Chromium Code Reviews Chromium Code Reviews
Issue 1317443002:
Fix UAF in Origin Info Bubble and permission settings UI. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/views/website_settings/website_settings_popup_view.h " | 5 #include "chrome/browser/ui/views/website_settings/website_settings_popup_view.h " |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/strings/string_number_conversions.h" | 9 #include "base/strings/string_number_conversions.h" |
| 10 #include "base/strings/utf_string_conversions.h" | 10 #include "base/strings/utf_string_conversions.h" |
| (...skipping 296 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 307 return is_popup_showing; | 307 return is_popup_showing; |
| 308 } | 308 } |
| 309 | 309 |
| 310 WebsiteSettingsPopupView::WebsiteSettingsPopupView( | 310 WebsiteSettingsPopupView::WebsiteSettingsPopupView( |
| 311 views::View* anchor_view, | 311 views::View* anchor_view, |
| 312 gfx::NativeView parent_window, | 312 gfx::NativeView parent_window, |
| 313 Profile* profile, | 313 Profile* profile, |
| 314 content::WebContents* web_contents, | 314 content::WebContents* web_contents, |
| 315 const GURL& url, | 315 const GURL& url, |
| 316 const content::SSLStatus& ssl) | 316 const content::SSLStatus& ssl) |
| 317 : BubbleDelegateView(anchor_view, views::BubbleBorder::TOP_LEFT), | 317 : content::WebContentsObserver(web_contents), |
| 318 BubbleDelegateView(anchor_view, views::BubbleBorder::TOP_LEFT), | |
| 318 web_contents_(web_contents), | 319 web_contents_(web_contents), |
| 319 header_(nullptr), | 320 header_(nullptr), |
| 320 tabbed_pane_(nullptr), | 321 tabbed_pane_(nullptr), |
| 321 permissions_tab_(nullptr), | 322 permissions_tab_(nullptr), |
| 322 site_data_content_(nullptr), | 323 site_data_content_(nullptr), |
| 323 cookie_dialog_link_(nullptr), | 324 cookie_dialog_link_(nullptr), |
| 324 permissions_content_(nullptr), | 325 permissions_content_(nullptr), |
| 325 connection_tab_(nullptr), | 326 connection_tab_(nullptr), |
| 326 identity_info_content_(nullptr), | 327 identity_info_content_(nullptr), |
| 327 certificate_dialog_link_(nullptr), | 328 certificate_dialog_link_(nullptr), |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 379 | 380 |
| 380 views::BubbleDelegateView::CreateBubble(this); | 381 views::BubbleDelegateView::CreateBubble(this); |
| 381 | 382 |
| 382 presenter_.reset(new WebsiteSettings( | 383 presenter_.reset(new WebsiteSettings( |
| 383 this, profile, | 384 this, profile, |
| 384 TabSpecificContentSettings::FromWebContents(web_contents), | 385 TabSpecificContentSettings::FromWebContents(web_contents), |
| 385 InfoBarService::FromWebContents(web_contents), url, ssl, | 386 InfoBarService::FromWebContents(web_contents), url, ssl, |
| 386 content::CertStore::GetInstance())); | 387 content::CertStore::GetInstance())); |
| 387 } | 388 } |
| 388 | 389 |
| 390 void WebsiteSettingsPopupView::RenderFrameDeleted( | |
|
felt
2015/08/25 18:20:08
In addition to fixing the UAF, will this also fix
| |
| 391 content::RenderFrameHost* render_frame_host) { | |
| 392 if (render_frame_host == web_contents_->GetMainFrame()) { | |
| 393 presenter_->DoNotShowInfoBar(); | |
| 394 GetWidget()->Close(); | |
| 395 } | |
| 396 } | |
| 397 | |
| 389 void WebsiteSettingsPopupView::OnPermissionChanged( | 398 void WebsiteSettingsPopupView::OnPermissionChanged( |
| 390 const WebsiteSettingsUI::PermissionInfo& permission) { | 399 const WebsiteSettingsUI::PermissionInfo& permission) { |
| 391 presenter_->OnSitePermissionChanged(permission.type, permission.setting); | 400 presenter_->OnSitePermissionChanged(permission.type, permission.setting); |
| 392 } | 401 } |
| 393 | 402 |
| 394 void WebsiteSettingsPopupView::OnWidgetDestroying(views::Widget* widget) { | 403 void WebsiteSettingsPopupView::OnWidgetDestroying(views::Widget* widget) { |
| 395 is_popup_showing = false; | 404 is_popup_showing = false; |
| 396 presenter_->OnUIClosing(); | 405 presenter_->OnUIClosing(); |
| 397 } | 406 } |
| 398 | 407 |
| (...skipping 425 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 824 // desktop we should link to that here, too. | 833 // desktop we should link to that here, too. |
| 825 web_contents_->OpenURL(content::OpenURLParams( | 834 web_contents_->OpenURL(content::OpenURLParams( |
| 826 GURL(chrome::kChromeUIContentSettingsURL), content::Referrer(), | 835 GURL(chrome::kChromeUIContentSettingsURL), content::Referrer(), |
| 827 NEW_FOREGROUND_TAB, ui::PAGE_TRANSITION_LINK, false)); | 836 NEW_FOREGROUND_TAB, ui::PAGE_TRANSITION_LINK, false)); |
| 828 presenter_->RecordWebsiteSettingsAction( | 837 presenter_->RecordWebsiteSettingsAction( |
| 829 WebsiteSettings::WEBSITE_SETTINGS_SITE_SETTINGS_OPENED); | 838 WebsiteSettings::WEBSITE_SETTINGS_SITE_SETTINGS_OPENED); |
| 830 } else { | 839 } else { |
| 831 NOTREACHED(); | 840 NOTREACHED(); |
| 832 } | 841 } |
| 833 } | 842 } |
| OLD | NEW |
