|
1 // Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
2 // All rights reserved. |
|
3 // This component and the accompanying materials are made available |
|
4 // under the terms of "Eclipse Public License v1.0" |
|
5 // which accompanies this distribution, and is available |
|
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 // |
|
8 // Initial Contributors: |
|
9 // Nokia Corporation - initial contribution. |
|
10 // |
|
11 // Contributors: |
|
12 // |
|
13 // Description: |
|
14 // Wrapper around RMessage2 that provides message validation and error handling |
|
15 // to improve robustness of system servers under IPC attack |
|
16 // |
|
17 // |
|
18 |
|
19 #if !defined(CLIENTMESSAGECMN_H) |
|
20 #define CLIENTMESSAGECMN_H |
|
21 |
|
22 #include <e32std.h> |
|
23 #include <e32base.h> |
|
24 #include <e32debug.h> |
|
25 #include <babitflags.h> |
|
26 #include "clientmessage.h" |
|
27 |
|
28 namespace BSUL |
|
29 { |
|
30 |
|
31 |
|
32 /** |
|
33 This defines the maximum number of parameters that can be stored in a |
|
34 TClientMessageSchema structure. This corresponds to the maximum number |
|
35 of arguments in an RMessage2 |
|
36 @internalComponent |
|
37 */ |
|
38 const TInt KMaxParameters = 4; |
|
39 |
|
40 /** |
|
41 This mask is used to select the parameter type from TParameterDetails.iType |
|
42 @internalComponent |
|
43 */ |
|
44 const TInt KParamTypeMask = 0xFFFF; |
|
45 |
|
46 /** |
|
47 This mask is used to select the validation function index from |
|
48 TParameterDetails.iType |
|
49 @internalComponent |
|
50 */ |
|
51 const TInt KValidationFnIndexMask = 0xFFFF0000; |
|
52 |
|
53 /** |
|
54 This is used to shift down the value masked using KValidationFnIndexMask |
|
55 @internalComponent |
|
56 */ |
|
57 const TInt KShift16Bit = 16; |
|
58 |
|
59 |
|
60 /** |
|
61 This enum lists the flags currently represented by the TBitFlags32 |
|
62 CClientMessage::iFlags |
|
63 @internalComponent |
|
64 **/ |
|
65 enum TFlagValues |
|
66 { |
|
67 EFlagParam0Validated = 0, |
|
68 EFlagParam1Validated, |
|
69 EFlagParam2Validated, |
|
70 EFlagParam3Validated, |
|
71 /** Informs CompleteRequestL() that message not valid as client has already been panicked. */ |
|
72 EFlagPanicClient, |
|
73 /** Setting this flag indicates that for bad message errors, request |
|
74 should be completed with error code rather than panicking the client */ |
|
75 EFlagDoNotPanicClientOnBadMessageErrors = 30, |
|
76 EFlagLogBadMessages = 31 |
|
77 }; |
|
78 |
|
79 /** |
|
80 This class implements the behaviour for a TInt parameter type. |
|
81 The ValidateL function reads the Int value from the clients message and checks |
|
82 that the value read is between the iMax and iMin constraints defined in the |
|
83 message schema. |
|
84 @internalComponent |
|
85 */ |
|
86 NONSHARABLE_CLASS(CIntParameter) : public CMessageParameterBase |
|
87 { |
|
88 public: |
|
89 |
|
90 static CMessageParameterBase* NewL(const TParameterDetails& aParam, TInt aParamIndex, |
|
91 const RMessage2& aMessage, TCustomValidationFn aValidationFn); |
|
92 virtual ~CIntParameter(); |
|
93 virtual void ValidateL(); |
|
94 virtual TInt GetIntL(); |
|
95 |
|
96 private: |
|
97 CIntParameter(const TParameterDetails& aParam,TInt aParamIndex, |
|
98 const RMessage2& aMessage, TCustomValidationFn aValidationFn); |
|
99 |
|
100 private: |
|
101 //This stores the TInt value read from the client message during validation |
