remoting: Harden security key auth handlers and signaling transport [chromium/src : main]

0 views
Skip to first unread message

Yuwei Huang (Gerrit)

unread,
Jun 19, 2026, 3:28:40 AM (10 days ago) Jun 19
to chromium...@chromium.org, chromotin...@chromium.org, chromium-a...@chromium.org, extension...@chromium.org

Yuwei Huang added 2 comments

File remoting/host/security_key/security_key_auth_handler_mojo.cc
Line 148, Patchset 3 (Latest): if (!send_message_callback_) {
Yuwei Huang . unresolved

Please fix this WARNING reported by autoreview issue finding: It's slightly more efficient and logical to move this null-check before storing the callback and starting the timer, so we avoid that work if we're just going to drop the request.

```cpp
if (!send_message_callback_) {
LOG(ERROR) << "send_message_callback_ is null, dropping request.";
CloseSecurityKeyRequestConnection(connection_id);
return;
}
  // Reset the timer to give the client a chance to send the response.
connection.disconnect_timer.Start(FROM_HERE, kSecurityKeyRequestTimeout,
GetCloseConnectionClosure(connection_id));
connection.on_security_key_request_callback = std::move(callback);
```
File remoting/host/security_key/security_key_auth_handler_mojo_unittest.cc
Line 291, Patchset 3 (Latest): auth_handler_->SetSendMessageCallback(base::NullCallback());
Yuwei Huang . unresolved

Please fix this WARNING reported by autoreview issue finding: Please add `#include "base/functional/callback_helpers.h"` for `base::NullCallback()`.

Open in Gerrit

Related details

Attention set is empty
Submit Requirements:
  • requirement satisfiedCode-Coverage
  • requirement satisfiedCode-Owners
  • requirement is not satisfiedCode-Review
  • requirement is not satisfiedNo-Unresolved-Comments
  • requirement is not satisfiedReview-Enforcement
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
Gerrit-MessageType: comment
Gerrit-Project: chromium/src
Gerrit-Branch: main
Gerrit-Change-Id: Ia30e81908ba50e23295b9fc221df81d55e57b025
Gerrit-Change-Number: 7965781
Gerrit-PatchSet: 3
Gerrit-Owner: Yuwei Huang <yuw...@chromium.org>
Gerrit-Comment-Date: Fri, 19 Jun 2026 07:28:24 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
satisfied_requirement
unsatisfied_requirement
open
diffy

Yuwei Huang (Gerrit)

unread,
Jun 19, 2026, 3:39:49 AM (10 days ago) Jun 19
to Joe Downing, chromium...@chromium.org, chromotin...@chromium.org, chromium-a...@chromium.org, extension...@chromium.org
Attention needed from Joe Downing

Yuwei Huang voted and added 3 comments

Votes added by Yuwei Huang

Auto-Submit+1
Commit-Queue+1

3 comments

Patchset-level comments
File-level comment, Patchset 4 (Latest):
Yuwei Huang . resolved

PTAL thanks!

File remoting/host/security_key/security_key_auth_handler_mojo.cc
Line 148, Patchset 3: if (!send_message_callback_) {
Yuwei Huang . resolved

Please fix this WARNING reported by autoreview issue finding: It's slightly more efficient and logical to move this null-check before storing the callback and starting the timer, so we avoid that work if we're just going to drop the request.

```cpp
if (!send_message_callback_) {
LOG(ERROR) << "send_message_callback_ is null, dropping request.";
CloseSecurityKeyRequestConnection(connection_id);
return;
}
  // Reset the timer to give the client a chance to send the response.
connection.disconnect_timer.Start(FROM_HERE, kSecurityKeyRequestTimeout,
GetCloseConnectionClosure(connection_id));
connection.on_security_key_request_callback = std::move(callback);
```
Yuwei Huang

Done

File remoting/host/security_key/security_key_auth_handler_mojo_unittest.cc
Line 291, Patchset 3: auth_handler_->SetSendMessageCallback(base::NullCallback());
Yuwei Huang . resolved

Please fix this WARNING reported by autoreview issue finding: Please add `#include "base/functional/callback_helpers.h"` for `base::NullCallback()`.

Yuwei Huang

Done

Open in Gerrit

Related details

Attention is currently required from:
  • Joe Downing
Submit Requirements:
    • requirement satisfiedCode-Coverage
    • requirement satisfiedCode-Owners
    • requirement is not satisfiedCode-Review
    • requirement is not satisfiedReview-Enforcement
    Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
    Gerrit-MessageType: comment
    Gerrit-Project: chromium/src
    Gerrit-Branch: main
    Gerrit-Change-Id: Ia30e81908ba50e23295b9fc221df81d55e57b025
    Gerrit-Change-Number: 7965781
    Gerrit-PatchSet: 4
    Gerrit-Owner: Yuwei Huang <yuw...@chromium.org>
    Gerrit-Reviewer: Joe Downing <joe...@chromium.org>
    Gerrit-Reviewer: Yuwei Huang <yuw...@chromium.org>
    Gerrit-Attention: Joe Downing <joe...@chromium.org>
    Gerrit-Comment-Date: Fri, 19 Jun 2026 07:39:37 +0000
    Gerrit-HasComments: Yes
    Gerrit-Has-Labels: Yes
    Comment-In-Reply-To: Yuwei Huang <yuw...@chromium.org>
    satisfied_requirement
    unsatisfied_requirement
    open
    diffy

