mirror of
https://github.com/mollyim/webrtc.git
synced 2025-05-18 16:17:50 +01:00
d579e6bc7b
The previous approach was that the caller was responsible for ensuring that any buffer passed in to the Bounded IO wrappers, and that any offset from where sub-readers were created were valid. The called would always do a validation of the data and return proper error messages if they were not. This didn't pan out. https://crbug.com/1216758 found an overflow that fooled the validation logic and the fuzzer could read out-of-bounds, although it would always crash in that particular case. There was already bounds checking, but under DCHECKs. This CL changes that so that any bounds checking is done with CHECKS, as would've been done in Rust. It's better to crash than to read arbitrary memory. Bug: chromium:1216758 Change-Id: I89b52f0758495b5fe46f926c142870a263b96314 Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/221743 Commit-Queue: Victor Boivie <boivie@webrtc.org> Reviewed-by: Florent Castelli <orphis@webrtc.org> Cr-Commit-Position: refs/heads/master@{#34303} |
||
|---|---|---|
| .. | ||
| dcsctp | ||