Issue 2531253002: Fix a potential null deref in XSSAuditorDelegate.

Issue 2531253002: Fix a potential null deref in XSSAuditorDelegate. (Closed)

Created:
4 years ago by Mike West

Modified:
4 years ago

Reviewers:
Tom Sepez

CC:
blink-reviews, blink-reviews-html_chromium.org, chromium-reviews, dglazkov+blink, kinuko+watch, loading-reviews+parser_chromium.org

Target Ref:
refs/pending/heads/master

Project:
chromium

Visibility:
Public.

More Reviews

Description

Fix a potential null deref in XSSAuditorDelegate. The ASAN bots say this causes a crash; I can't replicate it locally, but I believe that the combination of `document.write` and synchronous `javascript:` URL navigation could cause the auditor to trigger while the document is detaching. This patch adds a small check. BUG=668772 Committed: https://crrev.com/1d7a2e8d1b446d3ec4b55932d623e1ffe933fd47 Cr-Commit-Position: refs/heads/master@{#434927}

Patch Set 1 #

Created: 4 years ago

Download [raw] [tar.bz2]

		Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+1 line, -1 line)			Patch
	M	third_party/WebKit/Source/core/html/parser/XSSAuditorDelegate.cpp	View		1 chunk	+1 line, -1 line	0 comments	Download

Messages

Total messages: 9 (4 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2531253002/1

4 years ago (2016-11-29 06:26:55 UTC) #5

commit-bot: I haz the power

4 years ago (2016-11-29 07:49:37 UTC) #9

Message was sent while issue was closed.

Patchset 1 (id:??) landed as
https://crrev.com/1d7a2e8d1b446d3ec4b55932d623e1ffe933fd47
Cr-Commit-Position: refs/heads/master@{#434927}

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages