summaryrefslogtreecommitdiff
path: root/chromium/mojo/edk/system/data_pipe_consumer_dispatcher.cc
diff options
context:
space:
mode:
Diffstat (limited to 'chromium/mojo/edk/system/data_pipe_consumer_dispatcher.cc')
-rw-r--r--chromium/mojo/edk/system/data_pipe_consumer_dispatcher.cc5
1 files changed, 5 insertions, 0 deletions
diff --git a/chromium/mojo/edk/system/data_pipe_consumer_dispatcher.cc b/chromium/mojo/edk/system/data_pipe_consumer_dispatcher.cc
index 7bf0b0177ac..158b0e17e3e 100644
--- a/chromium/mojo/edk/system/data_pipe_consumer_dispatcher.cc
+++ b/chromium/mojo/edk/system/data_pipe_consumer_dispatcher.cc
@@ -535,6 +535,11 @@ void DataPipeConsumerDispatcher::UpdateSignalsStateNoLock() {
if (rv != ports::OK)
peer_closed_ = true;
if (message) {
+ if (message->num_payload_bytes() < sizeof(DataPipeControlMessage)) {
+ peer_closed_ = true;
+ break;
+ }
+
const DataPipeControlMessage* m =
static_cast<const DataPipeControlMessage*>(
message->payload_bytes());
View Lorry Controller Status