1*6777b538SAndroid Build Coastguard Worker // Copyright 2014 The Chromium Authors 2*6777b538SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be 3*6777b538SAndroid Build Coastguard Worker // found in the LICENSE file. 4*6777b538SAndroid Build Coastguard Worker 5*6777b538SAndroid Build Coastguard Worker #ifndef IPC_IPC_SECURITY_TEST_UTIL_H_ 6*6777b538SAndroid Build Coastguard Worker #define IPC_IPC_SECURITY_TEST_UTIL_H_ 7*6777b538SAndroid Build Coastguard Worker 8*6777b538SAndroid Build Coastguard Worker namespace IPC { 9*6777b538SAndroid Build Coastguard Worker 10*6777b538SAndroid Build Coastguard Worker class ChannelProxy; 11*6777b538SAndroid Build Coastguard Worker class Message; 12*6777b538SAndroid Build Coastguard Worker 13*6777b538SAndroid Build Coastguard Worker class IpcSecurityTestUtil { 14*6777b538SAndroid Build Coastguard Worker public: 15*6777b538SAndroid Build Coastguard Worker IpcSecurityTestUtil(const IpcSecurityTestUtil&) = delete; 16*6777b538SAndroid Build Coastguard Worker IpcSecurityTestUtil& operator=(const IpcSecurityTestUtil&) = delete; 17*6777b538SAndroid Build Coastguard Worker 18*6777b538SAndroid Build Coastguard Worker // Enables testing of security exploit scenarios where a compromised child 19*6777b538SAndroid Build Coastguard Worker // process can send a malicious message of an arbitrary type. 20*6777b538SAndroid Build Coastguard Worker // 21*6777b538SAndroid Build Coastguard Worker // This function will post the message to the IPC channel's thread, where it 22*6777b538SAndroid Build Coastguard Worker // is offered to the channel's listeners. Afterwards, a reply task is posted 23*6777b538SAndroid Build Coastguard Worker // back to the current thread. This function blocks until the reply task is 24*6777b538SAndroid Build Coastguard Worker // received. For messages forwarded back to the current thread, we won't 25*6777b538SAndroid Build Coastguard Worker // return until after the message has been handled here. 26*6777b538SAndroid Build Coastguard Worker // 27*6777b538SAndroid Build Coastguard Worker // Use this only for testing security bugs in a browsertest; other uses are 28*6777b538SAndroid Build Coastguard Worker // likely perilous. Unit tests should be using IPC::TestSink which has an 29*6777b538SAndroid Build Coastguard Worker // OnMessageReceived method you can call directly. Non-security browsertests 30*6777b538SAndroid Build Coastguard Worker // should just exercise the child process's normal codepaths to send messages. 31*6777b538SAndroid Build Coastguard Worker static void PwnMessageReceived(ChannelProxy* channel, const Message& message); 32*6777b538SAndroid Build Coastguard Worker 33*6777b538SAndroid Build Coastguard Worker private: 34*6777b538SAndroid Build Coastguard Worker IpcSecurityTestUtil(); // Not instantiable. 35*6777b538SAndroid Build Coastguard Worker }; 36*6777b538SAndroid Build Coastguard Worker 37*6777b538SAndroid Build Coastguard Worker } // namespace IPC 38*6777b538SAndroid Build Coastguard Worker 39*6777b538SAndroid Build Coastguard Worker #endif // IPC_IPC_SECURITY_TEST_UTIL_H_ 40