From 44f360feae71a1998277509a3abc836af7a584ae Mon Sep 17 00:00:00 2001 From: "willchan@chromium.org" Date: Fri, 10 Jul 2009 21:03:17 +0000 Subject: [PATCH] Add some CHECKs to track down the source of a NULL deref in the SSLClientSocketWin code. BUG=http://crbug.com/16371 TEST=none Review URL: http://codereview.chromium.org/155359 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@20415 0039d316-1c4b-4281-b951-d872f2087c98 --- net/http/http_network_transaction.cc | 9 +++++++++ net/socket/ssl_client_socket_win.cc | 4 ++++ 2 files changed, 13 insertions(+) diff --git a/net/http/http_network_transaction.cc b/net/http/http_network_transaction.cc index 5d4c8dd43..ca3547c11 100644 --- a/net/http/http_network_transaction.cc +++ b/net/http/http_network_transaction.cc @@ -354,6 +354,11 @@ int HttpNetworkTransaction::Read(IOBuffer* buf, int buf_len, return ERR_TUNNEL_CONNECTION_FAILED; } + // http://crbug.com/16371: We're seeing |user_buf_->data()| return NULL. + // See if the user is passing in an IOBuffer with a NULL |data_|. + CHECK(buf); + CHECK(buf->data()); + read_buf_ = buf; read_buf_len_ = buf_len; @@ -812,6 +817,10 @@ int HttpNetworkTransaction::DoReadHeaders() { int buf_len = header_buf_capacity_ - header_buf_len_; header_buf_->set_data(header_buf_len_); + // http://crbug.com/16371: We're seeing |user_buf_->data()| return NULL. + // See if the user is passing in an IOBuffer with a NULL |data_|. + CHECK(header_buf_->data()); + return http_stream_->Read(header_buf_, buf_len, &io_callback_); } diff --git a/net/socket/ssl_client_socket_win.cc b/net/socket/ssl_client_socket_win.cc index f40fad406..86412d53f 100644 --- a/net/socket/ssl_client_socket_win.cc +++ b/net/socket/ssl_client_socket_win.cc @@ -543,6 +543,10 @@ int SSLClientSocketWin::Read(IOBuffer* buf, int buf_len, } DCHECK(!user_buf_); + // http://crbug.com/16371: We're seeing |buf->data()| return NULL. See if the + // user is passing in an IOBuffer with a NULL |data_|. + CHECK(buf); + CHECK(buf->data()); user_buf_ = buf; user_buf_len_ = buf_len;