|
102 TInt iValue; |
|
103 }; |
|
104 |
|
105 /** |
|
106 This class implements the behaviour for a read only 8 bit |
|
107 descriptor parameter type. The ValidateL function checks that the length |
|
108 of the descriptor argument in the client’s process does not exceed iMax |
|
109 defined in the message schema. |
|
110 @internalComponent |
|
111 */ |
|
112 NONSHARABLE_CLASS(CDes8ReadParameter) : public CMessageParameterBase |
|
113 { |
|
114 public: |
|
115 static CMessageParameterBase* NewL(const TParameterDetails& aParam, TInt aParamIndex, |
|
116 const RMessage2& aMessage, TCustomValidationFn aValidationFn); |
|
117 virtual ~CDes8ReadParameter(); |
|
118 virtual void ValidateL(); |
|
119 virtual const TDesC8& GetDes8L(); |
|
120 virtual TInt GetDesLengthL(); |
|
121 virtual void ReadL(TDes8& aDes, TInt aOffset); |
|
122 |
|
123 private: |
|
124 CDes8ReadParameter(const TParameterDetails& aParam, TInt aParamIndex, |
|
125 const RMessage2& aMessage, TCustomValidationFn aValidationFn); |
|
126 |
|
127 private: |
|
128 //On validation this descriptor is instantiated and the contents or the client |
|
129 //descriptor are read into the local descriptor |
|
130 HBufC8* iValue; |
|
131 }; |
|
132 |
|
133 /** |
|
134 This class implements the behaviour for a read\write 8 bit |
|
135 descriptor parameter type. The ValidateL function checks that the MaxLength |
|
136 of the descriptor in the client’s process is not less than iMin and that the |
|
137 length of the descriptor does not exceed iMax defined in the message schema. |
|
138 @internalComponent |
|
139 */ |
|
140 NONSHARABLE_CLASS(CDes8Parameter) : public CMessageParameterBase |
|
141 { |
|
142 public: |
|
143 static CMessageParameterBase* NewL(const TParameterDetails& aParam, TInt aParamIndex, |
|
144 const RMessage2& aMessage, TCustomValidationFn aValidationFn); |
|
145 virtual ~CDes8Parameter(); |
|
146 virtual void ValidateL(); |
|
147 virtual void WriteL(const TDesC8& aDes, TInt aOffset); |
|
148 virtual void ReadL(TDes8& aDes, TInt aOffset); |
|
149 virtual TInt GetDesLengthL(); |
|
150 virtual TInt GetDesMaxLengthL(); |
|
151 |
|
152 protected: |
|
153 CDes8Parameter(const TParameterDetails& aParam, TInt aParamIndex, |
|
154 const RMessage2& aMessage, TCustomValidationFn aValidationFn); |
|
155 }; |
|
156 |
|
157 /** |
|
158 This class implements the behaviour for a read only 16 bit |
|
159 descriptor parameter type. The ValidateL function checks that the length |
|
160 of the descriptor argument in the client’s process does not exceed iMax |
|
161 defined in the message schema. |
|
162 @internalComponent |
|
163 */ |
|
164 NONSHARABLE_CLASS(CDes16ReadParameter) : public CMessageParameterBase |
|
165 { |
|
166 public: |
|
167 static CMessageParameterBase* NewL(const TParameterDetails& aParam, TInt aParamIndex, |
|
168 const RMessage2& aMessage, TCustomValidationFn aValidationFn); |
|
169 virtual ~CDes16ReadParameter(); |
|
170 virtual void ValidateL(); |
|
171 virtual const TDesC& GetDes16L(); |
|
172 virtual TInt GetDesLengthL(); |
|
173 virtual void ReadL(TDes& aDes, TInt aOffset); |
|
174 |
|
175 |
|
176 private: |
|
177 CDes16ReadParameter(const TParameterDetails& aParam, TInt aParamIndex, |
|
178 const RMessage2& aMessage, TCustomValidationFn aValidationFn); |
|
179 |
|
180 private: |
|
181 //On validation this descriptor is instantiated and the contents or the client |
|
