Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: cherry-pick da11d71a0227 from chromium #32183

Merged
merged 5 commits into from
Jan 12, 2022
Merged

chore: cherry-pick da11d71a0227 from chromium #32183

merged 5 commits into from
Jan 12, 2022

Conversation

ppontes
Copy link
Member

@ppontes ppontes commented Dec 15, 2021

mojo/ipc: Drop messages targeting invalid task runner

If the endpoint's task runner does not match the current task runner (or
an equivalent main-thread task runner for the ChannelProxy) when a
executing a message dispatch task for that endpoint, this ignores the
message instead of dispatching it on the wrong sequence.

(cherry picked from commit 0747c9405e1098c0bbbc5593183696eafb45b72c)

Fixed: 1263457
Change-Id: I4f6ba22de3ff8cf3994b748e1ffd0f0aabb17b70
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3318601
Reviewed-by: Daniel Cheng dcheng@chromium.org
Commit-Queue: Ken Rockot rockot@google.com
Cr-Original-Commit-Position: refs/heads/main@{#949140}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3328403
Auto-Submit: Ken Rockot rockot@google.com
Commit-Queue: Daniel Cheng dcheng@chromium.org
Cr-Commit-Position: refs/branch-heads/4664@{#1269}
Cr-Branched-From: 24dc4ee75e01a29d390d43c9c264372a169273a7-refs/heads/main@{#929512}

Notes: Backported fix for CVE-2021-4098.

@ppontes ppontes added security 🔒 semver/patch backwards-compatible bug fixes backport-check-skip Skip trop's backport validity checking 13-x-y labels Dec 15, 2021
@ppontes ppontes requested a review from a team as a code owner December 15, 2021 09:10
@zcbenz zcbenz merged commit 9232088 into 13-x-y Jan 12, 2022
@zcbenz zcbenz deleted the cherry-pick/13-x-y/chromium/da11d71a0227 branch January 12, 2022 07:42
@release-clerk
Copy link

release-clerk bot commented Jan 12, 2022

Release Notes Persisted

Backported fix for CVE-2021-4098.

@pheiduck pheiduck mentioned this pull request Feb 3, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zcbenz zcbenz zcbenz approved these changes

@codebytere codebytere codebytere approved these changes

Assignees
No one assigned
Labels
13-x-y backport-check-skip Skip trop's backport validity checking security 🔒 semver/patch backwards-compatible bug fixes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ppontes @zcbenz @codebytere @electron-bot