Terminate renderers that send invalid Blimp Mojo requests to the browser process |
||||
Issue descriptionWe should work out how to make the browser process turn invalid input errors into renderer teardowns, since they indicate the renderer violating the protocol. (From https://codereview.chromium.org/2033013003/diff/240001/blimp/engine/mojo/blob_channel_service.cc)
,
Nov 15 2016
kmarshall to check what the recommended mechanism is for this.
,
Nov 19 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/2de9572364f3e2b29aad7837ec0d36651464a1f7 commit 2de9572364f3e2b29aad7837ec0d36651464a1f7 Author: kmarshall <kmarshall@chromium.org> Date: Sat Nov 19 01:35:26 2016 Throw IPC errors on invalid Mojo BlobChannel messages. This code instructs the browser to kill a renderer process if it receives semantically invalid/bad data over the Mojo pipe. BUG= 629096 R=mlliu@chromium.org CC=wez@chromium.org Review-Url: https://codereview.chromium.org/2517733002 Cr-Commit-Position: refs/heads/master@{#433371} [modify] https://crrev.com/2de9572364f3e2b29aad7837ec0d36651464a1f7/blimp/engine/mojo/blob_channel_service.cc
,
Nov 29 2016
,
Dec 9 2016
|
||||
►
Sign in to add a comment |
||||
Comment 1 by w...@chromium.org
, Jul 27 2016Status: Available (was: Untriaged)
Summary: Add mechanism to terminate renderers that send invalid Mojo requests to the browser process (was: Design mechanism for the browser to tearing down renderers on invalid IPC)