Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: cherry-pick b5950ad76471 from chromium #22945

Merged
merged 3 commits into from Apr 7, 2020

Conversation

@nornagon
Copy link
Member

@nornagon nornagon commented Apr 2, 2020

Protect automatic pull handlers with Mutex

In some cases, |rendering_automatic_pull_handlers_| in
DeferredTaskHandler can be touched from both the main thread and the
audio rendering thread. This CL adds a lock when it is updated,
processed, and cleared.

crash on the repro case after 30 min.

Test: Locally confirmed that the ASAN build with this patch does not
Bug: 1061018
Change-Id: I5f4440edcdc26e4a3afbfe8fad88492bdb49c323
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2101712
Commit-Queue: Hongchan Choi hongchan@chromium.org
Reviewed-by: Raymond Toy rtoy@chromium.org
Cr-Commit-Position: refs/heads/master@{#750000}

Notes: Security: backport fix for CVE-2020-6451: Use after free in WebAudio

.circleci/config.yml Outdated Show resolved Hide resolved
@nornagon nornagon force-pushed the cherry-pick/7-2-x/chromium/b5950ad76471 branch from 96e9747 to 1db534f Apr 6, 2020
@nornagon nornagon merged commit 72a7588 into 7-2-x Apr 7, 2020
11 of 15 checks passed
@release-clerk
Copy link

@release-clerk release-clerk bot commented Apr 7, 2020

Release Notes Persisted

Security: backport fix for CVE-2020-6451: Use after free in WebAudio

@nornagon nornagon deleted the cherry-pick/7-2-x/chromium/b5950ad76471 branch Apr 7, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants