Add a BufferConsumer primitive for wire [de]serialization

BufferConsumer wraps a buffer pointer and size and exposes a limited number of operations to get data while decrementing the remaining available size. This makes it so that code reading or writing into a buffer cannot easily consume more bytes than available. This CL guards against serialization overflows using BufferConsumer, and it implements GetPtrFromBuffer (for deserialization) on top of BufferConsumer. A future patch will make the rest of the deserialization code use BufferConsumer. Bug: dawn:680 Change-Id: Ic2bd6e7039e83ce70307c2ff47aaca9891c16d91 Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/41780 Commit-Queue: Austin Eng <enga@chromium.org> Reviewed-by: Stephen White <senorblanco@chromium.org>
2025-12-16 08:27:05 +00:00 · 2021-02-17 22:14:56 +00:00
parent eb71aaf689
commit 1b31dc0bb2
9 changed files with 236 additions and 84 deletions
--- a/src/include/dawn_wire/Wire.h
+++ b/src/include/dawn_wire/Wire.h
@@ -25,7 +25,7 @@ namespace dawn_wire {

    class DAWN_WIRE_EXPORT CommandSerializer {
      public:
-        virtual ~CommandSerializer() = default;
+        virtual ~CommandSerializer();

        // Get space for serializing commands.
        // GetCmdSpace will never be called with a value larger than
@@ -34,11 +34,12 @@ namespace dawn_wire {
        virtual void* GetCmdSpace(size_t size) = 0;
        virtual bool Flush() = 0;
        virtual size_t GetMaximumAllocationSize() const = 0;
+        virtual void OnSerializeError();
    };

    class DAWN_WIRE_EXPORT CommandHandler {
      public:
-        virtual ~CommandHandler() = default;
+        virtual ~CommandHandler();
        virtual const volatile char* HandleCommands(const volatile char* commands, size_t size) = 0;
    };