Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(599)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 2318653003: Fixing stack buffer overflow (read) in SctpDataEngine. (Closed)

Created:
4 years, 3 months ago by Taylor Brandstetter
Modified:
4 years, 3 months ago
CC:
webrtc-reviews_webrtc.org, tterriberry_mozilla.com, the sun
Target Ref:
refs/pending/heads/master
Project:
webrtc
Visibility:
Public.

Description

Fixing stack buffer overflow (read) in SctpDataEngine. Was using the wrong size when memcpy'ing a sockaddr_conn. BUG=chromium:642638 TBR=pthatcher@webrtc.org Committed: https://crrev.com/a4d40cb502558c27c82303bb98aedc2dd8d6a888 Cr-Commit-Position: refs/heads/master@{#14111}

Patch Set 1 #

Total comments: 4

Patch Set 2 : Getting rid of unneeded cast. #

Unified diffs Side-by-side diffs Delta from patch set Stats (+1 line, -2 lines) Patch
M webrtc/media/sctp/sctpdataengine.cc View 1 1 chunk +1 line, -2 lines 0 comments Download

Messages

Total messages: 18 (9 generated)
skvlad
lgtm https://codereview.webrtc.org/2318653003/diff/1/webrtc/media/sctp/sctpdataengine.cc File webrtc/media/sctp/sctpdataengine.cc (right): https://codereview.webrtc.org/2318653003/diff/1/webrtc/media/sctp/sctpdataengine.cc#newcode553 webrtc/media/sctp/sctpdataengine.cc:553: memcpy(reinterpret_cast<sockaddr_conn*>(&params.spp_address), &remote_sconn, Could this be done as an ...
4 years, 3 months ago (2016-09-06 18:29:16 UTC) #2
Taylor Brandstetter
https://codereview.webrtc.org/2318653003/diff/1/webrtc/media/sctp/sctpdataengine.cc File webrtc/media/sctp/sctpdataengine.cc (right): https://codereview.webrtc.org/2318653003/diff/1/webrtc/media/sctp/sctpdataengine.cc#newcode553 webrtc/media/sctp/sctpdataengine.cc:553: memcpy(reinterpret_cast<sockaddr_conn*>(&params.spp_address), &remote_sconn, On 2016/09/06 18:29:16, skvlad wrote: > Could ...
4 years, 3 months ago (2016-09-06 20:00:47 UTC) #3
honghaiz3
lgtm https://codereview.webrtc.org/2318653003/diff/1/webrtc/media/sctp/sctpdataengine.cc File webrtc/media/sctp/sctpdataengine.cc (right): https://codereview.webrtc.org/2318653003/diff/1/webrtc/media/sctp/sctpdataengine.cc#newcode553 webrtc/media/sctp/sctpdataengine.cc:553: memcpy(reinterpret_cast<sockaddr_conn*>(&params.spp_address), &remote_sconn, Does it matter to reinterpret_cast the ...
4 years, 3 months ago (2016-09-06 22:12:09 UTC) #5
Taylor Brandstetter
https://codereview.webrtc.org/2318653003/diff/1/webrtc/media/sctp/sctpdataengine.cc File webrtc/media/sctp/sctpdataengine.cc (right): https://codereview.webrtc.org/2318653003/diff/1/webrtc/media/sctp/sctpdataengine.cc#newcode553 webrtc/media/sctp/sctpdataengine.cc:553: memcpy(reinterpret_cast<sockaddr_conn*>(&params.spp_address), &remote_sconn, On 2016/09/06 22:12:09, honghaiz3 wrote: > Does ...
4 years, 3 months ago (2016-09-06 22:54:29 UTC) #6
Taylor Brandstetter
pthatcher: Need you to review since none of us are webrtc/media owners.
4 years, 3 months ago (2016-09-06 23:57:03 UTC) #9
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.webrtc.org/2318653003/20001
4 years, 3 months ago (2016-09-06 23:57:29 UTC) #12
commit-bot: I haz the power
Try jobs failed on following builders: linux_baremetal on master.tryserver.webrtc (JOB_TIMED_OUT, no build URL)
4 years, 3 months ago (2016-09-07 01:58:16 UTC) #14
Taylor Brandstetter
Committed patchset #2 (id:20001) manually as a4d40cb502558c27c82303bb98aedc2dd8d6a888 (presubmit successful).
4 years, 3 months ago (2016-09-07 17:05:34 UTC) #17
commit-bot: I haz the power
4 years, 3 months ago (2016-09-07 17:05:34 UTC) #18
Message was sent while issue was closed. 
Patchset 2 (id:??) landed as
https://crrev.com/a4d40cb502558c27c82303bb98aedc2dd8d6a888
Cr-Commit-Position: refs/heads/master@{#14111}

Powered by Google App Engine
This is Rietveld 408576698