New issue
Advanced search Search tips

Issue 738305 link

Starred by 1 user
Status: WontFix
Owner: ----
Closed: Jul 2017
Cc:
yukishiino@chromium.org
lfg@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: Possible Stack Corruption starting at chrome_child!blink::LocalWindowProxy::CreateContext+0x00000000007d0864

Reported by greencar...@hotmail.com, Jun 30 2017 

VULNERABILITY DETAILS
Please provide a brief explanation of the security issue.

VERSION
Chrome Version: Version 59.0.3071.115 (Official Build) (64-bit)
Operating System: Windows 10 64bit

REPRODUCTION CASE
Attached

FOR CRASHES, PLEASE INCLUDE THE FOLLOWING ADDITIONAL INFORMATION
Type of crash: tab

Crash dump attached
edger.html
353 bytes View Download
crashdumpchr.txt
17.7 KB View Download

Comment 1 by xzhou@chromium.org, Jun 30 2017

Cc: yukishiino@chromium.org
Components: Blink>JavaScript Blink>Bindings
Labels: OS-Chrome
Status: Available (was: Unconfirmed)
cc'ed more people who knows the code better.

Comment 2 by yukishiino@chromium.org, Jul 3 2017

Status: WontFix (was: Available)
This seems caused just because V8 highly optimizes their code + V8 has their own stack frames.  It's quite common that V8 doesn't produce well-symboled strack trace.
Project Member

Comment 3 by sheriffbot@chromium.org, Oct 9 2017

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment