Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(224)

Issue 14042005: Heap-use-after-free in WebCore::AudioNodeOutput::pull (Closed)

Created:
7 years, 8 months ago by xingnan.wang
Modified:
7 years, 8 months ago
Reviewers:
Chris Rogers
CC:
blink-reviews, jeez
Base URL:
https://chromium.googlesource.com/chromium/blink.git@master
Visibility:
Public.

Description

Heap-use-after-free in WebCore::AudioNodeOutput::pull BUG=179522 Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=149041

Patch Set 1 #

Total comments: 1

Patch Set 2 : #

Total comments: 6

Patch Set 3 : #

Patch Set 4 : #

Patch Set 5 : rebase #

Patch Set 6 : rebase #

Patch Set 7 : #

Patch Set 8 : #

Patch Set 9 : rebase again #

Patch Set 10 : rebase one last time before landing #

Unified diffs Side-by-side diffs Delta from patch set Stats (+76 lines, -84 lines) Patch
M Source/Platform/chromium/public/WebAudioBus.h View 1 2 3 4 5 2 chunks +2 lines, -2 lines 0 comments Download
M Source/core/platform/audio/AudioBus.h View 1 2 3 4 4 chunks +6 lines, -5 lines 0 comments Download
M Source/core/platform/audio/AudioBus.cpp View 1 2 3 4 8 chunks +16 lines, -16 lines 0 comments Download
M Source/core/platform/audio/AudioFileReader.h View 1 2 3 4 2 chunks +4 lines, -4 lines 0 comments Download
M Source/core/platform/audio/AudioResampler.h View 1 2 3 4 1 chunk +1 line, -1 line 0 comments Download
M Source/core/platform/audio/AudioResampler.cpp View 1 2 3 4 3 chunks +3 lines, -3 lines 0 comments Download
M Source/core/platform/audio/HRTFElevation.cpp View 1 2 3 4 5 6 7 8 1 chunk +1 line, -1 line 0 comments Download
M Source/core/platform/audio/MultiChannelResampler.cpp View 1 2 3 4 2 chunks +2 lines, -2 lines 0 comments Download
M Source/core/platform/audio/Reverb.h View 1 2 3 4 1 chunk +1 line, -1 line 0 comments Download
M Source/core/platform/audio/Reverb.cpp View 1 2 3 4 1 chunk +1 line, -1 line 0 comments Download
M Source/core/platform/audio/chromium/AudioBusChromium.cpp View 1 2 3 4 1 chunk +11 lines, -12 lines 0 comments Download
M Source/core/platform/chromium/support/WebAudioBus.cpp View 1 2 3 4 5 6 7 2 chunks +9 lines, -7 lines 0 comments Download
M Source/modules/webaudio/AudioBuffer.cpp View 1 2 3 4 5 6 7 8 9 2 chunks +1 line, -2 lines 0 comments Download
M Source/modules/webaudio/AudioNodeInput.h View 1 2 3 4 5 6 7 8 9 1 chunk +1 line, -1 line 0 comments Download
M Source/modules/webaudio/AudioNodeInput.cpp View 1 2 3 4 5 6 7 8 9 2 chunks +2 lines, -2 lines 0 comments Download
M Source/modules/webaudio/AudioNodeOutput.h View 1 2 3 4 5 6 7 8 9 2 chunks +6 lines, -7 lines 0 comments Download
M Source/modules/webaudio/AudioNodeOutput.cpp View 1 2 3 4 5 6 7 8 9 3 chunks +7 lines, -15 lines 0 comments Download
M Source/modules/webaudio/OfflineAudioDestinationNode.h View 1 2 3 4 5 6 7 8 9 1 chunk +1 line, -1 line 0 comments Download
M Source/modules/webaudio/OfflineAudioDestinationNode.cpp View 1 2 3 4 5 6 7 8 9 1 chunk +1 line, -1 line 0 comments Download

