[vm/service] Avoid exposing top-level class ids in the service protocol

mkustermann · commit-bot@chromium.org · commit 91d460176aaa · 2020-07-27T20:11:56.000Z
Instead of using class ids when building field/function service ids, we use names instead (as we do in some other places already). Issue #42533 Change-Id: I55530161af26ee9514aa29a048cf140094cabd95 Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/156004 Commit-Queue: Martin Kustermann <kustermann@google.com> Reviewed-by: Ryan Macnak <rmacnak@google.com> Reviewed-by: Ben Konyi <bkonyi@google.com>
diff --git a/runtime/vm/object_service.cc b/runtime/vm/object_service.cc
@@ -247,16 +247,30 @@ static void AddFunctionServiceId(const JSONObject& jsobj,
   }
   if (id != -1) {
     ASSERT(selector != NULL);
-    jsobj.AddFixedServiceId("classes/%" Pd "/%s/%" Pd "", cls.id(), selector,
-                            id);
+    if (cls.IsTopLevel()) {
+      const auto& library = Library::Handle(cls.library());
+      const auto& private_key = String::Handle(library.private_key());
+      jsobj.AddFixedServiceId("libraries/%s/%s/%" Pd "",
+                              private_key.ToCString(), selector, id);
+    } else {
+      jsobj.AddFixedServiceId("classes/%" Pd "/%s/%" Pd "", cls.id(), selector,
+                              id);
+    }
     return;
   }
   // Regular functions known to their owner use their name (percent-encoded).
   String& name = String::Handle(f.name());
   if (cls.LookupFunction(name) == f.raw()) {
     const char* encoded_name = String::EncodeIRI(name);
-    jsobj.AddFixedServiceId("classes/%" Pd "/functions/%s", cls.id(),
-                            encoded_name);
+    if (cls.IsTopLevel()) {
+      const auto& library = Library::Handle(cls.library());
+      const auto& private_key = String::Handle(library.private_key());
+      jsobj.AddFixedServiceId("libraries/%s/functions/%s",
+                              private_key.ToCString(), encoded_name);
+    } else {
+      jsobj.AddFixedServiceId("classes/%" Pd "/functions/%s", cls.id(),
+                              encoded_name);
+    }
     return;
   }
   // Oddball functions (not known to their owner) fall back to use the object
@@ -356,8 +370,15 @@ void Field::PrintJSONImpl(JSONStream* stream, bool ref) const {
   String& field_name = String::Handle(name());
   const char* encoded_field_name = String::EncodeIRI(field_name);
   AddCommonObjectProperties(&jsobj, "Field", ref);
-  jsobj.AddFixedServiceId("classes/%" Pd "/fields/%s", cls.id(),
-                          encoded_field_name);
+  if (cls.IsTopLevel()) {
+    const auto& library = Library::Handle(cls.library());
+    const auto& private_key = String::Handle(library.private_key());
+    jsobj.AddFixedServiceId("libraries/%s/fields/%s", private_key.ToCString(),
+                            encoded_field_name);
+  } else {
+    jsobj.AddFixedServiceId("classes/%" Pd "/fields/%s", cls.id(),
+                            encoded_field_name);
+  }
 
   const char* user_name = UserVisibleNameCString();
   const String& vm_name = String::Handle(name());
diff --git a/runtime/vm/service.cc b/runtime/vm/service.cc
@@ -1697,6 +1697,84 @@ static ObjectPtr LookupObjectId(Thread* thread,
   return ring->GetObjectForId(id, kind);
 }
 
+static ObjectPtr LookupClassMembers(Thread* thread,
+                                    const Class& klass,
+                                    char** parts,
+                                    int num_parts) {
+  auto isolate = thread->isolate();
+  auto zone = thread->zone();
+
+  if (num_parts != 4) {
