[Spellcheck, Security] Filter against invalid locales.

Prevents passing up of garbage strings from renderer (and thus, prevents opening of arbitrary files) BUG=167122 Review URL: https://chromiumcodereview.appspot.com/11618046 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174304 0039d316-1c4b-4281-b951-d872f2087c98
chromium · Dec 21, 2012 · 851f97d · 851f97d
1 parent 67c8078
commit 851f97d
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 17 deletions.
diff --git a/chrome/common/spellcheck_common.cc b/chrome/common/spellcheck_common.cc
@@ -9,13 +9,17 @@
 namespace chrome {
 namespace spellcheck_common {
 
-static const struct {
-  // The language.
-  const char* language;
+struct LanguageRegion {
+  const char* language;  // The language.
+  const char* language_region;  // language & region, used by dictionaries.
+};
+
+struct LanguageVersion {
+  const char* language;  // The language input.
+  const char* version;   // The corresponding version.
+};
 
-  // The corresponding language and region, used by the dictionaries.
-  const char* language_region;
-} g_supported_spellchecker_languages[] = {
+static const LanguageRegion g_supported_spellchecker_languages[] = {
   // Several languages are not to be included in the spellchecker list:
   // th-TH
   {"af", "af-ZA"},
@@ -58,10 +62,19 @@ static const struct {
   {"vi", "vi-VN"},
 };
 
+bool IsValidRegion(const std::string& region) {
+  for (size_t i = 0; i < arraysize(g_supported_spellchecker_languages);
+       ++i) {
+    if (g_supported_spellchecker_languages[i].language_region == region)
+      return true;
+  }
+  return false;
+}
+
 // This function returns the language-region version of language name.
 // e.g. returns hi-IN for hi.
 std::string GetSpellCheckLanguageRegion(const std::string& input_language) {
-  for (size_t i = 0; i < ARRAYSIZE_UNSAFE(g_supported_spellchecker_languages);
+  for (size_t i = 0; i < arraysize(g_supported_spellchecker_languages);
        ++i) {
     if (g_supported_spellchecker_languages[i].language == input_language) {
       return std::string(
@@ -78,13 +91,7 @@ FilePath GetVersionedFileName(const std::string& input_language,
   // with additional words found by the translation team.
   static const char kDefaultVersionString[] = "-1-2";
 
-  static const struct {
-    // The language input.
-    const char* language;
-
-    // The corresponding version.
-    const char* version;
-  } special_version_string[] = {
+  static LanguageVersion special_version_string[] = {
     {"es-ES", "-1-1"},  // 1-1: Have not been augmented with addtional words.
     {"nl-NL", "-1-1"},
     {"sv-SE", "-1-1"},
@@ -121,7 +128,7 @@ FilePath GetVersionedFileName(const std::string& input_language,
   std::string language = GetSpellCheckLanguageRegion(input_language);
   std::string versioned_bdict_file_name(language + kDefaultVersionString +
                                         ".bdic");
-  for (size_t i = 0; i < ARRAYSIZE_UNSAFE(special_version_string); ++i) {
+  for (size_t i = 0; i < arraysize(special_version_string); ++i) {
     if (language == special_version_string[i].language) {
       versioned_bdict_file_name =
           language + special_version_string[i].version + ".bdic";
@@ -134,7 +141,7 @@ FilePath GetVersionedFileName(const std::string& input_language,
 
 std::string GetCorrespondingSpellCheckLanguage(const std::string& language) {
   // Look for exact match in the Spell Check language list.
-  for (size_t i = 0; i < ARRAYSIZE_UNSAFE(g_supported_spellchecker_languages);
+  for (size_t i = 0; i < arraysize(g_supported_spellchecker_languages);
        ++i) {
     // First look for exact match in the language region of the list.
     std::string spellcheck_language(
@@ -154,7 +161,7 @@ std::string GetCorrespondingSpellCheckLanguage(const std::string& language) {
 }
 
 void SpellCheckLanguages(std::vector<std::string>* languages) {
-  for (size_t i = 0; i < ARRAYSIZE_UNSAFE(g_supported_spellchecker_languages);
+  for (size_t i = 0; i < arraysize(g_supported_spellchecker_languages);
        ++i) {
     languages->push_back(g_supported_spellchecker_languages[i].language);
   }

diff --git a/content/browser/hyphenator/hyphenator_message_filter.cc b/content/browser/hyphenator/hyphenator_message_filter.cc
@@ -90,6 +90,14 @@ void HyphenatorMessageFilter::OpenDictionary(const string16& locale) {
         GetContentClient()->browser()->GetHyphenDictionaryDirectory();
   }
   std::string rule_file = locale.empty() ? "en-US" : UTF16ToASCII(locale);
+
+  // Currently, only en-US is hyphenated. This is a quick fix for
+  // http://crbug.com/167122.
+  // TODO(groby): The proper fix entails validating if locale is a properly
+  // formatted locale string, but knowledge about valid locales currently
+  // resides in chrome, not content.
+  if (rule_file != "en-US")
+    return;
   rule_file.append("-1-0.dic");
   FilePath rule_path = dictionary_base_.AppendASCII(rule_file);
   dictionary_file_ = base::CreatePlatformFile(