Messages

Total messages: 26 (0 generated)
xingnan.wang
Chris, I would like to move the fix from WebKit to blink, please help continue ...
7 years, 8 months ago (2013-04-15 08:19:03 UTC) #1
Chris Rogers
Xingnam, thanks for looking at this. You need to go through the entire source tree ...
7 years, 8 months ago (2013-04-15 19:40:03 UTC) #2
xingnan.wang
Done. On 2013/04/15 19:40:03, Chris Rogers wrote: > Xingnam, thanks for looking at this. > ...
7 years, 8 months ago (2013-04-16 07:36:00 UTC) #3
Chris Rogers
https://codereview.chromium.org/14042005/diff/7001/Source/WebCore/platform/audio/AudioBus.cpp File Source/WebCore/platform/audio/AudioBus.cpp (right): https://codereview.chromium.org/14042005/diff/7001/Source/WebCore/platform/audio/AudioBus.cpp#newcode186 Source/WebCore/platform/audio/AudioBus.cpp:186: return audioBus.release(); We don't want to call release() anymore ...
7 years, 8 months ago (2013-04-16 20:11:50 UTC) #4
xingnan.wang
Done, thanks. On 2013/04/16 20:11:50, Chris Rogers wrote: > https://codereview.chromium.org/14042005/diff/7001/Source/WebCore/platform/audio/AudioBus.cpp > File Source/WebCore/platform/audio/AudioBus.cpp (right): > ...
7 years, 8 months ago (2013-04-17 05:07:59 UTC) #5
Chris Rogers
lgtm Thanks Xingnan, this looks right! Do you know how to use "git-cl try" to ...
7 years, 8 months ago (2013-04-18 21:19:12 UTC) #6
Wei James(wistoch)
On 2013/04/18 21:19:12, Chris Rogers wrote: > lgtm > > Thanks Xingnan, this looks right! ...
7 years, 8 months ago (2013-04-19 00:41:34 UTC) #7
James Wei
as Blink has renamed some folders, Xingnan will rebase this patch based on the latest ...
7 years, 8 months ago (2013-04-19 04:45:31 UTC) #8
xingnan.wang
Done. On 2013/04/19 04:45:31, James Wei wrote: > as Blink has renamed some folders, Xingnan ...
7 years, 8 months ago (2013-04-19 07:29:16 UTC) #9
commit-bot: I haz the power
No LGTM from a valid reviewer yet. Only full committers are accepted. Even if an ...
7 years, 8 months ago (2013-04-19 22:37:45 UTC) #10
inferno
On 2013/04/19 22:37:45, I haz the power (commit-bot) wrote: > No LGTM from a valid ...
7 years, 8 months ago (2013-04-19 22:38:46 UTC) #11
jamesr
On 2013/04/19 22:38:46, inferno wrote: > On 2013/04/19 22:37:45, I haz the power (commit-bot) wrote: ...
7 years, 8 months ago (2013-04-19 22:45:23 UTC) #12
jamesr
lgtm for the Platform/chromium/public/ change
7 years, 8 months ago (2013-04-19 22:46:46 UTC) #13
Chris Rogers
Hmmm, Dirk told me that a google.com account was fine.
7 years, 8 months ago (2013-04-19 22:46:51 UTC) #14
jamesr
On 2013/04/19 22:46:51, Chris Rogers wrote: > Hmmm, Dirk told me that a http://google.com account ...
7 years, 8 months ago (2013-04-19 22:51:21 UTC) #15
Dirk Pranke
On 2013/04/19 22:51:21, jamesr wrote: > On 2013/04/19 22:46:51, Chris Rogers wrote: > > Hmmm, ...
7 years, 8 months ago (2013-04-19 23:11:31 UTC) #16
Dirk Pranke
On 2013/04/19 23:11:31, Dirk Pranke wrote: > On 2013/04/19 22:51:21, jamesr wrote: > > On ...
7 years, 8 months ago (2013-04-19 23:23:40 UTC) #17
James Wei
Found build error for Android, on which Web Audio not enabled. xingnan will fix it ...
7 years, 8 months ago (2013-04-21 09:24:32 UTC) #18
inferno
On 2013/04/21 09:24:32, James Wei wrote: > Found build error for Android, on which Web ...
7 years, 8 months ago (2013-04-22 17:20:22 UTC) #19
James Wei
On 2013/04/22 17:20:22, inferno wrote: > On 2013/04/21 09:24:32, James Wei wrote: > > Found ...
7 years, 8 months ago (2013-04-23 00:52:40 UTC) #20
xingnan.wang
We tried many times on the try-bots but failed with many strange errors not related ...
7 years, 8 months ago (2013-04-24 03:32:25 UTC) #21
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/xingnan.wang@intel.com/14042005/63001
7 years, 8 months ago (2013-04-24 18:25:17 UTC) #22
commit-bot: I haz the power
Failed to apply patch for Source/modules/webaudio/AudioBuffer.cpp: While running patch -p1 --forward --force --no-backup-if-mismatch; patching file ...
7 years, 8 months ago (2013-04-24 18:25:21 UTC) #23
inferno
On 2013/04/24 03:32:25, xingnan.wang wrote: > We tried many times on the try-bots but failed ...
7 years, 8 months ago (2013-04-24 18:26:37 UTC) #24
Chris Rogers
Committed patchset #10 manually as r149041.
7 years, 8 months ago (2013-04-24 21:28:17 UTC) #25
pdr.
7 years, 8 months ago (2013-04-24 22:18:58 UTC) #26
Message was sent while issue was closed.
I don't think this change description was detailed enough. Please use better
messages so we can remember what was going on when we come back to this code a
year from now.

Powered by Google App Engine
This is Rietveld 408576698