182 //descriptor are read into the local descriptor |
|
183 HBufC* iValue; |
|
184 }; |
|
185 |
|
186 /** |
|
187 This class implements the behaviour for a read\write 16 bit |
|
188 descriptor parameter type. The ValidateL function checks that the MaxLength |
|
189 of the descriptor in the client’s process is not less than iMin and that the |
|
190 length of the descriptor does not exceed iMax defined in the message schema. |
|
191 @internalComponent |
|
192 */ |
|
193 NONSHARABLE_CLASS(CDes16Parameter) : public CMessageParameterBase |
|
194 { |
|
195 public: |
|
196 static CMessageParameterBase* NewL(const TParameterDetails& aParam, TInt aParamIndex, |
|
197 const RMessage2& aMessage, TCustomValidationFn aValidationFn); |
|
198 virtual ~CDes16Parameter(); |
|
199 virtual void ValidateL(); |
|
200 virtual void WriteL(const TDesC& aDes, TInt aOffset); |
|
201 virtual void ReadL(TDes& aDes, TInt aOffset); |
|
202 virtual TInt GetDesLengthL(); |
|
203 virtual TInt GetDesMaxLengthL(); |
|
204 |
|
205 private: |
|
206 CDes16Parameter(const TParameterDetails& aParam, TInt aParamIndex, |
|
207 const RMessage2& aMessage, TCustomValidationFn aValidationFn); |
|
208 }; |
|
209 |
|
210 |
|
211 /** |
|
212 This class implements the behaviour for a generic TPckg<> |
|
213 parameter type. The ValidateL function calls the custom validation function |
|
214 passed in to the object on creation. |
|
215 @internalComponent |
|
216 */ |
|
217 NONSHARABLE_CLASS(CPckgParameter) : public CDes8Parameter |
|
218 { |
|
219 public: |
|
220 static CMessageParameterBase* NewL(const TParameterDetails& aParam, TInt aParamIndex, |
|
221 const RMessage2& aMessage, TCustomValidationFn aValidationFn); |
|
222 virtual ~CPckgParameter(); |
|
223 virtual void ValidateL(); |
|
224 |
|
225 private: |
|
226 CPckgParameter(const TParameterDetails& aParam, TInt aParamIndex, |
|
227 const RMessage2& aMessage, TCustomValidationFn aValidationFn ); |
|
228 }; |
|
229 |
|
230 |
|
231 /** |
|
232 This class implements the behaviour for a Ptr parameter type. |
|
233 The ValidateL function reads the TAny* from the clients message and stores it for |
|
234 retrieval. |
|
235 @internalComponent |
|
236 */ |
|
237 NONSHARABLE_CLASS(CPtrParameter) : public CMessageParameterBase |
|
238 { |
|
239 public: |
|
240 static CMessageParameterBase* NewL(const TParameterDetails& aParam, TInt aParamIndex, |
|
241 const RMessage2& aMessage, TCustomValidationFn aValidationFn); |
|
242 |
|
243 /** |
|
244 Destructor for CPtrParameter class. |
|
245 */ |
|
246 virtual ~CPtrParameter(){}; |
|
247 virtual void ValidateL(); |
|
248 virtual const TAny* GetPtrL(); |
|
249 |
|
250 private: |
|
251 |
|
252 /** |
|
253 Constructor for CPtrParameter class. |
|
254 */ |
|
255 CPtrParameter(const TParameterDetails& aParam, TInt aParamIndex, |
|
256 const RMessage2& aMessage, TCustomValidationFn aValidationFn); |
|
257 |
|
258 private: |
|
259 //This stores the TAny* value read from the client message during validation |
|
260 const TAny* iValue; |
|
261 }; |
|
262 |
|
263 /** |
|
264 This typedef is used to simplify the declaration of the message schema |
|
265 table defined by the server. |
|
266 @internalComponent |
|
267 */ |
|
268 typedef CMessageParameterBase* (*TMessageParameterFactoryFn)(const TParameterDetails& aParam, |
|
269 TInt aParamIndex, const RMessage2& aMessage, TCustomValidationFn aValidationFn); |
|
270 |
|
271 }//namespace |
|
272 |
|
273 #endif |