New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 709421 link

Starred by 1 user
Status: Archived
Owner: ----
Closed: Apr 2018
Cc:
kkaluri@chromium.org
sureshkumari@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 3
Type: Bug



Sign in to add a comment

Crash with signature TabCaptureAccessHandler -> extensions::Extension::id() const

Reported by pa...@yandex-team.ru, Apr 7 2017 
We have got crash reports with stack trace going into TabCaptureAccessHandler::HandleRequest(..., extensions::Extension const*) 
It seems that user have got extension
https://chrome.google.com/webstore/detail/ears-bass-boost-eq-any-au/nfdfiepdkbnoanddpianalelglmfooik
installed and is trying to call browser action of it. Further investigating the source code we found that there is a check for null pointer of |extension| parameter, but it is then accessed via a call extension->id(). Seems like a simple coding mistake.
I will provide a CL for fixing this.

Comment 1 by ranjitkan@chromium.org, Apr 7 2017

Labels: Needs-Milestone

Comment 2 by sureshkumari@chromium.org, Apr 10 2017

Cc: sureshkumari@chromium.org
Labels: Needs-Feedback
Reporter@ could you please provide a sample Html test file to Triage the issue from TE end.

Thanks..

Comment 3 by pa...@yandex-team.ru, Apr 10 2017 

The error appearance doesn't depend on page URL, it is just an extension action that causes the error. I provided a link to the extension. The action can be called with standard browser action UI.
Project Member

Comment 4 by sheriffbot@chromium.org, Apr 10 2017

Labels: -Needs-Feedback
Thank you for providing more feedback. Adding requester "sureshkumari@chromium.org" to the cc list and removing "Needs-Feedback" label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 5 by bugdroid1@chromium.org, Apr 10 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/5d7042a87c4f1901ef1ed03d29f3e31e8af1724d

commit 5d7042a87c4f1901ef1ed03d29f3e31e8af1724d
Author: pavor <pavor@yandex-team.ru>
Date: Mon Apr 10 10:03:57 2017

Fix extension->id() nullptr access at TabCaptureAccessHandler::HandleRequest

There is a check for null pointer of |extension| parameter,
but it is then accessed via a call extension->id().

R=changbin.shao, dcheng
BUG= 709421 

Review-Url: https://codereview.chromium.org/2805213002
Cr-Commit-Position: refs/heads/master@{#463209}

[modify] https://crrev.com/5d7042a87c4f1901ef1ed03d29f3e31e8af1724d/chrome/browser/media/webrtc/tab_capture_access_handler.cc

Comment 6 by kkaluri@chromium.org, Apr 17 2017

Cc: kkaluri@chromium.org
Components: Platform>Extensions
Labels: Needs-Feedback
pavor@ could you please help us with steps to verify this issue from TE perspective.

Thank You...
Kiran
Project Member

Comment 7 by sheriffbot@chromium.org, Apr 17 2018

Status: Archived (was: Unconfirmed)
Issue has not been modified or commented on in the last 365 days, please re-open or file a new bug if this is still an issue.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment