Bug 1308076 - Fixup PSSH parser gtests. r=jwwang
authorChris Pearce <cpearce@mozilla.com>
Fri, 07 Oct 2016 21:12:18 +1300
changeset 360398 4cda1fca7cdcb587cb2875e57d9798cdb3e9dcfd
parent 360397 884cccc8f1395605a35fdc456c464f84d39a3eec
child 360399 bd00715b29e3c230f40adb8546efa2ebf934a5ed
push id6795
push userjlund@mozilla.com
push dateMon, 23 Jan 2017 14:19:46 +0000
treeherdermozilla-beta@76101b503191 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjwwang
bugs1308076
milestone52.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1308076 - Fixup PSSH parser gtests. r=jwwang We're now obliged to be stricter, taking from the example of the Web Platform Tests. MozReview-Commit-ID: AJNDoRZ9BF8
media/gmp-clearkey/0.1/gtest/TestClearKeyUtils.cpp
media/psshparser/PsshParser.cpp
--- a/media/gmp-clearkey/0.1/gtest/TestClearKeyUtils.cpp
+++ b/media/gmp-clearkey/0.1/gtest/TestClearKeyUtils.cpp
@@ -107,79 +107,64 @@ const uint8_t gGoogleWPTCencInitData[] =
   0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,  // key
   0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
   0x00, 0x00, 0x00, 0x00                           // datasize
 };
 
 // Example CENC initData from the EME spec format registry:
 // https://w3c.github.io/encrypted-media/format-registry/initdata/cenc.html
 const uint8_t gW3SpecExampleCencInitData[] = {
-  0x00, 0x00, 0x00, 0x4c, 0x70, 0x73, 0x73, 0x68, // BMFF box header (76 bytes, 'pssh')
+  0x00, 0x00, 0x00, 0x44, 0x70, 0x73, 0x73, 0x68, // BMFF box header (68 bytes, 'pssh')
   0x01, 0x00, 0x00, 0x00,                         // Full box header (version = 1, flags = 0)
   0x10, 0x77, 0xef, 0xec, 0xc0, 0xb2, 0x4d, 0x02, // SystemID
   0xac, 0xe3, 0x3c, 0x1e, 0x52, 0xe2, 0xfb, 0x4b,
   0x00, 0x00, 0x00, 0x02,                         // KID_count (2)
   0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, // First KID ("0123456789012345")
   0x38, 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
   0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, // Second KID ("ABCDEFGHIJKLMNOP")
   0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50,
   0x00, 0x00, 0x00, 0x00                         // Size of Data (0)
 };
 
 // Invalid box size, would overflow if used.
 const uint8_t gOverflowBoxSize[] = {
   0xff, 0xff, 0xff, 0xff,                          // size = UINT32_MAX
 };
 
-// Invalid box size, but retrievable data.
-const uint8_t gMalformedCencInitData[] = {
-  0x00, 0x00, 0xff, 0xff,                          // size = too big a number
+// Valid box size, but key count too large.
+const uint8_t gTooLargeKeyCountInitData[] = {
+  0x00, 0x00, 0x00, 0x34,                          // size = too big a number
   0x70, 0x73, 0x73, 0x68,                          // 'pssh'
   0x01,                                            // version = 1
   0xff, 0xff, 0xff,                                // flags
   0x10, 0x77, 0xEF, 0xEC, 0xC0, 0xB2, 0x4D, 0x02,  // Common SystemID
   0xAC, 0xE3, 0x3C, 0x1E, 0x52, 0xE2, 0xFB, 0x4B,
   0xff, 0xff, 0xff, 0xff,                          // key count = UINT32_MAX
   0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,  // key
   0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
   0xff, 0xff, 0xff, 0xff                           // datasize
 };
 
