Sergio Solano (Gerrit)

unread,

3:14 AM (16 hours ago) 3:14 AM

to Tom Sepez, Andres Calderon Jaramillo, Stephen Nusko, Chromium LUCI CQ, chromium...@chromium.org, arc-review...@google.com, chromeos-gfx-...@google.com, feature-me...@chromium.org, hidehik...@chromium.org, media-cro...@chromium.org, oshima...@chromium.org, yhanada+...@chromium.org

Attention needed from Andres Calderon Jaramillo, Stephen Nusko and Tom Sepez

Sergio Solano voted and added 1 comment

Votes added by Sergio Solano

Commit-Queue

+1

1 comment

Patchset-level comments

File-level comment, Patchset 2 (Latest):

Sergio Solano . resolved

Hi Tom and Andres,

Thanks for the reviews. To land this safety fix as quickly as possible and avoid cross-component approval delays, I've decided to split the original CL into two parts:

This CL (Mojo Security): Focused strictly on the Mojo boundary. I've added range validation to the Traits to prevent the sign-extension exploit from a compromised renderer. This is the core fix for b:497542537.
Follow-up CL (Media Safety): I've moved the internal hygiene and safety improvements for media/gpu and chromeos/ash call sites here: https://crrev.com/c/7724047
In this patchset, I have also:

Restored the ui/gfx headers and .mojom files to their base state to keep the public API unchanged for this quick fix.
Included the requested Mojo regression test with Andres' nits (ASSERT_FALSE).
Addressed the security concerns while avoiding unnecessary structural changes.
Do you agree to leave the full type migration (to uint32_t/uint64_t) and the overflow checks in test_shared_image_interface.cc in the subsequent permanent fix?

Open in Gerrit

Related details

Attention is currently required from:

Andres Calderon Jaramillo
Stephen Nusko
Tom Sepez

Submit Requirements:

Code-Coverage
Code-Owners
Code-Review
Review-Enforcement

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

satisfied_requirement

unsatisfied_requirement

open

diffy

Stephen Nusko (Gerrit)

unread,

3:52 AM (16 hours ago) 3:52 AM

to Sergio Solano, Tom Sepez, Andres Calderon Jaramillo, Chromium LUCI CQ, chromium...@chromium.org, arc-review...@google.com, chromeos-gfx-...@google.com, feature-me...@chromium.org, hidehik...@chromium.org, media-cro...@chromium.org, oshima...@chromium.org, yhanada+...@chromium.org

Attention needed from Andres Calderon Jaramillo, Sergio Solano and Tom Sepez

Stephen Nusko voted Code-Review+1

Code-Review

+1

Open in Gerrit

Related details

Attention is currently required from:

Andres Calderon Jaramillo
Sergio Solano
Tom Sepez

Submit Requirements:

Code-Coverage
Code-Owners
Code-Review

Review-Enforcement

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

satisfied_requirement

unsatisfied_requirement

open

diffy

Tom Sepez (Gerrit)

unread,

2:07 PM (5 hours ago) 2:07 PM

to Sergio Solano, Stephen Nusko, Andres Calderon Jaramillo, Chromium LUCI CQ, chromium...@chromium.org, arc-review...@google.com, chromeos-gfx-...@google.com, feature-me...@chromium.org, hidehik...@chromium.org, media-cro...@chromium.org, oshima...@chromium.org, yhanada+...@chromium.org

Attention needed from Andres Calderon Jaramillo and Sergio Solano

Tom Sepez voted Code-Review+1

Code-Review

+1

Open in Gerrit

Related details

Attention is currently required from:

Andres Calderon Jaramillo
Sergio Solano

Submit Requirements:

Code-Coverage
Code-Owners

Code-Review
Review-Enforcement

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

satisfied_requirement

unsatisfied_requirement

open

diffy

Reply all

Reply to author

Forward

[media/gpu] Enforce safe range for NativePixmapPlane construction [chromium/src : main]

Sergio Solano (Gerrit)

Sergio Solano voted and added 1 comment

Votes added by Sergio Solano

1 comment

Related details

Stephen Nusko (Gerrit)

Stephen Nusko voted Code-Review+1

Related details

Tom Sepez (Gerrit)

Tom Sepez voted Code-Review+1

Related details