Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
2779443002:
Fix nullptr deref in ChildThreadImpl (Closed)
|
Created:
3 years, 9 months ago by Ken Rockot(use gerrit already) Modified:
3 years, 9 months ago Reviewers:
Lei Zhang CC:
chromium-reviews, darin-cc_chromium.org, jam Target Ref:
refs/heads/master Project:
chromium Visibility:
Public. |
DescriptionFix nullptr deref in ChildThreadImpl
It's possible that a child process has no Service Manager connection. This
avoids dereferencing a null |service_manager_connection_| in that case.
BUG=705175, 704747
TBR=ben@chromium.org
Review-Url: https://codereview.chromium.org/2779443002
Cr-Commit-Position: refs/heads/master@{#459634}
Committed: https://chromium.googlesource.com/chromium/src/+/7844edf8040581364b3651ac6e0f4ddbc27efe9a
Patch Set 1 #
Total comments: 2
Patch Set 2 : . #Messages
Total messages: 22 (14 generated)
The CQ bit was checked by rockot@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
Description was changed from ========== Fix nullptr deref in ChildThreadImpl It's possible that child process has no Service Manager connection, in which case ChildThreadImpl::GetConnector() is null. This adds a check to avoid dereferencing it in that case. BUG=705175,70474 ========== to ========== Fix nullptr deref in ChildThreadImpl It's possible that child process has no Service Manager connection, in which case ChildThreadImpl::GetConnector() is null. This adds a check to avoid dereferencing it in that case. BUG=705175,70474 TBR=ben@chromium.org ==========
70474 -> 704747 BTW
Description was changed from ========== Fix nullptr deref in ChildThreadImpl It's possible that child process has no Service Manager connection, in which case ChildThreadImpl::GetConnector() is null. This adds a check to avoid dereferencing it in that case. BUG=705175,70474 TBR=ben@chromium.org ========== to ========== Fix nullptr deref in ChildThreadImpl It's possible that child process has no Service Manager connection, in which case ChildThreadImpl::GetConnector() is null. This adds a check to avoid dereferencing it in that case. BUG=705175,704747 TBR=ben@chromium.org ==========
Thanks. Fixing reeeeally old bugs.
Description was changed from ========== Fix nullptr deref in ChildThreadImpl It's possible that child process has no Service Manager connection, in which case ChildThreadImpl::GetConnector() is null. This adds a check to avoid dereferencing it in that case. BUG=705175,704747 TBR=ben@chromium.org ========== to ========== Fix nullptr deref in ChildThreadImpl It's possible that a child process has no Service Manager connection, in which case ChildThreadImpl::GetConnector() is null. This adds a check to avoid dereferencing it in that case. BUG=705175,704747 TBR=ben@chromium.org ==========
thestig@chromium.org changed reviewers: + thestig@chromium.org
https://codereview.chromium.org/2779443002/diff/1/content/child/child_thread_... File content/child/child_thread_impl.cc (right): https://codereview.chromium.org/2779443002/diff/1/content/child/child_thread_... content/child/child_thread_impl.cc:506: if (GetConnector()) { GetConnector() is service_manager_connection_->GetConnector() underneath. So maybe |service_manager_connection_| is a nullptr? In which case, this won't be affective. You may be on the right track, because the code below on line 519 affected the Cloud Print Connector as well.
The CQ bit was checked by rockot@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
And that's what I get for TBRing... https://codereview.chromium.org/2779443002/diff/1/content/child/child_thread_... File content/child/child_thread_impl.cc (right): https://codereview.chromium.org/2779443002/diff/1/content/child/child_thread_... content/child/child_thread_impl.cc:506: if (GetConnector()) { On 2017/03/25 at 01:56:34, Lei Zhang wrote: > GetConnector() is service_manager_connection_->GetConnector() underneath. So maybe |service_manager_connection_| is a nullptr? In which case, this won't be affective. > > You may be on the right track, because the code below on line 519 affected the Cloud Print Connector as well. Thanks. Fixed. /shamecube
Description was changed from ========== Fix nullptr deref in ChildThreadImpl It's possible that a child process has no Service Manager connection, in which case ChildThreadImpl::GetConnector() is null. This adds a check to avoid dereferencing it in that case. BUG=705175,704747 TBR=ben@chromium.org ========== to ========== Fix nullptr deref in ChildThreadImpl It's possible that a child process has no Service Manager connection. This avoids dereferencing a null |service_manager_connection_| in that case. BUG=705175,704747 TBR=ben@chromium.org ==========
Works for me, so LGTM
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: This issue passed the CQ dry run.
The CQ bit was checked by rockot@chromium.org
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
CQ is committing da patch.
Bot data: {"patchset_id": 20001, "attempt_start_ts": 1490410766338260,
"parent_rev": "2caede8adadec1174094eaea6b0014a578614eaf", "commit_rev":
"7844edf8040581364b3651ac6e0f4ddbc27efe9a"}
Message was sent while issue was closed.
Description was changed from ========== Fix nullptr deref in ChildThreadImpl It's possible that a child process has no Service Manager connection. This avoids dereferencing a null |service_manager_connection_| in that case. BUG=705175,704747 TBR=ben@chromium.org ========== to ========== Fix nullptr deref in ChildThreadImpl It's possible that a child process has no Service Manager connection. This avoids dereferencing a null |service_manager_connection_| in that case. BUG=705175,704747 TBR=ben@chromium.org Review-Url: https://codereview.chromium.org/2779443002 Cr-Commit-Position: refs/heads/master@{#459634} Committed: https://chromium.googlesource.com/chromium/src/+/7844edf8040581364b3651ac6e0f... ==========
Message was sent while issue was closed.
Committed patchset #2 (id:20001) as https://chromium.googlesource.com/chromium/src/+/7844edf8040581364b3651ac6e0f... |