-// Non PSSH box, followed by Non common SystemID PSSH, followed by common SystemID PSSH box.
-const uint8_t gLeadingNonCommonCencInitData[] = {
-  0x00, 0x00, 0x00, 0x09,                          // size = 9
-  0xff, 0xff, 0xff, 0xff,                          // something other than 'pssh'
-  0xff,                                            // odd number of bytes of garbage to throw off the parser
-
+// Non common SystemID PSSH.
+// No keys Ids can be extracted, but don't consider the box invalid.
+const uint8_t gNonCencInitData[] = {
   0x00, 0x00, 0x00, 0x5c,                          // size = 92
   0x70, 0x73, 0x73, 0x68,                          // 'pssh'
   0x01,                                            // version = 1
   0x00, 0x00, 0x00,                                // flags
   0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,  // Invalid SystemID
   0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
   0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,  // Some data to pad out the box.
   0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
   0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
   0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
   0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
   0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
   0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
   0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-
-  // gW3SpecExampleCencInitData
-  0x00, 0x00, 0x00, 0x4c, 0x70, 0x73, 0x73, 0x68, // BMFF box header (76 bytes, 'pssh')
-  0x01, 0x00, 0x00, 0x00,                         // Full box header (version = 1, flags = 0)
-  0x10, 0x77, 0xef, 0xec, 0xc0, 0xb2, 0x4d, 0x02, // SystemID
-  0xac, 0xe3, 0x3c, 0x1e, 0x52, 0xe2, 0xfb, 0x4b,
-  0x00, 0x00, 0x00, 0x02,                         // KID_count (2)
-  0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, // First KID ("0123456789012345")
-  0x38, 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
-  0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, // Second KID ("ABCDEFGHIJKLMNOP")
-  0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50,
-  0x00, 0x00, 0x00, 0x00                         // Size of Data (0)
 };
 
 const uint8_t gNonPSSHBoxZeroSize[] = {
   0x00, 0x00, 0x00, 0x00,                          // size = 0
   0xff, 0xff, 0xff, 0xff,                          // something other than 'pssh'
 };
 
 // Two lots of the google init data. To ensure we handle
@@ -205,51 +190,47 @@ const uint8_t g2xGoogleWPTCencInitData[]
   0x00, 0x00, 0x00, 0x01,                          // key count
   0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,  // key
   0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
   0x00, 0x00, 0x00, 0x00                           // datasize
 };
 
 TEST(ClearKey, ParseCencInitData) {
   std::vector<std::vector<uint8_t>> keyIds;
+  bool rv;
 
-  ParseCENCInitData(gGoogleWPTCencInitData, MOZ_ARRAY_LENGTH(gGoogleWPTCencInitData), keyIds);
+  rv = ParseCENCInitData(gGoogleWPTCencInitData, MOZ_ARRAY_LENGTH(gGoogleWPTCencInitData), keyIds);
+  EXPECT_EQ(true, rv);
   EXPECT_EQ(keyIds.size(), 1u);
   EXPECT_EQ(keyIds[0].size(), 16u);
   EXPECT_EQ(memcmp(&keyIds[0].front(), &gGoogleWPTCencInitData[32], 16), 0);
 
-  keyIds.clear();
-  ParseCENCInitData(gW3SpecExampleCencInitData, MOZ_ARRAY_LENGTH(gW3SpecExampleCencInitData), keyIds);
+  rv = ParseCENCInitData(gW3SpecExampleCencInitData, MOZ_ARRAY_LENGTH(gW3SpecExampleCencInitData), keyIds);
+  EXPECT_EQ(true, rv);
   EXPECT_EQ(keyIds.size(), 2u);
   EXPECT_EQ(keyIds[0].size(), 16u);
   EXPECT_EQ(memcmp(&keyIds[0].front(), &gW3SpecExampleCencInitData[32], 16), 0);
   EXPECT_EQ(memcmp(&keyIds[1].front(), &gW3SpecExampleCencInitData[48], 16), 0);
 
-  keyIds.clear();
-  ParseCENCInitData(gOverflowBoxSize, MOZ_ARRAY_LENGTH(gOverflowBoxSize), keyIds);
+  rv = ParseCENCInitData(gOverflowBoxSize, MOZ_ARRAY_LENGTH(gOverflowBoxSize), keyIds);
+  EXPECT_EQ(false, rv);
   EXPECT_EQ(keyIds.size(), 0u);
 
-  keyIds.clear();
-  ParseCENCInitData(gMalformedCencInitData, MOZ_ARRAY_LENGTH(gMalformedCencInitData), keyIds);
-  EXPECT_EQ(keyIds.size(), 1u);
-  EXPECT_EQ(keyIds[0].size(), 16u);
-  EXPECT_EQ(memcmp(&keyIds[0].front(), &gMalformedCencInitData[32], 16), 0);
+  rv = ParseCENCInitData(gTooLargeKeyCountInitData, MOZ_ARRAY_LENGTH(gTooLargeKeyCountInitData), keyIds);
+  EXPECT_EQ(false, rv);
+  EXPECT_EQ(0u, keyIds.size());
 
