Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: backport b52f7fb5933a from WebRTC. #23044

Merged
merged 1 commit into from Apr 9, 2020

Conversation

@ppontes
Copy link
Member

@ppontes ppontes commented Apr 8, 2020

Description of Change

[DirectX] Fix vector allocation for raw data handling.

std::vector::reserve has the effect to reserve space in memory but does
not affect the result of size(), which keeps on returning 0. If size is
0, however, data() might either return null or not [1].

This CL fixes the use of reserve() in favour of resize() which
effectively allocates the memory in the vector and updates its size.
This way size() returns a value bigger than 0 and data() returns a valid
pointer.

[1] https://en.cppreference.com/w/cpp/container/vector/data

Fixed: chromium:1059764
Change-Id: Ida3dbe643710c6895f09b9da87b0075b7d7b28df
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/170470
Reviewed-by: Jamie Walch jamiewalch@chromium.org
Commit-Queue: Armando Miraglia armax@webrtc.org
Cr-Commit-Position: refs/heads/master@{#30836}

Release Notes

Notes: Security: backported the fix to CVE-2020-6452: potential container-overflow in MediaStream mojo.

[DirectX] Fix vector allocation for raw data handling.

std::vector::reserve has the effect to reserve space in memory but does
not affect the result of size(), which keeps on returning 0. If size is
0, however, data() might either return null or not [1].

This CL fixes the use of reserve() in favour of resize() which
effectively allocates the memory in the vector and updates its size.
This way size() returns a value bigger than 0 and data() returns a valid
pointer.

[1] https://en.cppreference.com/w/cpp/container/vector/data

Fixed: chromium:1059764
Change-Id: Ida3dbe643710c6895f09b9da87b0075b7d7b28df
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/170470
Reviewed-by: Jamie Walch <jamiewalch@chromium.org>
Commit-Queue: Armando Miraglia <armax@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#30836}
@ppontes ppontes requested a review from Apr 8, 2020
@ppontes ppontes requested a review from as a code owner Apr 8, 2020
@jkleinsc
Copy link
Contributor

@jkleinsc jkleinsc commented Apr 9, 2020

Merging as CI failure is known flake unrelated to this PR.

@jkleinsc jkleinsc merged commit 3b3cc02 into 7-2-x Apr 9, 2020
15 of 16 checks passed
@release-clerk
Copy link

@release-clerk release-clerk bot commented Apr 9, 2020

Release Notes Persisted

Security: backported the fix to CVE-2020-6452: potential container-overflow in MediaStream mojo.

@jkleinsc jkleinsc deleted the ppontes/backport-webrtc-b52f7fb5933a-to-7-2-x branch Apr 9, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants