qt/qtwebengine-chromium.git - Vendor branch of Chromium. This is a submodule of qtwebengine

diff options

author	Allan Sandfeld Jensen <allan.jensen@qt.io>	2019-02-01 15:56:16 +0100
committer	Allan Sandfeld Jensen <allan.jensen@qt.io>	2019-03-29 10:19:55 +0000
commit	a5f2293e6c2b5218875806626bee683e0501c179 (patch)
tree	2e16c6cb89e72f77bc97749c2ebb141a9bda8ee8 /chromium/third_party/pdfium/third_party/lcms2-2.6/include/lcms2.h
parent	a66d35344003ee19ac70181b7a2233fd387f9da3 (diff)

[Backport] Fix for CVE-2019-5758

Fix UAP in ImageBitmapLoader/FileReaderLoader FileReaderLoader stores its client as a raw pointer, so in cases like ImageBitmapLoader where the FileReaderLoaderClient really is garbage collected we have to make sure to destroy the FileReaderLoader when the ExecutionContext that owns it is destroyed. TBR=mek@chromium.org (cherry picked from commit 419c4bfbfb94849ed30dcab7c3aaf67afe238b27) Bug: 913970 Change-Id: I40b02115367cf7bf5bbbbb8e9b57874d2510f861 Reviewed-on: https://chromium-review.googlesource.com/c/1374511 Reviewed-by: Jeremy Roman <jbroman@chromium.org> Commit-Queue: Marijn Kruisselbrink <mek@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#616342} Reviewed-on: https://chromium-review.googlesource.com/c/1379106 Reviewed-by: Marijn Kruisselbrink <mek@chromium.org> Cr-Commit-Position: refs/branch-heads/3626@{#368} Cr-Branched-From: d897fb137fbaaa9355c0c93124cc048824eb1e65-refs/heads/master@{#612437} Reviewed-by: Michal Klocek <michal.klocek@qt.io> Reviewed-by: Michael Brüning <michael.bruning@qt.io>

Diffstat (limited to 'chromium/third_party/pdfium/third_party/lcms2-2.6/include/lcms2.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: