8000 chore: cherry-pick 668cf831e912 from chromium by ppontes · Pull Request #28931 · electron/electron · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

chore: cherry-pick 668cf831e912 from chromium #28931

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 29, 2021
Merged

chore: cherry-pick 668cf831e912 from chromium #28931

merged 2 commits into from
Apr 29, 2021

Conversation

ppontes
Copy link
Member
@ppontes ppontes commented Apr 29, 2021
edited
Loading

Never fail in ReceiverSet::Add

Because of how UniqueReceiverSet is implemented and used, it is
dangerous to allow Add() to fail: callers reasonably assume that added
objects are still alive immediately after the Add() call.

This changes ReceiverId to a uint64 and simply CHECK-fails on
insert collision.

This fundamentally increases binary size of 32-bit builds, because
a widely used 32-bit data type is expanding to 64 bits for the sake
of security and stability. It is effectively unavoidable for now, and
also just barely above the tolerable threshold.

A follow-up (but less backwards-mergeable) change should be able to
reduce binary size beyond this increase by consolidating shared
code among ReceiverSet template instantiations.

Fixed: 1185732
Change-Id: I9acf6aaaa36e10fdce5aa49a890173caddc13c52
Binary-Size: Unavoidable (see above)
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2778871
Commit-Queue: Ken Rockot rockot@google.com
Auto-Submit: Ken Rockot rockot@google.com
Reviewed-by: Robert Sesek rsesek@chromium.org
Cr-Commit-Position: refs/heads/master@{#865815}

Notes: Security: backported fix to CVE-2021-21207.

@ppontes ppontes requested a review from a team as a code owner April 29, 2021 12:33
@ppontes ppontes added 10-x-y backport-check-skip Skip trop's backport validity checking semver/patch backwards-compatible bug fixes labels Apr 29, 2021
@electron-cation electron-cation bot added new-pr 🌱 PR opened recently and removed new-pr 🌱 PR opened recently labels Apr 29, 2021
@codebytere codebytere merged commit 118c2fa into 10-x-y Apr 29, 2021
@release-clerk
Copy link
release-clerk bot commented Apr 29, 2021

Release Notes Persisted

Security: backported fix to CVE-2021-21207.

@codebytere codebytere deleted the cherry-pick/10-x-y/chromium/668cf831e912 branch April 29, 2021 15:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@codebytere codebytere codebytere approved these changes

Assignees
No one assigned
Labels
10-x-y backport-check-skip Skip trop's backport validity checking semver/patch backwards-compatible bug fixes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ppontes @codebytere @electron-bot
0