Bug 1059813: Protect access to fields of |UnixSocketRawData|, r=qdot

This patch adds protection for fields of |UnixSocketRawData| by
making them private.

ipc/unixsocket/SocketBase.cpp

@@ -18,17 +18,9 @@ namespace ipc {
 // UnixSocketRawData
 //
 
-UnixSocketRawData::UnixSocketRawData(size_t aSize)
-: mSize(0)
-, mCurrentWriteOffset(0)
-, mAvailableSpace(aSize)
-{
-  mData = new uint8_t[mAvailableSpace];
-}
-
 UnixSocketRawData::UnixSocketRawData(const void* aData, size_t aSize)
 : mSize(aSize)
-, mCurrentWriteOffset(0)
+, mOffset(0)
 , mAvailableSpace(aSize)
 {
   MOZ_ASSERT(aData || !mSize);
@@ -37,6 +29,14 @@ UnixSocketRawData::UnixSocketRawData(const void* aData, size_t aSize)
   memcpy(mData, aData, mSize);
 }
 
+UnixSocketRawData::UnixSocketRawData(size_t aSize)
+: mSize(0)
+, mOffset(0)
+, mAvailableSpace(aSize)
+{
+  mData = new uint8_t[mAvailableSpace];
+}
+
 ssize_t
 UnixSocketRawData::Receive(int aFd)
 {
@@ -50,7 +50,7 @@ UnixSocketRawData::Receive(int aFd)
     } else {
       memmove(mData, GetData(), GetSize());
     }
-    mCurrentWriteOffset = 0;
+    mOffset = 0;
   }
 
   ssize_t res =
@@ -193,7 +193,7 @@ SocketIOBase::~SocketIOBase()
 void
 SocketIOBase::EnqueueData(UnixSocketRawData* aData)
 {
-  if (!aData->mSize) {
+  if (!aData->GetSize()) {
     delete aData; // delete empty data immediately
     return;
   }

ipc/unixsocket/SocketBase.h

@@ -29,23 +29,16 @@ namespace ipc {
 class UnixSocketRawData
 {
 public:
-  // Number of octets in mData.
-  size_t mSize;
-  size_t mCurrentWriteOffset;
-  nsAutoArrayPtr<uint8_t> mData;
-
-  /**
-   * Constructor for situations where only size is known beforehand
-   * (for example, when being assigned strings)
-   */
-  UnixSocketRawData(size_t aSize);
-
-  /**
-   * Constructor for situations where size and data is known
-   * beforehand (for example, when being assigned strings)
+  /* This constructor copies aData of aSize bytes length into the
+   * new instance of |UnixSocketRawData|.
    */
   UnixSocketRawData(const void* aData, size_t aSize);
 
+  /* This constructor reserves aSize bytes of space. Currently
+   * it's only possible to fill this buffer by calling |Receive|.
+   */
+  UnixSocketRawData(size_t aSize);
+
   /**
    * Receives data from aFd at the end of the buffer. The returned value
    * is the number of newly received bytes, or 0 if the peer shut down
@@ -61,7 +54,7 @@ public:
 
   const uint8_t* GetData() const
   {
-    return mData + mCurrentWriteOffset;
+    return mData + mOffset;
   }
 
   size_t GetSize() const
@@ -74,18 +67,18 @@ public:
     MOZ_ASSERT(aSize <= mSize);
 
     mSize -= aSize;
-    mCurrentWriteOffset += aSize;
+    mOffset += aSize;
   }
 
 protected:
   size_t GetLeadingSpace() const
   {
-    return mCurrentWriteOffset;
+    return mOffset;
   }
 
   size_t GetTrailingSpace() const
   {
-    return mAvailableSpace - (mCurrentWriteOffset + mSize);
+    return mAvailableSpace - (mOffset + mSize);
   }
 
   size_t GetAvailableSpace() const
@@ -95,11 +88,14 @@ protected:
 
   void* GetTrailingBytes()
   {
-    return mData + mCurrentWriteOffset + mSize;
+    return mData + mOffset + mSize;
   }
 
 private:
+  size_t mSize;
+  size_t mOffset;
   size_t mAvailableSpace;
+  nsAutoArrayPtr<uint8_t> mData;
 };
 
 enum SocketConnectionStatus {