commit | 2291fef1ab22b0e060457781df748d06d2290155 | [log] [tgz] |
---|---|---|
author | Ovidio Henriquez <odejesush@chromium.org> | Mon Feb 04 15:23:15 2019 |
committer | Ovidio de Jesús Ruiz-Henríquez <odejesush@chromium.org> | Mon Feb 04 15:23:15 2019 |
tree | 139eb36e323d4351f84e5c60a3bcb14e98fd4800 | |
parent | 75098f9972c37575ecf86228de4a2348252fcb57 [diff] |
Fix PermissionObserver OOB access crash This change fixes a crash caused by an OOB access from the |chooser_observer_| when removing the observer upon the destruction of SiteSettingsHandler. The crash occurs when the following conditions are met. 1. An off the record profile is created. 2. A chooser permission is granted in the off the record profile. 3. The chrome://settings/content page is opened in the main profile window. 4. The off the record window is closed. 5. The chrome://settings/content page is closed. The SiteSettingsHandler will attempt to remove itself from the off the record ChooserContextBase upon destruction, but the off the record ChooserContextBase was already destroyed previously, therefore accessing memory that has already been freed. This change removes the logic that adds the SiteSettingsHandler to the off the record ChooserContextBase, since the UI does not actually display off the record chooser permissions anyways. I created https://crbug.com/927372 for adding this feature. Bug: 926501 Change-Id: I87359a3d67020a80b9fb698d5252c320436317de Reviewed-on: https://chromium-review.googlesource.com/c/1447312 Reviewed-by: Dan Beam <dbeam@chromium.org> Commit-Queue: Ovidio de Jesús Ruiz-Henríquez <odejesush@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#628468}(cherry picked from commit 15a43eca69de36953bd187b5b4f9595388aa91c2) Reviewed-on: https://chromium-review.googlesource.com/c/1450224 Reviewed-by: Ovidio de Jesús Ruiz-Henríquez <odejesush@chromium.org> Cr-Commit-Position: refs/branch-heads/3683@{#161} Cr-Branched-From: e51029943e0a38dd794b73caaf6373d5496ae783-refs/heads/master@{#625896}
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
The project's web site is https://www.chromium.org.
Documentation in the source is rooted in docs/README.md.
Learn how to Get Around the Chromium Source Code Directory Structure .