Issue 890683002: Fix buffer overflow due to unbounded strlen over a non-null terminated string. Detected by asan.

Issue 890683002: Fix buffer overflow due to unbounded strlen over a non-null terminated string. Detected by asan. (Closed)

Created:
5 years, 10 months ago by Kevin M

Modified:
5 years, 10 months ago

Reviewers:
mark a. foltz, vadimgo

CC:
chromium-reviews, chromium-apps-reviews_chromium.org, extensions-reviews_chromium.org

Base URL:
https://chromium.googlesource.com/chromium/src.git@master

Target Ref:
refs/pending/heads/master

Project:
chromium

Visibility:
Public.

More Reviews

Description

Fix buffer overflow due to unbounded strlen over the non-null terminated audio policy string. Caught by asan. BUG= Committed: https://crrev.com/e6b0fbf6516ff2731f4f55f1bbbc1e920d6f124a Cr-Commit-Position: refs/heads/master@{#314019}

Patch Set 1 #

Total comments: 6

Patch Set 2 : Code review feedback. #

Total comments: 2

Patch Set 3 : Code review feedback. #

Created: 5 years, 10 months ago

Download [raw] [tar.bz2]

		Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+5 lines, -2 lines)			Patch
	M	extensions/browser/api/cast_channel/cast_auth_util.cc	View	1 2	1 chunk	+5 lines, -2 lines	0 comments	Download

Messages

Total messages: 12 (2 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

mark a. foltz

https://codereview.chromium.org/890683002/diff/1/extensions/browser/api/cast_channel/cast_auth_util.cc File extensions/browser/api/cast_channel/cast_auth_util.cc (right): https://codereview.chromium.org/890683002/diff/1/extensions/browser/api/cast_channel/cast_auth_util.cc#newcode23 extensions/browser/api/cast_channel/cast_auth_util.cc:23: const char kAudioOnlyPolicy[] = This has to remain unsigned ...

5 years, 10 months ago (2015-01-29 19:43:08 UTC) #3

Kevin M

5 years, 10 months ago (2015-01-30 00:11:10 UTC) #4

mark a. foltz

lgtm with one nit https://codereview.chromium.org/890683002/diff/20001/extensions/browser/api/cast_channel/cast_auth_util.cc File extensions/browser/api/cast_channel/cast_auth_util.cc (right): https://codereview.chromium.org/890683002/diff/20001/extensions/browser/api/cast_channel/cast_auth_util.cc#newcode140 extensions/browser/api/cast_channel/cast_auth_util.cc:140: std::string audio_policy = const std::string&

5 years, 10 months ago (2015-01-30 00:22:42 UTC) #6

Kevin M

https://codereview.chromium.org/890683002/diff/20001/extensions/browser/api/cast_channel/cast_auth_util.cc File extensions/browser/api/cast_channel/cast_auth_util.cc (right): https://codereview.chromium.org/890683002/diff/20001/extensions/browser/api/cast_channel/cast_auth_util.cc#newcode140 extensions/browser/api/cast_channel/cast_auth_util.cc:140: std::string audio_policy = On 2015/01/30 00:22:42, mark a. foltz ...

5 years, 10 months ago (2015-01-30 22:15:47 UTC) #7

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/890683002/40001

5 years, 10 months ago (2015-01-30 22:17:20 UTC) #9

mark a. foltz

On 2015/01/30 22:15:47, Kevin M wrote: > https://codereview.chromium.org/890683002/diff/20001/extensions/browser/api/cast_channel/cast_auth_util.cc > File extensions/browser/api/cast_channel/cast_auth_util.cc (right): > > https://codereview.chromium.org/890683002/diff/20001/extensions/browser/api/cast_channel/cast_auth_util.cc#newcode140 ...

5 years, 10 months ago (2015-01-30 23:07:07 UTC) #11

commit-bot: I haz the power

5 years, 10 months ago (2015-01-30 23:07:56 UTC) #12

Message was sent while issue was closed.

Patchset 3 (id:??) landed as
https://crrev.com/e6b0fbf6516ff2731f4f55f1bbbc1e920d6f124a
Cr-Commit-Position: refs/heads/master@{#314019}

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages