diff options
author | Takashi Toyoshima <toyoshim@chromium.org> | 2021-04-12 13:57:08 +0000 |
---|---|---|
committer | Michael BrĂ¼ning <michael.bruning@qt.io> | 2021-04-19 22:35:06 +0000 |
commit | edc86cc74b9565c7d67341bbfa6efbe1859dbb8d (patch) | |
tree | 80f2660e46d2cb851d4bd29e5c231559cea48580 /chromium/third_party/blink/renderer/platform/network | |
parent | e2170d719950d7c48d767ea09be1617a63707e24 (diff) | |
download | qtwebengine-chromium-edc86cc74b9565c7d67341bbfa6efbe1859dbb8d.tar.gz |
[Backport] CVE-2021-21213: Use after free in WebMIDI
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2817801:
Web MIDI: Add a SECURITY_CHECK to be robust for attacks and changes
In the current production code, `client_` is always set immediately
after the MIDIDispatcher construction, and there is no timing to run
SessionStarted without a valid `client_` on the same thread.
This SECURITY_CHECK just makes the code robust against attacks via
mojo injections and code changes in the future.
(cherry picked from commit 5c63f62b2d58a4fcd4acd22a18dd1f5bfd129045)
Bug: 1161806
Change-Id: Ic8a5f6e0dc70e6bb4c7cccb4d69d63fc12382c19
Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org>
Auto-Submit: Takashi Toyoshima <toyoshim@chromium.org>
Reviewed-by: Yutaka Hirano <yhirano@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#844503}
Reviewed-by: Artem Sumaneev <asumaneev@google.com>
Reviewed-by: Victor-Gabriel Savu <vsavu@google.com>
Commit-Queue: Jana Grill <janagrill@chromium.org>
Cr-Commit-Position: refs/branch-heads/4240@{#1593}
Cr-Branched-From: f297677702651916bbf65e59c0d4bbd4ce57d1ee-refs/heads/master@{#800218}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Diffstat (limited to 'chromium/third_party/blink/renderer/platform/network')
0 files changed, 0 insertions, 0 deletions