DescriptionSimple Cache: validate lengths before allocations.
This bug was most unfortunate. A corrupt entry could cause Chrome to
crash when opening it, without removing the entry. Not a good loop to
be in. Now we are much more careful with casts around the data coming
from disk to confirm sanity before proceeding.
R=juliatuttle@chromium.org
BUG=541720
Committed: https://crrev.com/bf840cc6c21c5a5b6e95d120e5493e0a7eb61498
Cr-Commit-Position: refs/heads/master@{#408134}
Patch Set 1 #
Total comments: 4
Patch Set 2 : remediate #
Messages
Total messages: 19 (8 generated)
|