    Joe Downing (Gerrit)

    unread,
    Jun 19, 2026, 12:21:11 PM (10 days ago) Jun 19
    to Yuwei Huang, Chromium LUCI CQ, chromium...@chromium.org, chromotin...@chromium.org, chromium-a...@chromium.org, extension...@chromium.org
    Attention needed from Yuwei Huang

    Joe Downing voted

    Code-Review+1
    Commit-Queue+2
    Open in Gerrit

    Related details

    Attention is currently required from:
    • Yuwei Huang
    Submit Requirements:
      • requirement satisfiedCode-Coverage
      • requirement satisfiedCode-Owners
      • requirement satisfiedCode-Review
      • requirement satisfiedReview-Enforcement
      Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
      Gerrit-MessageType: comment
      Gerrit-Project: chromium/src
      Gerrit-Branch: main
      Gerrit-Change-Id: Ia30e81908ba50e23295b9fc221df81d55e57b025
      Gerrit-Change-Number: 7965781
      Gerrit-PatchSet: 4
      Gerrit-Owner: Yuwei Huang <yuw...@chromium.org>
      Gerrit-Reviewer: Joe Downing <joe...@chromium.org>
      Gerrit-Reviewer: Yuwei Huang <yuw...@chromium.org>
      Gerrit-Attention: Yuwei Huang <yuw...@chromium.org>
      Gerrit-Comment-Date: Fri, 19 Jun 2026 16:20:58 +0000
      Gerrit-HasComments: No
      Gerrit-Has-Labels: Yes
      satisfied_requirement
      open
      diffy

      Chromium LUCI CQ (Gerrit)

      unread,
      Jun 19, 2026, 12:26:33 PM (10 days ago) Jun 19
      to Yuwei Huang, Joe Downing, chromium...@chromium.org, chromotin...@chromium.org, chromium-a...@chromium.org, extension...@chromium.org

      Chromium LUCI CQ submitted the change

      Change information

      Commit message:
      remoting: Harden security key auth handlers and signaling transport

      MAGI imposes these changes on the refactoring CL, so I figure I should
      do it in a parent CL instead.

      This CL adds robust null-safety and input-size validation to the
      security key host-side components to prevent crashes and resource
      exhaustion:

      1. Mojo/Posix Auth Handlers: Removes the entry-point DCHECK and adds
      runtime null checks for the send_message_callback_ to prevent host
      crashes if a client disconnects during an active request.
      2. Legacy Signaling: Enforces a strict 512KB pre-parsing limit on raw
      JSON messages and a 64KB size limit on parsed payload byte lists to
      prevent DoS/OOM on the JSON reader.
      3. Unit Tests: Adds dedicated Mojo and Posix null-safety test cases.

      TAG=agy CONV=a74bbced-b6c1-454e-adea-b8a5ad41a1ef
      Bug: 517007701
      Change-Id: Ia30e81908ba50e23295b9fc221df81d55e57b025
      Auto-Submit: Yuwei Huang <yuw...@chromium.org>
      Commit-Queue: Joe Downing <joe...@chromium.org>
      Reviewed-by: Joe Downing <joe...@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#1649713}
      Files:
      • M remoting/host/security_key/security_key_auth_handler_mojo.cc
      • M remoting/host/security_key/security_key_auth_handler_mojo_unittest.cc
      • M remoting/host/security_key/security_key_auth_handler_posix.cc
      • M remoting/host/security_key/security_key_auth_handler_posix_unittest.cc
      • M remoting/host/security_key/security_key_extension_session.cc
      Change size: M
      Delta: 5 files changed, 100 insertions(+), 9 deletions(-)
      Branch: refs/heads/main
      Submit Requirements:
      • requirement satisfiedCode-Review: +1 by Joe Downing
      Open in Gerrit
      Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
      Gerrit-MessageType: merged
      Gerrit-Project: chromium/src
      Gerrit-Branch: main
      Gerrit-Change-Id: Ia30e81908ba50e23295b9fc221df81d55e57b025
      Gerrit-Change-Number: 7965781
      Gerrit-PatchSet: 5
      Gerrit-Owner: Yuwei Huang <yuw...@chromium.org>
      Gerrit-Reviewer: Chromium LUCI CQ <chromiu...@luci-project-accounts.iam.gserviceaccount.com>
      Gerrit-Reviewer: Joe Downing <joe...@chromium.org>
      Gerrit-Reviewer: Yuwei Huang <yuw...@chromium.org>
      open
      diffy
      satisfied_requirement
      Reply all
      Reply to author
      Forward
      0 new messages