[Backport] CVE-2022-0610: Inappropriate implementation in Gamepad API

Cherry-pick of patch originally reviewed on https://chromium-review.googlesource.com/c/chromium/src/+/3373944: gamepad: Return an invalid handle after ReportBadMessage Bug: 1285449 Change-Id: I746c539577f7bdf69cbe4212ac380e0c92a5c771 Auto-Submit: Matt Reynolds <mattreynolds@chromium.org> Reviewed-by: Reilly Grant <reillyg@chromium.org> Commit-Queue: Reilly Grant <reillyg@chromium.org> Cr-Commit-Position: refs/heads/main@{#961125} Reviewed-by: Michal Klocek <michal.klocek@qt.io>
author: Matt Reynolds <mattreynolds@google.com> 2022-01-19 21:03:08 +0000
committer: Michael Brüning <michael.bruning@qt.io> 2022-02-28 08:49:07 +0000
commit: d1d0e8553c7eb6c5364e3eb80bc5eb935257340a (patch)
tree: 04526d8b96e7365166cf5e36b385b0db7c384585
parent: e55302f0a9c6224860358a98a58ffb4dbc67cb82 (diff)
download: qtwebengine-chromium-d1d0e8553c7eb6c5364e3eb80bc5eb935257340a.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/chromium/device/gamepad/gamepad_monitor.cc b/chromium/device/gamepad/gamepad_monitor.cc
index 4a35a61d8b3..9e1227f43db 100644
--- a/chromium/device/gamepad/gamepad_monitor.cc
+++ b/chromium/device/gamepad/gamepad_monitor.cc
@@ -54,6 +54,8 @@ void GamepadMonitor::GamepadStartPolling(GamepadStartPollingCallback callback) {
   GamepadService* service = GamepadService::GetInstance();
   if (!service->ConsumerBecameActive(this)) {
     mojo::ReportBadMessage("GamepadMonitor::GamepadStartPolling failed");
+    std::move(callback).Run(base::ReadOnlySharedMemoryRegion());
+    return;
   }
   std::move(callback).Run(service->DuplicateSharedMemoryRegion());
 }
author	Matt Reynolds <mattreynolds@google.com>	2022-01-19 21:03:08 +0000
committer	Michael Brüning <michael.bruning@qt.io>	2022-02-28 08:49:07 +0000
commit	d1d0e8553c7eb6c5364e3eb80bc5eb935257340a (patch)
tree	04526d8b96e7365166cf5e36b385b0db7c384585
parent	e55302f0a9c6224860358a98a58ffb4dbc67cb82 (diff)
download	qtwebengine-chromium-d1d0e8553c7eb6c5364e3eb80bc5eb935257340a.tar.gz