// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include <stdint.h> #include <stdio.h> #include <limits> #include <memory> #include <sstream> #include <string> #include "base/memory/raw_ptr.h" #include "base/run_loop.h" #include "base/strings/utf_string_conversions.h" #include "base/threading/platform_thread.h" #include "build/build_config.h" #include "ipc/ipc_test_base.h" #include "testing/gtest/include/gtest/gtest.h" // IPC messages for testing ---------------------------------------------------- #define IPC_MESSAGE_IMPL #include "ipc/ipc_message_macros.h" #include "ipc/ipc_message_start.h" #define IPC_MESSAGE_START … // Generic message class that is an int followed by a string16. IPC_MESSAGE_CONTROL2(MsgClassIS, int, std::u16string) // Generic message class that is a string16 followed by an int. IPC_MESSAGE_CONTROL2(MsgClassSI, std::u16string, int) // Message to create a mutex in the IPC server, using the received name. IPC_MESSAGE_CONTROL2(MsgDoMutex, std::u16string, int) // Used to generate an ID for a message that should not exist. IPC_MESSAGE_CONTROL0(MsgUnhandled) // ----------------------------------------------------------------------------- namespace { TEST(IPCMessageIntegrity, ReadBeyondBufferStr) { … } TEST(IPCMessageIntegrity, ReadBeyondBufferStr16) { … } TEST(IPCMessageIntegrity, ReadBytesBadIterator) { … } TEST(IPCMessageIntegrity, ReadVectorNegativeSize) { … } #if BUILDFLAG(IS_ANDROID) #define MAYBE_ReadVectorTooLarge1 … #else #define MAYBE_ReadVectorTooLarge1 … #endif TEST(IPCMessageIntegrity, MAYBE_ReadVectorTooLarge1) { … } TEST(IPCMessageIntegrity, ReadVectorTooLarge2) { … } // This test needs ~20 seconds in Debug mode, or ~4 seconds in Release mode. // See http://crbug.com/741866 for details. TEST(IPCMessageIntegrity, DISABLED_ReadVectorTooLarge3) { … } class SimpleListener : public IPC::Listener { … }; enum { … }; // The fuzzer server class. It runs in a child process and expects // only two IPC calls; after that it exits the message loop which // terminates the child process. class FuzzerServerListener : public SimpleListener { … }; class FuzzerClientListener : public SimpleListener { … }; // Runs the fuzzing server child mode. Returns when the preset number of // messages have been received. DEFINE_IPC_CHANNEL_MOJO_TEST_CLIENT(FuzzServerClient) { … } IPCFuzzingTest; // This test makes sure that the FuzzerClientListener and FuzzerServerListener // are working properly by generating two well formed IPC calls. TEST_F(IPCFuzzingTest, SanityTest) { … } // This test uses a payload that is smaller than expected. This generates an // error while unpacking the IPC buffer. Right after we generate another valid // IPC to make sure framing is working properly. TEST_F(IPCFuzzingTest, MsgBadPayloadShort) { … } // This test uses a payload that has too many arguments, but so the payload size // is big enough so the unpacking routine does not generate an error as in the // case of MsgBadPayloadShort test. This test does not pinpoint a flaw (per se) // as by design we don't carry type information on the IPC message. TEST_F(IPCFuzzingTest, MsgBadPayloadArgs) { … } } // namespace
Codebase Browser
chromium