137,7 @@ index 12d50032ed589c861f73fa395156e4a6583f852d..af51f7ed68d3cf4ff11c49c445387338
fd_watch_controller_.reset();
// LinuxWatcher::HandleMessage() is in charge of destroying this SocketReader
@@ -777,8 +801,10 @@ void ProcessSingleton::LinuxWatcher::SocketReader::FinishWithACK(
@@ -777,8 +804,10 @@ void ProcessSingleton::LinuxWatcher::SocketReader::FinishWithACK(
//
ProcessSingleton::ProcessSingleton(
const base::FilePath& user_data_dir,
@@ -145,7 +148,7 @@ index 12d50032ed589c861f73fa395156e4a6583f852d..af51f7ed68d3cf4ff11c49c445387338
current_pid_(base::GetCurrentProcId()) {
socket_path_ = user_data_dir.Append(chrome::kSingletonSocketFilename);
lock_path_ = user_data_dir.Append(chrome::kSingletonLockFilename);
@@ -899,7 +925,8 @@ ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcessWithTimeout(
@@ -899,7 +928,8 @@ ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcessWithTimeout(
sizeof(socket_timeout));
// Found another process, prepare our command line
@@ -155,7 +158,7 @@ index 12d50032ed589c861f73fa395156e4a6583f852d..af51f7ed68d3cf4ff11c49c445387338
std::string to_send(kStartToken);
to_send.push_back(kTokenDelimiter);
@@ -909,11 +936,21 @@ ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcessWithTimeout(
@@ -909,11 +939,21 @@ ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcessWithTimeout(
to_send.append(current_dir.value());
const std::vector<std::string>& argv = cmd_line.argv();