chrome/browser/ui/cocoa/website_settings/website_settings_bubble_controller.mm - Issue 1317443002: Fix UAF in Origin Info Bubble and permission settings UI.

Unified Diff: chrome/browser/ui/cocoa/website_settings/website_settings_bubble_controller.mm

Issue 1317443002: Fix UAF in Origin Info Bubble and permission settings UI. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Fix another Andorid call site. Checked all call sites. Created 5 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « chrome/browser/ui/cocoa/website_settings/website_settings_bubble_controller.h ('k') | chrome/browser/ui/cocoa/website_settings/website_settings_bubble_controller_unittest.mm » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/browser/ui/cocoa/website_settings/website_settings_bubble_controller.mm

diff --git a/chrome/browser/ui/cocoa/website_settings/website_settings_bubble_controller.mm b/chrome/browser/ui/cocoa/website_settings/website_settings_bubble_controller.mm

index 4acd5db7f9d5ef071dbd6274dc0a7d799c822251..15378f2244de16ede2d7daaf0744b608103c3c8f 100644

--- a/chrome/browser/ui/cocoa/website_settings/website_settings_bubble_controller.mm

+++ b/chrome/browser/ui/cocoa/website_settings/website_settings_bubble_controller.mm

@@ -1171,9 +1171,11 @@ NSPoint AnchorPointForWindow(NSWindow* parent) {

@end

-WebsiteSettingsUIBridge::WebsiteSettingsUIBridge()

- : bubble_controller_(nil) {

+WebsiteSettingsUIBridge::WebsiteSettingsUIBridge(

+ content::WebContents* web_contents)

+ : content::WebContentsObserver(web_contents),

+ web_contents_(web_contents),

+ bubble_controller_(nil) {}

WebsiteSettingsUIBridge::~WebsiteSettingsUIBridge() {

}

@@ -1198,7 +1200,7 @@ void WebsiteSettingsUIBridge::Show(gfx::NativeWindow parent,

bool is_internal_page = InternalChromePage(url);

// Create the bridge. This will be owned by the bubble controller.

- WebsiteSettingsUIBridge* bridge = new WebsiteSettingsUIBridge();

+ WebsiteSettingsUIBridge* bridge = new WebsiteSettingsUIBridge(web_contents);

// Create the bubble controller. It will dealloc itself when it closes.

WebsiteSettingsBubbleController* bubble_controller =

@@ -1212,13 +1214,9 @@ void WebsiteSettingsUIBridge::Show(gfx::NativeWindow parent,

// Initialize the presenter, which holds the model and controls the UI.

// This is also owned by the bubble controller.

WebsiteSettings* presenter = new WebsiteSettings(

- bridge,

- profile,

- TabSpecificContentSettings::FromWebContents(web_contents),

- InfoBarService::FromWebContents(web_contents),

- url,

- ssl,

- content::CertStore::GetInstance());

+ bridge, profile,

+ TabSpecificContentSettings::FromWebContents(web_contents), web_contents,

+ url, ssl, content::CertStore::GetInstance());

[bubble_controller setPresenter:presenter];

}

@@ -1230,6 +1228,13 @@ void WebsiteSettingsUIBridge::SetIdentityInfo(

[bubble_controller_ setIdentityInfo:identity_info];

}

+void WebsiteSettingsUIBridge::RenderFrameDeleted(

+ content::RenderFrameHost* render_frame_host) {

+ if (render_frame_host == web_contents_->GetMainFrame()) {

+ [bubble_controller_ close];

+ }

void WebsiteSettingsUIBridge::SetCookieInfo(

const CookieInfoList& cookie_info_list) {

[bubble_controller_ setCookieInfo:cookie_info_list];