Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(890)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/extensions/api/debugger/debugger_api.cc

Issue 910053002: Validate debuggee.targetId before use in chrome.debugger (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | chrome/browser/extensions/api/debugger/debugger_apitest.cc » ('j') | chrome/browser/extensions/api/debugger/debugger_apitest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/extensions/api/debugger/debugger_api.cc
diff --git a/chrome/browser/extensions/api/debugger/debugger_api.cc b/chrome/browser/extensions/api/debugger/debugger_api.cc
index f927fcb3545f25721ea8c71a591f9a133f7161e7..4dc711f3b8d53ebcfaad7c1e536db4fd2e1c273f 100644
--- a/chrome/browser/extensions/api/debugger/debugger_api.cc
+++ b/chrome/browser/extensions/api/debugger/debugger_api.cc
@@ -529,6 +529,15 @@ bool DebuggerFunction::InitAgentHost() {
}
} else if (debuggee_.target_id) {
agent_host_ = DevToolsAgentHost::GetForId(*debuggee_.target_id);
+ if (agent_host_.get()) {
+ if (PermissionsData::IsRestrictedUrl(agent_host_->GetURL(),
Devlin 2015/02/09 23:11:22 I'm a little worried about race conditions here, i
robwu 2015/02/10 12:56:31 Isn't the IsValidSchemeForExtensions check in Perm
Devlin 2015/02/10 17:14:42 Yeah, that'd probably work. Nevermind.
+ agent_host_->GetURL(),
+ extension(),
+ &error_)) {
+ agent_host_ = NULL;
Devlin 2015/02/09 23:11:22 nit: prefer nullptr now.
robwu 2015/02/10 12:56:31 Done, but the rest of the file still uses NULL (sh
Devlin 2015/02/10 17:14:42 The rule for nullptr is pretty much just "prefer n
+ return false;
+ }
+ }
} else {
error_ = keys::kInvalidTargetError;
return false;
« no previous file with comments | « no previous file | chrome/browser/extensions/api/debugger/debugger_apitest.cc » ('j') | chrome/browser/extensions/api/debugger/debugger_apitest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698