-  keyIds.clear();
-  ParseCENCInitData(gLeadingNonCommonCencInitData, MOZ_ARRAY_LENGTH(gLeadingNonCommonCencInitData), keyIds);
-  EXPECT_EQ(keyIds.size(), 2u);
-  EXPECT_EQ(keyIds[0].size(), 16u);
-  EXPECT_EQ(memcmp(&keyIds[0].front(), &gW3SpecExampleCencInitData[32], 16), 0);
-  EXPECT_EQ(memcmp(&keyIds[1].front(), &gW3SpecExampleCencInitData[48], 16), 0);
+  rv = ParseCENCInitData(gNonCencInitData, MOZ_ARRAY_LENGTH(gNonCencInitData), keyIds);
+  EXPECT_EQ(true, rv);
+  EXPECT_EQ(0u, keyIds.size());
 
-  keyIds.clear();
-  ParseCENCInitData(gNonPSSHBoxZeroSize, MOZ_ARRAY_LENGTH(gNonPSSHBoxZeroSize), keyIds);
+  rv = ParseCENCInitData(gNonPSSHBoxZeroSize, MOZ_ARRAY_LENGTH(gNonPSSHBoxZeroSize), keyIds);
+  EXPECT_EQ(false, rv);
   EXPECT_EQ(keyIds.size(), 0u);
 
-  keyIds.clear();
-  ParseCENCInitData(g2xGoogleWPTCencInitData, MOZ_ARRAY_LENGTH(g2xGoogleWPTCencInitData), keyIds);
+  rv = ParseCENCInitData(g2xGoogleWPTCencInitData, MOZ_ARRAY_LENGTH(g2xGoogleWPTCencInitData), keyIds);
+  EXPECT_EQ(true, rv);
   EXPECT_EQ(keyIds.size(), 2u);
   EXPECT_EQ(keyIds[0].size(), 16u);
   EXPECT_EQ(keyIds[1].size(), 16u);
   EXPECT_EQ(memcmp(&keyIds[0].front(), &g2xGoogleWPTCencInitData[32], 16), 0);
   EXPECT_EQ(memcmp(&keyIds[1].front(), &g2xGoogleWPTCencInitData[84], 16), 0);
-
 }
--- a/media/psshparser/PsshParser.cpp
+++ b/media/psshparser/PsshParser.cpp
@@ -13,16 +13,17 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 
 #include "PsshParser.h"
 
 #include "mozilla/Assertions.h"
 #include "mozilla/EndianUtils.h"
+#include "mozilla/Move.h"
 #include <memory.h>
 #include <algorithm>
 #include <assert.h>
 #include <limits>
 
 // Stripped down version of mp4_demuxer::ByteReader, stripped down to make it
 // easier to link into ClearKey DLL and gtest.
 class ByteReader
@@ -107,16 +108,18 @@ const uint8_t kSystemID[] = {
   0xac, 0xe3, 0x3c, 0x1e, 0x52, 0xe2, 0xfb, 0x4b
 };
 
 bool
 ParseCENCInitData(const uint8_t* aInitData,
                   uint32_t aInitDataSize,
                   std::vector<std::vector<uint8_t>>& aOutKeyIds)
 {
+  aOutKeyIds.clear();
+  std::vector<std::vector<uint8_t>> keyIds;
   ByteReader reader(aInitData, aInitDataSize);
   while (reader.CanRead32()) {
     // Box size. For the common system Id, ignore this, as some useragents
     // handle invalid box sizes.
     const size_t start = reader.Offset();
     const size_t size = reader.ReadU32();
     if (size > std::numeric_limits<size_t>::max() - start) {
       // Ensure 'start + size' calculation below can't overflow.
@@ -161,32 +164,34 @@ ParseCENCInitData(const uint8_t* aInitDa
       continue;
     }
 
     if (!reader.CanRead32()) {
       return false;
     }
     uint32_t kidCount = reader.ReadU32();
 
+    if (kidCount * CENC_KEY_LEN > reader.Remaining()) {
+      // Not enough bytes remaining to read all keys.
+      return false;
+    }
+
     for (uint32_t i = 0; i < kidCount; i++) {
-      if (reader.Remaining() < CENC_KEY_LEN) {
-        // Not enough remaining to read key.
-        return false;
-      }
       const uint8_t* kid = reader.Read(CENC_KEY_LEN);
-      aOutKeyIds.push_back(std::vector<uint8_t>(kid, kid + CENC_KEY_LEN));
+      keyIds.push_back(std::vector<uint8_t>(kid, kid + CENC_KEY_LEN));
     }
 
     // Size of extra data. EME CENC format spec says datasize should
     // always be 0. We explicitly read the datasize, in case the box
     // size was 0, so that we get to the end of the box.
     if (!reader.CanRead32()) {
       return false;
     }
     reader.ReadU32();
 
     // Jump forwards to the end of the box, skipping any padding.
     if (size) {
       reader.Seek(end);
     }
   }
+  aOutKeyIds = mozilla::Move(keyIds);
   return true;
 }