DescriptionSimple Cache: validate lengths before allocations.
This bug was most unfortunate. A corrupt entry could cause Chrome to
crash when opening it, without removing the entry. Not a good loop to
be in. Now we are much more careful with casts around the data coming
from disk to confirm sanity before proceeding.
R=juliatuttle@chromium.org
BUG=541720
Review-Url: https://codereview.chromium.org/2086053003
Cr-Commit-Position: refs/heads/master@{#408134}
(cherry picked from commit bf840cc6c21c5a5b6e95d120e5493e0a7eb61498)
Review URL: https://codereview.chromium.org/2176183008 .
Cr-Commit-Position: refs/branch-heads/2785@{#373}
Cr-Branched-From: 68623971be0cfc492a2cb0427d7f478e7b214c24-refs/heads/master@{#403382}
(cherry picked from commit 4cf894119c534fbf3fce69ef3d684cfc16b59fbf)
Committed: https://chromium.googlesource.com/chromium/src/+/39d229c896b809dc5cd4856a16b46ecae6a55688
Patch Set 1 #
Messages
Total messages: 2 (1 generated)
|