diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-10-14 11:01:40 +0200 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-10-14 11:52:28 +0000 |
commit | 1f07ca687b1a2aafce41e96dbf9e0ad7aa48d525 (patch) | |
tree | 1f511eaa61554d32aab6a22ba134e59a685350c6 | |
parent | 9ae8ddaeea11f48dbe08c1e9fd0987af3ab1ce8f (diff) | |
download | qtwebengine-chromium-1f07ca687b1a2aafce41e96dbf9e0ad7aa48d525.tar.gz |
[Backport] CVE-2019-5870
Merge "Add more checks in MojoCdmService"
This is to prevent abnormal cases from happening.
(cherry picked from commit b7b305f3389017cc42e2cfac6e7a319f42d5bde3)
Bug: 999311
Test: Tested w/ shaka player demo and existing unit tests pass
Change-Id: Icef06d979351f16386cf3cbb177971a57a1e264c
Auto-Submit: Xiaohan Wang <xhwang@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: John Rummell <jrummell@chromium.org>
Commit-Queue: Daniel Cheng <dcheng@chromium.org>
Commit-Queue: Xiaohan Wang <xhwang@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#691911}
Cr-Commit-Position: refs/branch-heads/3865@{#688}
Cr-Branched-From: 0cdcc6158160790658d1f033d3db873603250124-refs/heads/master@{#681094}
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
-rw-r--r-- | chromium/media/mojo/services/mojo_cdm_service.cc | 5 | ||||
-rw-r--r-- | chromium/media/mojo/services/mojo_cdm_service.h | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/chromium/media/mojo/services/mojo_cdm_service.cc b/chromium/media/mojo/services/mojo_cdm_service.cc index 1ccfd2f05a7..a3f8332768b 100644 --- a/chromium/media/mojo/services/mojo_cdm_service.cc +++ b/chromium/media/mojo/services/mojo_cdm_service.cc @@ -63,7 +63,9 @@ void MojoCdmService::Initialize(const std::string& key_system, const CdmConfig& cdm_config, InitializeCallback callback) { DVLOG(1) << __func__ << ": " << key_system; - DCHECK(!cdm_); + + CHECK(!has_initialize_been_called_) << "Initialize should only happen once"; + has_initialize_been_called_ = true; auto weak_this = weak_factory_.GetWeakPtr(); cdm_factory_->Create( @@ -157,6 +159,7 @@ void MojoCdmService::OnCdmCreated( return; } + CHECK(!cdm_) << "CDM should only be created once."; cdm_ = cdm; if (context_) { diff --git a/chromium/media/mojo/services/mojo_cdm_service.h b/chromium/media/mojo/services/mojo_cdm_service.h index fd265467859..1e575474f5b 100644 --- a/chromium/media/mojo/services/mojo_cdm_service.h +++ b/chromium/media/mojo/services/mojo_cdm_service.h @@ -101,6 +101,8 @@ class MEDIA_MOJO_EXPORT MojoCdmService : public mojom::ContentDecryptionModule { // Callback for when |decryptor_| loses connectivity. void OnDecryptorConnectionError(); + bool has_initialize_been_called_ = false; + CdmFactory* cdm_factory_; MojoCdmServiceContext* const context_ = nullptr; scoped_refptr<::media::ContentDecryptionModule> cdm_; |