zqz/platform-external-webrtc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

"Remove" loophole in rtc::Thread::ScopedDisallowBlockingCalls

Browse Source 
It was previously possible to escape the sandbox by calling
rtc::Thread::SetAllowBlockingCalls(true).

This CL only removes the loophole on non-Android builds, because we
still have old Android code that relies on it. We expect that code to
go away soon-ish, though.

Bug: webrtc:9987
Change-Id: Ida96400d0abe430af4c2046284795d37d64f6613
Reviewed-on: https://webrtc-review.googlesource.com/c/123523
Commit-Queue: Karl Wiberg <kwiberg@webrtc.org>
Reviewed-by: Tommi <tommi@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#26792}
This commit is contained in:
Karl Wiberg
2019-02-21 13:38:30 +01:00
committed by Commit Bot
parent 826f2e7f34
commit 32562250ca
3 changed files with 17 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pc/channel_manager.cc
View File

@ -127,7 +127,7 @@ bool ChannelManager::Init() {
if (!network_thread_->IsCurrent()) { if (!network_thread_->IsCurrent()) {
// Do not allow invoking calls to other threads on the network thread. // Do not allow invoking calls to other threads on the network thread.
network_thread_->Invoke<void>( network_thread_->Invoke<void>(
RTC_FROM_HERE, [&] { network_thread_->SetAllowBlockingCalls(false); }); RTC_FROM_HERE, [&] { network_thread_->DisallowBlockingCalls(); });
} }
if (media_engine_) { if (media_engine_) {

19
rtc_base/thread.h
View File

@ -219,10 +219,6 @@ class RTC_LOCKABLE Thread : public MessageQueue {
// of whatever code is conditionally executing because of the return value! // of whatever code is conditionally executing because of the return value!
bool RunningForTest() { return IsRunning(); } bool RunningForTest() { return IsRunning(); }
// Sets the per-thread allow-blocking-calls flag and returns the previous
// value. Must be called on this thread.
bool SetAllowBlockingCalls(bool allow);
// These functions are public to avoid injecting test hooks. Don't call them // These functions are public to avoid injecting test hooks. Don't call them
// outside of tests. // outside of tests.
// This method should be called when thread is created using non standard // This method should be called when thread is created using non standard
@ -232,6 +228,17 @@ class RTC_LOCKABLE Thread : public MessageQueue {
bool WrapCurrent(); bool WrapCurrent();
void UnwrapCurrent(); void UnwrapCurrent();
// Sets the per-thread allow-blocking-calls flag to false; this is
// irrevocable. Must be called on this thread.
void DisallowBlockingCalls() { SetAllowBlockingCalls(false); }
#ifdef WEBRTC_ANDROID
// Sets the per-thread allow-blocking-calls flag to true, sidestepping the
// invariants upheld by DisallowBlockingCalls() and
// ScopedDisallowBlockingCalls. Must be called on this thread.
void DEPRECATED_AllowBlockingCalls() { SetAllowBlockingCalls(true); }
#endif
protected: protected:
// Same as WrapCurrent except that it never fails as it does not try to // Same as WrapCurrent except that it never fails as it does not try to
// acquire the synchronization access of the thread. The caller should never // acquire the synchronization access of the thread. The caller should never
@ -251,6 +258,10 @@ class RTC_LOCKABLE Thread : public MessageQueue {
Runnable* runnable; Runnable* runnable;
}; };
// Sets the per-thread allow-blocking-calls flag and returns the previous
// value. Must be called on this thread.
bool SetAllowBlockingCalls(bool allow);
#if defined(WEBRTC_WIN) #if defined(WEBRTC_WIN)
static DWORD WINAPI PreRun(LPVOID context); static DWORD WINAPI PreRun(LPVOID context);
#else #else

2
sdk/android/src/jni/android_media_codec_common.h
View File

@ -66,7 +66,7 @@ enum { kMaxEncodedLogFrames = 10 };
static inline void AllowBlockingCalls() { static inline void AllowBlockingCalls() {
rtc::Thread* current_thread = rtc::Thread::Current(); rtc::Thread* current_thread = rtc::Thread::Current();
if (current_thread != NULL) if (current_thread != NULL)
current_thread->SetAllowBlockingCalls(true); current_thread->DEPRECATED_AllowBlockingCalls();
} }
// Checks for any Java exception, prints stack backtrace and clears // Checks for any Java exception, prints stack backtrace and clears