chore: cherry-pick 6a8a2098f9fa from chromium #31232
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
[Merge to M94] Prevents non-browser processes from requesting memory dumps.
This CL makes several changes:
(1) Causes the browser to reset non-browser
mojo::PendingReceiver. This means that non-browser
processes will never be able to use the Coordinator interface.
(2) Add CHECKs to existing code to prevent non-browser processes from
attempting to use the Coordinator interface.
A code audit shows that all Coordinator usages should already only be
from the browser process.
Note that (2) is important since attempting to use an unbound interface
will trigger a nullptr dereference, which is undefined behavior.
(cherry picked from commit d9cc471e122e9a2391a68fa7cd72ea50587d8d97)
Bug: 1251787
Change-Id: Ifbe9610cc0e373edaaa60fad46b447e8bdb3ec04
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3174305
Reviewed-by: Kinuko Yasuda kinuko@chromium.org
Reviewed-by: ssid ssid@chromium.org
Auto-Submit: Erik Chen erikchen@chromium.org
Commit-Queue: Erik Chen erikchen@chromium.org
Cr-Original-Commit-Position: refs/heads/main@{#923693}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3194811
Reviewed-by: Avi Drissman avi@chromium.org
Reviewed-by: Krishna Govind govind@chromium.org
Commit-Queue: Krishna Govind govind@chromium.org
Owners-Override: Krishna Govind govind@chromium.org
Cr-Commit-Position: refs/branch-heads/4606@{#1253}
Cr-Branched-From: 35b0d5a9dc8362adfd44e2614f0d5b7402ef63d0-refs/heads/master@{#911515}
Notes: Security: backported fix for CVE-2021-37976.