Security: Crash in content_settings::ContentSettingsPref::SetWebsiteSetting
Reported by
chromium...@gmail.com,
Jul 4 2016
|
|||
Issue descriptionVERSION Chrome Version: 54.0.2787.0 canary (64-bit) Operating System: Windows 7 REPRODUCTION CASE 1. Navigate to chrome://md-settings/siteSettings/all 2. Click on "Add site exception" and enter anything in the field 3. Click on "Add" >> Crash!! FOR CRASHES, PLEASE INCLUDE THE FOLLOWING ADDITIONAL INFORMATION rax=baadf00dbaadf00d rbx=0000000000000004 rcx=baadf00dbaadf00d rdx=000000000030b1f0 rsi=000000000030b350 rdi=0000000007e00700 rip=000007fedfec97b0 rsp=000000000030add0 rbp=000000000030b1a8 r8=000000000030b350 r9=000000000030b1a8 r10=000000000000000e r11=000000000030a908 r12=baadf00dbaadf045 r13=000000000b40c090 r14=000000000030b1f0 r15=0000000007e22600 iopl=0 nv up ei pl zr na po nc cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010246 chrome_7fedf2f0000!content_settings::ContentSettingsPref::SetWebsiteSetting+0x18: 000007fe`dfec97b0 80792000 cmp byte ptr [rcx+20h],0 ds:baadf00d`baadf02d=?? 0:000> k Child-SP RetAddr Call Site 00000000`0030add0 000007fe`dfec6817 chrome_7fedf2f0000!content_settings::ContentSettingsPref::SetWebsiteSetting+0x18 [c:\b\build\slave\win64\build\src\components\content_settings\core\browser\content_settings_pref.cc @ 113] 00000000`0030ae50 000007fe`dfebd5bd chrome_7fedf2f0000!content_settings::PrefProvider::SetWebsiteSetting+0xf3 [c:\b\build\slave\win64\build\src\components\content_settings\core\browser\content_settings_pref_provider.cc @ 150] 00000000`0030b050 000007fe`dfebd9e1 chrome_7fedf2f0000!HostContentSettingsMap::SetWebsiteSettingCustomScope+0x61 [c:\b\build\slave\win64\build\src\components\content_settings\core\browser\host_content_settings_map.cc @ 359] 00000000`0030b0b0 000007fe`e0ed0636 chrome_7fedf2f0000!HostContentSettingsMap::SetContentSettingCustomScope+0xb1 [c:\b\build\slave\win64\build\src\components\content_settings\core\browser\host_content_settings_map.cc @ 435] 00000000`0030b110 000007fe`dfd8ba94 chrome_7fedf2f0000!settings::SiteSettingsHandler::HandleSetCategoryPermissionForOrigin+0x23a [c:\b\build\slave\win64\build\src\chrome\browser\ui\webui\settings\site_settings_handler.cc @ 278] 00000000`0030b440 000007fe`dfd8b1cc chrome_7fedf2f0000!content::WebUIImpl::ProcessWebUIMessage+0x94 [c:\b\build\slave\win64\build\src\content\browser\webui\web_ui_impl.cc @ 258] 00000000`0030b480 000007fe`dfd8bf65 chrome_7fedf2f0000!content::WebUIImpl::OnWebUISend+0x90 [c:\b\build\slave\win64\build\src\content\browser\webui\web_ui_impl.cc @ 109] 00000000`0030b4d0 000007fe`dfd8b111 chrome_7fedf2f0000!IPC::MessageT<ViewHostMsg_WebUISend_Meta,std::tuple<GURL,std::basic_string<char,std::char_traits<char>,std::allocator<char> >,base::ListValue>,void>::Dispatch<content::WebUIImpl,content::WebUIImpl,void,void (__cdecl content::WebUIImpl::*)(GURL const & __ptr64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const & __ptr64,base::ListValue const & __ptr64) __ptr64>+0x191 [c:\b\build\slave\win64\build\src\ipc\ipc_message_templates.h @ 121] 00000000`0030b680 000007fe`dfc9a41e chrome_7fedf2f0000!content::WebUIImpl::OnMessageReceived+0x99 [c:\b\build\slave\win64\build\src\content\browser\webui\web_ui_impl.cc @ 91] 00000000`0030b710 000007fe`dfc4efb9 chrome_7fedf2f0000!content::WebContentsImpl::OnMessageReceived+0x5e [c:\b\build\slave\win64\build\src\content\browser\web_contents\web_contents_impl.cc @ 637] 00000000`0030c380 000007fe`dfc77e61 chrome_7fedf2f0000!content::RenderViewHostImpl::OnMessageReceived+0x89 [c:\b\build\slave\win64\build\src\content\browser\renderer_host\render_view_host_impl.cc @ 836] 00000000`0030cad0 000007fe`dfd02fc6 chrome_7fedf2f0000!content::RenderWidgetHostImpl::OnMessageReceived+0x4d [c:\b\build\slave\win64\build\src\content\browser\renderer_host\render_widget_host_impl.cc @ 443] 00000000`0030d210 000007fe`dfa9e9b8 chrome_7fedf2f0000!content::RenderProcessHostImpl::OnMessageReceived+0x56e [c:\b\build\slave\win64\build\src\content\browser\renderer_host\render_process_host_impl.cc @ 1768] 00000000`0030d540 000007fe`df48da5f chrome_7fedf2f0000!IPC::ChannelProxy::Context::OnDispatchMessage+0x28 [c:\b\build\slave\win64\build\src\ipc\ipc_channel_proxy.cc @ 285] 00000000`0030d570 000007fe`df430638 chrome_7fedf2f0000!base::debug::TaskAnnotator::RunTask+0x1ef [c:\b\build\slave\win64\build\src\base\debug\task_annotator.cc @ 53] 00000000`0030d6a0 000007fe`df4317c2 chrome_7fedf2f0000!base::MessageLoop::RunTask+0x448 [c:\b\build\slave\win64\build\src\base\message_loop\message_loop.cc @ 494] 00000000`0030e9b0 000007fe`df48e208 chrome_7fedf2f0000!base::MessageLoop::DoWork+0x582 [c:\b\build\slave\win64\build\src\base\message_loop\message_loop.cc @ 625] 00000000`0030eea0 000007fe`df48ded4 chrome_7fedf2f0000!base::MessagePumpForUI::DoRunLoop+0x78 [c:\b\build\slave\win64\build\src\base\message_loop\message_pump_win.cc @ 263] 00000000`0030ef10 000007fe`df473fc0 chrome_7fedf2f0000!base::MessagePumpWin::Run+0x54 [c:\b\build\slave\win64\build\src\base\message_loop\message_pump_win.cc @ 142] 00000000`0030ef60 000007fe`e01f24ff chrome_7fedf2f0000!base::RunLoop::Run+0x90 [c:\b\build\slave\win64\build\src\base\run_loop.cc @ 36]
,
Jul 4 2016
Hmm... thank you for your help!
,
Jul 12 2016
Finnur: could you ptal? I think it might be passing an invalid content settings type.
,
Jul 13 2016
|
|||
►
Sign in to add a comment |
|||
Comment 1 by palmer@chromium.org
, Jul 4 2016Components: UI>Settings
Labels: -Type-Bug-Security -Restrict-View-SecurityTeam OS-Chrome OS-Linux OS-Mac OS-Windows Type-Bug
Owner: bauerb@chromium.org
Status: Assigned (was: Unconfirmed)