Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(512)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 335103002: Fix a potential use-after-free after JSONReader::Read. (Closed)

Created:
6 years, 6 months ago by pneubeck (no reviews)
Modified:
6 years, 6 months ago
Reviewers:
markusheintz_
CC:
chromium-reviews, markusheintz_
Project:
chromium
Visibility:
Public.

Description

Fix a potential use-after-free after JSONReader::Read. JSONReader produces base::Value objects that share a string buffer. See comment at the JSON_DETACHABLE_CHILDREN option. Since Remove on a child node was used, this potentially lead to use-after-free. BUG=NONE Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=277772

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+9 lines, -6 lines) Patch
M chrome/browser/content_settings/content_settings_policy_provider.cc View 2 chunks +9 lines, -6 lines 0 comments Download

Messages

Total messages: 5 (0 generated)
pneubeck (no reviews)
ptal
6 years, 6 months ago (2014-06-16 09:34:21 UTC) #1
markusheintz_
LGTM Thanks a lot for catching this
6 years, 6 months ago (2014-06-17 12:26:52 UTC) #2
pneubeck (no reviews)
The CQ bit was checked by pneubeck@chromium.org
6 years, 6 months ago (2014-06-17 12:30:41 UTC) #3
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/pneubeck@chromium.org/335103002/1
6 years, 6 months ago (2014-06-17 12:31:07 UTC) #4
commit-bot: I haz the power
6 years, 6 months ago (2014-06-17 15:36:51 UTC) #5
Message was sent while issue was closed. 
Change committed as 277772

Powered by Google App Engine
This is Rietveld 408576698