+    return Object::sentinel().raw();
+  }
+
+  const char* encoded_id = parts[3];
+  auto& id = String::Handle(String::New(encoded_id));
+  id = String::DecodeIRI(id);
+  if (id.IsNull()) {
+    return Object::sentinel().raw();
+  }
+
+  if (strcmp(parts[2], "fields") == 0) {
+    // Field ids look like: "classes/17/fields/name"
+    const auto& field = Field::Handle(klass.LookupField(id));
+    if (field.IsNull()) {
+      return Object::sentinel().raw();
+    }
+    return field.raw();
+  }
+  if (strcmp(parts[2], "functions") == 0) {
+    // Function ids look like: "classes/17/functions/name"
+    const auto& function = Function::Handle(klass.LookupFunction(id));
+    if (function.IsNull()) {
+      return Object::sentinel().raw();
+    }
+    return function.raw();
+  }
+  if (strcmp(parts[2], "implicit_closures") == 0) {
+    // Function ids look like: "classes/17/implicit_closures/11"
+    intptr_t id;
+    if (!GetIntegerId(parts[3], &id)) {
+      return Object::sentinel().raw();
+    }
+    const auto& func =
+        Function::Handle(zone, klass.ImplicitClosureFunctionFromIndex(id));
+    if (func.IsNull()) {
+      return Object::sentinel().raw();
+    }
+    return func.raw();
+  }
+  if (strcmp(parts[2], "dispatchers") == 0) {
+    // Dispatcher Function ids look like: "classes/17/dispatchers/11"
+    intptr_t id;
+    if (!GetIntegerId(parts[3], &id)) {
+      return Object::sentinel().raw();
+    }
+    const auto& func =
+        Function::Handle(zone, klass.InvocationDispatcherFunctionFromIndex(id));
+    if (func.IsNull()) {
+      return Object::sentinel().raw();
+    }
+    return func.raw();
+  }
+  if (strcmp(parts[2], "closures") == 0) {
+    // Closure ids look like: "classes/17/closures/11"
+    intptr_t id;
+    if (!GetIntegerId(parts[3], &id)) {
+      return Object::sentinel().raw();
+    }
+    Function& func = Function::Handle(zone);
+    func = isolate->ClosureFunctionFromIndex(id);
+    if (func.IsNull()) {
+      return Object::sentinel().raw();
+    }
+    return func.raw();
+  }
+
+  UNREACHABLE();
+  return Object::sentinel().raw();
+}
+
 static ObjectPtr LookupHeapObjectLibraries(Isolate* isolate,
                                            char** parts,
                                            int num_parts) {
@@ -1724,9 +1802,30 @@ static ObjectPtr LookupHeapObjectLibraries(Isolate* isolate,
   if (!lib_found) {
     return Object::sentinel().raw();
   }
+
+  const auto& klass = Class::Handle(lib.toplevel_class());
+  ASSERT(!klass.IsNull());
+
   if (num_parts == 2) {
     return lib.raw();
   }
+  if (strcmp(parts[2], "fields") == 0) {
+    // Library field ids look like: "libraries/17/fields/name"
+    return LookupClassMembers(Thread::Current(), klass, parts, num_parts);
+  }
+  if (strcmp(parts[2], "functions") == 0) {
+    // Library function ids look like: "libraries/17/functions/name"
+    return LookupClassMembers(Thread::Current(), klass, parts, num_parts);
+  }
+  if (strcmp(parts[2], "closures") == 0) {
+    // Library function ids look like: "libraries/17/closures/name"
+    return LookupClassMembers(Thread::Current(), klass, parts, num_parts);
+  }
+  if (strcmp(parts[2], "implicit_closures") == 0) {
+    // Library function ids look like: "libraries/17/implicit_closures/name"
+    return LookupClassMembers(Thread::Current(), klass, parts, num_parts);
+  }
+
   if (strcmp(parts[2], "scripts") == 0) {
     // Script ids look like "libraries/35/scripts/library%2Furl.dart/12345"
     if (num_parts != 5) {
@@ -1783,86 +1882,19 @@ static ObjectPtr LookupHeapObjectClasses(Thread* thread,
   }
   if (strcmp(parts[2], "closures") == 0) {
     // Closure ids look like: "classes/17/closures/11"
-    if (num_parts != 4) {
-      return Object::sentinel().raw();
-    }
-    intptr_t id;
-    if (!GetIntegerId(parts[3], &id)) {
-      return Object::sentinel().raw();
-    }
-    Function& func = Function::Handle(zone);
-    func = isolate->ClosureFunctionFromIndex(id);
-    if (func.IsNull()) {
-      return Object::sentinel().raw();
-    }
-    return func.raw();
-
+    return LookupClassMembers(thread, cls, parts, num_parts);
   } else if (strcmp(parts[2], "fields") == 0) {
     // Field ids look like: "classes/17/fields/name"
-    if (num_parts != 4) {
-      return Object::sentinel().raw();
-    }
-    const char* encoded_id = parts[3];
-    String& id = String::Handle(zone, String::New(encoded_id));
-    id = String::DecodeIRI(id);
-    if (id.IsNull()) {
-      return Object::sentinel().raw();
-    }
-    Field& field = Field::Handle(zone, cls.LookupField(id));
-    if (field.IsNull()) {
-      return Object::sentinel().raw();
-    }
-    return field.raw();
-
+    return LookupClassMembers(thread, cls, parts, num_parts);
   } else if (strcmp(parts[2], "functions") == 0) {
     // Function ids look like: "classes/17/functions/name"
-    if (num_parts != 4) {
-      return Object::sentinel().raw();
-    }
-    const char* encoded_id = parts[3];
-    String& id = String::Handle(zone, String::New(encoded_id));
-    id = String::DecodeIRI(id);
-    if (id.IsNull()) {
-      return Object::sentinel().raw();
-    }
-    Function& func = Function::Handle(zone, cls.LookupFunction(id));
-    if (func.IsNull()) {
-      return Object::sentinel().raw();
-    }
-    return func.raw();
-
+    return LookupClassMembers(thread, cls, parts, num_parts);
   } else if (strcmp(parts[2], "implicit_closures") == 0) {
     // Function ids look like: "classes/17/implicit_closures/11"
-    if (num_parts != 4) {
-      return Object::sentinel().raw();
-    }
-    intptr_t id;
-    if (!GetIntegerId(parts[3], &id)) {
-      return Object::sentinel().raw();
-    }
-    Function& func = Function::Handle(zone);
-    func = cls.ImplicitClosureFunctionFromIndex(id);
-    if (func.IsNull()) {
-      return Object::sentinel().raw();
-    }
-    return func.raw();
-
+    return LookupClassMembers(thread, cls, parts, num_parts);
   } else if (strcmp(parts[2], "dispatchers") == 0) {
     // Dispatcher Function ids look like: "classes/17/dispatchers/11"
-    if (num_parts != 4) {
-      return Object::sentinel().raw();
-    }
-    intptr_t id;
-    if (!GetIntegerId(parts[3], &id)) {
-      return Object::sentinel().raw();
-    }
-    Function& func = Function::Handle(zone);
-    func = cls.InvocationDispatcherFunctionFromIndex(id);
-    if (func.IsNull()) {
-      return Object::sentinel().raw();
-    }
-    return func.raw();
-
+    return LookupClassMembers(thread, cls, parts, num_parts);
   } else if (strcmp(parts[2], "types") == 0) {
     // Type ids look like: "classes/17/types/11"
     if (num_parts != 4) {
@@ -2707,7 +2739,8 @@ static bool BuildExpressionEvaluationScope(Thread* thread, JSONStream* js) {
         cls = instance.clazz();
         isStatic = false;
       }
-      if (cls.id() < kInstanceCid || cls.id() == kTypeArgumentsCid) {
+      if (!cls.IsTopLevel() &&
+          (cls.id() < kInstanceCid || cls.id() == kTypeArgumentsCid)) {
         js->PrintError(
             kInvalidParams,
             "Expressions can be evaluated only with regular Dart instances");
