tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

RLBoxWOFF2Sandbox.cpp (2822B)

      1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
      2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
      3 /* This Source Code Form is subject to the terms of the Mozilla Public
      4 * License, v. 2.0. If a copy of the MPL was not distributed with this
      5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      6 
      7 #include <woff2/decode.h>
      8 #include <cassert>
      9 #include "RLBoxWOFF2Sandbox.h"
     10 
     11 bool RLBoxConvertWOFF2ToTTF(const char* aData, unsigned long aLength,
     12                            unsigned long aDecompressedSize,
     13                            unsigned long* aResultSize, void** aResultOwningStr,
     14                            char** aResultData) {
     15  std::unique_ptr<std::string> buf =
     16      std::make_unique<std::string>(aDecompressedSize, 0);
     17  woff2::WOFF2StringOut out(buf.get());
     18  out.SetMaxSize(std::max(size_t(aDecompressedSize), woff2::kDefaultMaxSize));
     19  if (!woff2::ConvertWOFF2ToTTF(reinterpret_cast<const uint8_t*>(aData),
     20                                aLength, &out)) {
     21    return false;
     22  }
     23  *aResultSize = out.Size();
     24  // Return the string and its underlying C string. We need both to make sure we
     25  // can free the string (which we do with RLBoxDeleteWOFF2String).
     26  *aResultData = buf->data();
     27  *aResultOwningStr = static_cast<void*>(buf.release());
     28  return true;
     29 }
     30 
     31 void RLBoxDeleteWOFF2String(void** aStr) {
     32  std::string* buf = static_cast<std::string*>(*aStr);
     33  delete buf;
     34 }
     35 
     36 BrotliDecompressCallback* sRLBoxBrotliDecompressCallback = nullptr;
     37 
     38 void RegisterWOFF2Callback(BrotliDecompressCallback* aCallback) {
     39 #ifdef MOZ_IN_WASM_SANDBOX
     40  // When Woff2 is wasmboxed, we need to register a callback for brotli
     41  // decompression. The easiest way to store this is in a static variable. This
     42  // is thread-safe because each (potentially-concurrent) woff2 instance gets
     43  // its own sandbox with its own copy of the statics.
     44  //
     45  // When the sandbox is disabled (replaced with the noop sandbox), setting the
     46  // callback is actually racey. However, we don't actually need a callback in
     47  // that case, and can just invoke brotli directly.
     48  sRLBoxBrotliDecompressCallback = aCallback;
     49 #endif
     50 }
     51 
     52 BrotliDecoderResult RLBoxBrotliDecoderDecompress(size_t aEncodedSize,
     53                                                 const uint8_t* aEncodedBuffer,
     54                                                 size_t* aDecodedSize,
     55                                                 uint8_t* aDecodedBuffer) {
     56 #ifdef MOZ_IN_WASM_SANDBOX
     57  assert(sRLBoxBrotliDecompressCallback);
     58  return sRLBoxBrotliDecompressCallback(
     59      aEncodedSize, reinterpret_cast<const char*>(aEncodedBuffer), aDecodedSize,
     60      reinterpret_cast<char*>(aDecodedBuffer));
     61 #else
     62  return BrotliDecoderDecompress(aEncodedSize, aEncodedBuffer, aDecodedSize,
     63                                 aDecodedBuffer);
     64 #endif
     65 }