sl@0: // Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies). sl@0: // All rights reserved. sl@0: // This component and the accompanying materials are made available sl@0: // under the terms of "Eclipse Public License v1.0" sl@0: // which accompanies this distribution, and is available sl@0: // at the URL "http://www.eclipse.org/legal/epl-v10.html". sl@0: // sl@0: // Initial Contributors: sl@0: // Nokia Corporation - initial contribution. sl@0: // sl@0: // Contributors: sl@0: // sl@0: // Description: sl@0: // Wrapper around RMessage2 that provides message validation and error handling sl@0: // to improve robustness of system servers under IPC attack sl@0: // sl@0: // sl@0: sl@0: #if !defined(CLIENTMESSAGECMN_H) sl@0: #define CLIENTMESSAGECMN_H sl@0: sl@0: #include sl@0: #include sl@0: #include sl@0: #include sl@0: #include "clientmessage.h" sl@0: sl@0: namespace BSUL sl@0: { sl@0: sl@0: sl@0: /** sl@0: This defines the maximum number of parameters that can be stored in a sl@0: TClientMessageSchema structure. This corresponds to the maximum number sl@0: of arguments in an RMessage2 sl@0: @internalComponent sl@0: */ sl@0: const TInt KMaxParameters = 4; sl@0: sl@0: /** sl@0: This mask is used to select the parameter type from TParameterDetails.iType sl@0: @internalComponent sl@0: */ sl@0: const TInt KParamTypeMask = 0xFFFF; sl@0: sl@0: /** sl@0: This mask is used to select the validation function index from sl@0: TParameterDetails.iType sl@0: @internalComponent sl@0: */ sl@0: const TInt KValidationFnIndexMask = 0xFFFF0000; sl@0: sl@0: /** sl@0: This is used to shift down the value masked using KValidationFnIndexMask sl@0: @internalComponent sl@0: */ sl@0: const TInt KShift16Bit = 16; sl@0: sl@0: sl@0: /** sl@0: This enum lists the flags currently represented by the TBitFlags32 sl@0: CClientMessage::iFlags sl@0: @internalComponent sl@0: **/ sl@0: enum TFlagValues sl@0: { sl@0: EFlagParam0Validated = 0, sl@0: EFlagParam1Validated, sl@0: EFlagParam2Validated, sl@0: EFlagParam3Validated, sl@0: /** Informs CompleteRequestL() that message not valid as client has already been panicked. */ sl@0: EFlagPanicClient, sl@0: /** Setting this flag indicates that for bad message errors, request sl@0: should be completed with error code rather than panicking the client */ sl@0: EFlagDoNotPanicClientOnBadMessageErrors = 30, sl@0: EFlagLogBadMessages = 31 sl@0: }; sl@0: sl@0: /** sl@0: This class implements the behaviour for a TInt parameter type. sl@0: The ValidateL function reads the Int value from the clients message and checks sl@0: that the value read is between the iMax and iMin constraints defined in the sl@0: message schema. sl@0: @internalComponent sl@0: */ sl@0: NONSHARABLE_CLASS(CIntParameter) : public CMessageParameterBase sl@0: { sl@0: public: sl@0: sl@0: static CMessageParameterBase* NewL(const TParameterDetails& aParam, TInt aParamIndex, sl@0: const RMessage2& aMessage, TCustomValidationFn aValidationFn); sl@0: virtual ~CIntParameter(); sl@0: virtual void ValidateL(); sl@0: virtual TInt GetIntL(); sl@0: sl@0: private: sl@0: CIntParameter(const TParameterDetails& aParam,TInt aParamIndex, sl@0: const RMessage2& aMessage, TCustomValidationFn aValidationFn); sl@0: sl@0: private: sl@0: //This stores the TInt value read from the client message during validation sl@0: TInt iValue; sl@0: }; sl@0: sl@0: /** sl@0: This class implements the behaviour for a read only 8 bit sl@0: descriptor parameter type. The ValidateL function checks that the length sl@0: of the descriptor argument in the client’s process does not exceed iMax sl@0: defined in the message schema. sl@0: @internalComponent sl@0: */ sl@0: NONSHARABLE_CLASS(CDes8ReadParameter) : public CMessageParameterBase sl@0: { sl@0: public: sl@0: static CMessageParameterBase* NewL(const TParameterDetails& aParam, TInt aParamIndex, sl@0: const RMessage2& aMessage, TCustomValidationFn aValidationFn); sl@0: virtual ~CDes8ReadParameter(); sl@0: virtual void ValidateL(); sl@0: virtual const TDesC8& GetDes8L(); sl@0: virtual TInt GetDesLengthL(); sl@0: virtual void ReadL(TDes8& aDes, TInt aOffset); sl@0: sl@0: private: sl@0: CDes8ReadParameter(const TParameterDetails& aParam, TInt aParamIndex, sl@0: const RMessage2& aMessage, TCustomValidationFn aValidationFn); sl@0: sl@0: private: sl@0: //On validation this descriptor is instantiated and the contents or the client sl@0: //descriptor are read into the local descriptor sl@0: HBufC8* iValue; sl@0: }; sl@0: sl@0: /** sl@0: This class implements the behaviour for a read\write 8 bit sl@0: descriptor parameter type. The ValidateL function checks that the MaxLength sl@0: of the descriptor in the client’s process is not less than iMin and that the sl@0: length of the descriptor does not exceed iMax defined in the message schema. sl@0: @internalComponent sl@0: */ sl@0: NONSHARABLE_CLASS(CDes8Parameter) : public CMessageParameterBase sl@0: { sl@0: