New issue
Advanced search Search tips

Issue 848492 link

Starred by 1 user
Status: Fixed
Owner:
dgozman@chromium.org
Closed: Jun 2018
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Chrome , Mac
Pri: 1
Type: Bug-Regression



Sign in to add a comment

DevTools: context menu triggers out-of-bounds DCHECK

Project Member Reported by dgozman@chromium.org, May 31 2018 
This might affect production and trigger UAF. Regressed in r561540, which made it to M68 cut.

DCHECK is here:
https://cs.chromium.org/chromium/src/third_party/blink/public/platform/web_vector.h?rcl=2fd473c99670501614888556098e9cb0de6a3139&l=166
Project Member

Comment 1 by bugdroid1@chromium.org, Jun 1 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/25e61876da9f60fccdf679bd05ecc041d6518625

commit 25e61876da9f60fccdf679bd05ecc041d6518625
Author: Dmitry Gozman <dgozman@chromium.org>
Date: Fri Jun 01 02:40:47 2018

[DevTools] Fix DCHECK triggering in custom context menu

Bug:  848492 
Change-Id: I84c86f60e5719186c7317d3b30d756dadd7a09d3
Reviewed-on: https://chromium-review.googlesource.com/1081560
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#563501}
[modify] https://crrev.com/25e61876da9f60fccdf679bd05ecc041d6518625/third_party/blink/renderer/bindings/core/v8/custom/v8_dev_tools_host_custom.cc

Comment 2 by dgozman@chromium.org, Jun 4 2018

Labels: Merge-Request-68
Status: Fixed (was: Assigned)

Comment 3 by abdulsyed@google.com, Jun 4 2018

Labels: -Merge-Request-68 Merge-Approved-68
approved - branch:3440
Project Member

Comment 4 by bugdroid1@chromium.org, Jun 4 2018

Labels: -merge-approved-68 merge-merged-3440
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/83423a06cb97d689429ccbf1ca7915d45121b54c

commit 83423a06cb97d689429ccbf1ca7915d45121b54c
Author: Dmitry Gozman <dgozman@chromium.org>
Date: Mon Jun 04 23:19:48 2018

[DevTools] Fix DCHECK triggering in custom context menu

TBR=dgozman@chromium.org

(cherry picked from commit 25e61876da9f60fccdf679bd05ecc041d6518625)

Bug:  848492 
Change-Id: I84c86f60e5719186c7317d3b30d756dadd7a09d3
Reviewed-on: https://chromium-review.googlesource.com/1081560
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Dmitry Gozman <dgozman@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#563501}
Reviewed-on: https://chromium-review.googlesource.com/1086288
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/branch-heads/3440@{#177}
Cr-Branched-From: 010ddcfda246975d194964ccf20038ebbdec6084-refs/heads/master@{#561733}
[modify] https://crrev.com/83423a06cb97d689429ccbf1ca7915d45121b54c/third_party/blink/renderer/bindings/core/v8/custom/v8_dev_tools_host_custom.cc

Sign in to add a comment