chromium/src
0
Fork 0
Code Activity

Add hardening CHECK in mojojs for large buffers.

Browse Source 
Bug: 1316379
Change-Id: I7a3a50cd9c1434cc86b4b2aa45a491c812832a3a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4742429
Auto-Submit: Jonathan Hao <phao@chromium.org>
Reviewed-by: Ken Rockot <rockot@google.com>
Commit-Queue: Ken Rockot <rockot@google.com>
Cr-Commit-Position: refs/heads/main@{#1179071}
This commit is contained in:
Jonathan Hao
2023-08-03 16:12:56 +00:00
committed by Chromium LUCI CQ
parent 89c9b4bdc9
commit 6731adcd0c
1 changed files with 1 additions and 1 deletions

2
mojo/public/cpp/bindings/lib/message.cc

@@ -271,7 +271,7 @@ Message::Message(base::span<const uint8_t> payload,
void* buffer; void* buffer;
uint32_t buffer_size; uint32_t buffer_size;
DCHECK(base::IsValueInRangeForNumericType<uint32_t>(payload.size())); CHECK(base::IsValueInRangeForNumericType<uint32_t>(payload.size()));
DCHECK(base::IsValueInRangeForNumericType<uint32_t>(handles.size())); DCHECK(base::IsValueInRangeForNumericType<uint32_t>(handles.size()));
MojoAppendMessageDataOptions options; MojoAppendMessageDataOptions options;
options.struct_size = sizeof(options); options.struct_size = sizeof(options);