public: sl@0: static CMessageParameterBase* NewL(const TParameterDetails& aParam, TInt aParamIndex, sl@0: const RMessage2& aMessage, TCustomValidationFn aValidationFn); sl@0: virtual ~CDes8Parameter(); sl@0: virtual void ValidateL(); sl@0: virtual void WriteL(const TDesC8& aDes, TInt aOffset); sl@0: virtual void ReadL(TDes8& aDes, TInt aOffset); sl@0: virtual TInt GetDesLengthL(); sl@0: virtual TInt GetDesMaxLengthL(); sl@0: sl@0: protected: sl@0: CDes8Parameter(const TParameterDetails& aParam, TInt aParamIndex, sl@0: const RMessage2& aMessage, TCustomValidationFn aValidationFn); sl@0: }; sl@0: sl@0: /** sl@0: This class implements the behaviour for a read only 16 bit sl@0: descriptor parameter type. The ValidateL function checks that the length sl@0: of the descriptor argument in the client’s process does not exceed iMax sl@0: defined in the message schema. sl@0: @internalComponent sl@0: */ sl@0: NONSHARABLE_CLASS(CDes16ReadParameter) : public CMessageParameterBase sl@0: { sl@0: public: sl@0: static CMessageParameterBase* NewL(const TParameterDetails& aParam, TInt aParamIndex, sl@0: const RMessage2& aMessage, TCustomValidationFn aValidationFn); sl@0: virtual ~CDes16ReadParameter(); sl@0: virtual void ValidateL(); sl@0: virtual const TDesC& GetDes16L(); sl@0: virtual TInt GetDesLengthL(); sl@0: virtual void ReadL(TDes& aDes, TInt aOffset); sl@0: sl@0: sl@0: private: sl@0: CDes16ReadParameter(const TParameterDetails& aParam, TInt aParamIndex, sl@0: const RMessage2& aMessage, TCustomValidationFn aValidationFn); sl@0: sl@0: private: sl@0: //On validation this descriptor is instantiated and the contents or the client sl@0: //descriptor are read into the local descriptor sl@0: HBufC* iValue; sl@0: }; sl@0: sl@0: /** sl@0: This class implements the behaviour for a read\write 16 bit sl@0: descriptor parameter type. The ValidateL function checks that the MaxLength sl@0: of the descriptor in the client’s process is not less than iMin and that the sl@0: length of the descriptor does not exceed iMax defined in the message schema. sl@0: @internalComponent sl@0: */ sl@0: NONSHARABLE_CLASS(CDes16Parameter) : public CMessageParameterBase sl@0: { sl@0: public: sl@0: static CMessageParameterBase* NewL(const TParameterDetails& aParam, TInt aParamIndex, sl@0: const RMessage2& aMessage, TCustomValidationFn aValidationFn); sl@0: virtual ~CDes16Parameter(); sl@0: virtual void ValidateL(); sl@0: virtual void WriteL(const TDesC& aDes, TInt aOffset); sl@0: virtual void ReadL(TDes& aDes, TInt aOffset); sl@0: virtual TInt GetDesLengthL(); sl@0: virtual TInt GetDesMaxLengthL(); sl@0: sl@0: private: sl@0: CDes16Parameter(const TParameterDetails& aParam, TInt aParamIndex, sl@0: const RMessage2& aMessage, TCustomValidationFn aValidationFn); sl@0: }; sl@0: sl@0: sl@0: /** sl@0: This class implements the behaviour for a generic TPckg<> sl@0: parameter type. The ValidateL function calls the custom validation function sl@0: passed in to the object on creation. sl@0: @internalComponent sl@0: */ sl@0: NONSHARABLE_CLASS(CPckgParameter) : public CDes8Parameter sl@0: { sl@0: public: sl@0: static CMessageParameterBase* NewL(const TParameterDetails& aParam, TInt aParamIndex, sl@0: const RMessage2& aMessage, TCustomValidationFn aValidationFn); sl@0: virtual ~CPckgParameter(); sl@0: virtual void ValidateL(); sl@0: sl@0: private: sl@0: CPckgParameter(const TParameterDetails& aParam, TInt aParamIndex, sl@0: const RMessage2& aMessage, TCustomValidationFn aValidationFn ); sl@0: }; sl@0: sl@0: sl@0: /** sl@0: This class implements the behaviour for a Ptr parameter type. sl@0: The ValidateL function reads the TAny* from the clients message and stores it for sl@0: retrieval. sl@0: @internalComponent sl@0: */ sl@0: NONSHARABLE_CLASS(CPtrParameter) : public CMessageParameterBase sl@0: { sl@0: public: sl@0: static CMessageParameterBase* NewL(const TParameterDetails& aParam, TInt aParamIndex, sl@0: const RMessage2& aMessage, TCustomValidationFn aValidationFn); sl@0: sl@0: /** sl@0: Destructor for CPtrParameter class. sl@0: */ sl@0: virtual ~CPtrParameter(){}; sl@0: virtual void ValidateL(); sl@0: virtual const TAny* GetPtrL(); sl@0: sl@0: private: sl@0: sl@0: /** sl@0: Constructor for CPtrParameter class. sl@0: */ sl@0: CPtrParameter(const TParameterDetails& aParam, TInt aParamIndex, sl@0: const RMessage2& aMessage, TCustomValidationFn aValidationFn); sl@0: sl@0: private: sl@0: //This stores the TAny* value read from the client message during validation sl@0: const TAny* iValue; sl@0: }; sl@0: sl@0: /** sl@0: This typedef is used to simplify the declaration of the message schema sl@0: table defined by the server. sl@0: @internalComponent sl@0: */ sl@0: typedef CMessageParameterBase* (*TMessageParameterFactoryFn)(const TParameterDetails& aParam, sl@0: TInt aParamIndex, const RMessage2& aMessage, TCustomValidationFn aValidationFn); sl@0: sl@0: }//namespace sl@0: sl@0: #endif