New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 854248 link

Starred by 1 user
Status: Verified
Owner:
dcreager@chromium.org
Last visit > 30 days ago
Closed: Jul 6
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug

Blocking:
issue 704259



Sign in to add a comment

Reporting: Seg fault when processing subdomain reports

Project Member Reported by dcreager@chromium.org, Jun 19 2018 
While writing some web-platform-tests for Reporting and NEL, I triggered a segfault when uploading a NEL report that's covered by an include_subdomains policy.  It looks like there are a couple of places where we assume (using a DCHECK) that the origin of the report matches the origin of the policy, which won't be true for include_subdomain reports.

I have a unit test that reproduces this in the CL that I'm about to upload.

Comment 1 by dcreager@chromium.org, Jun 19 2018

Blocking: 704259
Project Member

Comment 2 by bugdroid1@chromium.org, Jul 2 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/e13028c51bdd8b4e3a3373a6374fc69b06ef02c4

commit e13028c51bdd8b4e3a3373a6374fc69b06ef02c4
Author: Douglas Creager <dcreager@chromium.org>
Date: Mon Jul 02 18:08:27 2018

Reporting: Don't assume report and policy have same origin

When processing a report, we can't assume that the report's origin
matches the origin that the corresponding policy belongs to.  If the
policy uses include_subdomains, then it might be used for reports for
any subdomain of the policy's origin.  We had a couple of places where
we did assume they were the same, and used a DCHECK to verify this.
That caused segfaults whenever we tried to process a subdomain report.

Bug:  854248 
Change-Id: I251d82664c7deee2293144ceed199e084795152c
Reviewed-on: https://chromium-review.googlesource.com/1106304
Reviewed-by: Matt Menke <mmenke@chromium.org>
Commit-Queue: Douglas Creager <dcreager@chromium.org>
Cr-Commit-Position: refs/heads/master@{#571946}
[modify] https://crrev.com/e13028c51bdd8b4e3a3373a6374fc69b06ef02c4/net/reporting/reporting_cache.cc
[modify] https://crrev.com/e13028c51bdd8b4e3a3373a6374fc69b06ef02c4/net/reporting/reporting_cache.h
[modify] https://crrev.com/e13028c51bdd8b4e3a3373a6374fc69b06ef02c4/net/reporting/reporting_cache_unittest.cc
[modify] https://crrev.com/e13028c51bdd8b4e3a3373a6374fc69b06ef02c4/net/reporting/reporting_delivery_agent.cc
[modify] https://crrev.com/e13028c51bdd8b4e3a3373a6374fc69b06ef02c4/net/reporting/reporting_delivery_agent_unittest.cc
[modify] https://crrev.com/e13028c51bdd8b4e3a3373a6374fc69b06ef02c4/net/reporting/reporting_endpoint_manager.cc
[modify] https://crrev.com/e13028c51bdd8b4e3a3373a6374fc69b06ef02c4/net/reporting/reporting_endpoint_manager.h
[modify] https://crrev.com/e13028c51bdd8b4e3a3373a6374fc69b06ef02c4/net/reporting/reporting_endpoint_manager_unittest.cc

Comment 3 by dcreager@chromium.org, Jul 6

Status: Verified (was: Started)

Sign in to add a comment