diff options
| author | Michael BrĂ¼ning <michael.bruning@qt.io> | 2019-12-03 19:03:15 +0100 |
|---|---|---|
| committer | Michael BrĂ¼ning <michael.bruning@qt.io> | 2019-12-04 21:06:04 +0000 |
| commit | a18a01d6531a06879e81f2be50b5090bb0b96c38 (patch) | |
| tree | df8126eccc6221f787d78a09d4c11f6c6790354b | |
| parent | 904fa70185f2552b12521c518d70dfdb8d963e50 (diff) | |
| download | qtwebengine-chromium-a18a01d6531a06879e81f2be50b5090bb0b96c38.tar.gz | |
[Backport] CVE-2019-5870
Manual backport.
Merge "Add more checks in MojoCdmService"
This is to prevent abnormal cases from happening.
(cherry picked from commit b7b305f3389017cc42e2cfac6e7a319f42d5bde3)
Bug: 999311
Test: Tested w/ shaka player demo and existing unit tests pass
Auto-Submit: Xiaohan Wang <xhwang@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: John Rummell <jrummell@chromium.org>
Commit-Queue: Daniel Cheng <dcheng@chromium.org>
Commit-Queue: Xiaohan Wang <xhwang@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#691911}
Cr-Commit-Position: refs/branch-heads/3865@{#688}
Cr-Branched-From: 0cdcc6158160790658d1f033d3db873603250124-refs/heads/master@{#681094}
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
Change-Id: I23d4a5c808d65d803c8cd637afe6436ca1a37117
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
| -rw-r--r-- | chromium/media/mojo/services/mojo_cdm_service.cc | 5 | ||||
| -rw-r--r-- | chromium/media/mojo/services/mojo_cdm_service.h | 1 |
2 files changed, 5 insertions, 1 deletions
diff --git a/chromium/media/mojo/services/mojo_cdm_service.cc b/chromium/media/mojo/services/mojo_cdm_service.cc index 127f35c968d..33d53c72f12 100644 --- a/chromium/media/mojo/services/mojo_cdm_service.cc +++ b/chromium/media/mojo/services/mojo_cdm_service.cc @@ -106,7 +106,9 @@ void MojoCdmService::Initialize(const std::string& key_system, mojom::CdmConfigPtr cdm_config, const InitializeCallback& callback) { DVLOG(1) << __FUNCTION__ << ": " << key_system; - DCHECK(!cdm_); + + CHECK(!has_initialize_been_called_) << "Initialize should only happen once"; + has_initialize_been_called_ = true; auto weak_this = weak_factory_.GetWeakPtr(); cdm_factory_->Create( @@ -188,6 +190,7 @@ void MojoCdmService::OnCdmCreated(const InitializeCallback& callback, return; } + CHECK(!cdm_) << "CDM should only be created once."; cdm_ = cdm; cdm_id_ = next_cdm_id_++; diff --git a/chromium/media/mojo/services/mojo_cdm_service.h b/chromium/media/mojo/services/mojo_cdm_service.h index e69ee63dad4..2ec344ff999 100644 --- a/chromium/media/mojo/services/mojo_cdm_service.h +++ b/chromium/media/mojo/services/mojo_cdm_service.h @@ -103,6 +103,7 @@ class MEDIA_MOJO_EXPORT MojoCdmService base::WeakPtr<MojoCdmServiceContext> context_; + bool has_initialize_been_called_ = false; CdmFactory* cdm_factory_; scoped_refptr<MediaKeys> cdm_; |