Google Git
Sign in
webrtc / src / ea3e3215e0d0e6c986788ec931a0499ed05930b8
commitea3e3215e0d0e6c986788ec931a0499ed05930b8[log] [tgz]
authorJoe Downing <joedow@google.com>Fri Oct 16 16:15:21 2020
committerCommit Bot <commit-bot@chromium.org>Fri Oct 16 18:31:44 2020
treefb621e3867db1074973f415f0cc70caf6478e3f5
parent88329b9266a34bfb78a619d7cbf678da5e293f98 [diff]
Fixing ASAN container-overflow error in DxgiOutputDuplicator

The DxgiOutputDuplicator uses a vector<byte> to hold the rects
that have changed on the screen.  It then iterates over the
vector to grab each rect and apply it to the updated_region.

There is vector resizing logic which checks the 'capacity' of
the vector and determines whether there is enough space for the
changed rect data.  Often the 'capacity' and 'size' of the
vector are equal but that isn't always true.  When the capacity
is greater than size, and the number of changed rects is high
enough, rect data will be written past the element pointed to
by (data() + size()) and this is the error that ASAN is warning
of.

The fix is to use size() instead of capacity() when determining
whether to resize the vector and as the buffer size we provide
to the Windows API.  There are no other usages of this vector so
there aren't any problems caused by the size/capacity discrepancy
in the existing builds.  The ASAN issue is worth fixing in case
someone comes along and decides to use the vector differently (e.g
rely on the size instead of capacity so some of the rects are
not counted).

Bug: chromium:1138446
Change-Id: I3041091423de889e0f8aabc56ece9466a3000b4f
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/188900
Reviewed-by: Jamie Walch <jamiewalch@chromium.org>
Commit-Queue: Joe Downing <joedow@google.com>
Cr-Commit-Position: refs/heads/master@{#32425}
1 file changed
tree: fb621e3867db1074973f415f0cc70caf6478e3f5
  1. api/
  2. audio/
  3. build_overrides/
  4. call/
  5. common_audio/
  6. common_video/
  7. data/
  8. docs/
  9. examples/
  10. logging/
  11. media/
  12. modules/
  13. p2p/
  14. pc/
  15. resources/
  16. rtc_base/
  17. rtc_tools/
  18. sdk/
  19. stats/
  20. style-guide/
  21. system_wrappers/
  22. test/
  23. tools_webrtc/
  24. video/
  25. .clang-format
  26. .git-blame-ignore-revs
  27. .gitignore
  28. .gn
  29. .vpython
  30. abseil-in-webrtc.md
  31. AUTHORS
  32. BUILD.gn
  33. CODE_OF_CONDUCT.md
  34. codereview.settings
  35. DEPS
  36. ENG_REVIEW_OWNERS
  37. LICENSE
  38. license_template.txt
  39. native-api.md
  40. OWNERS
  41. PATENTS
  42. PRESUBMIT.py
  43. presubmit_test.py
  44. presubmit_test_mocks.py
  45. pylintrc
  46. README.chromium
  47. README.md
  48. style-guide.md
  49. WATCHLISTS
  50. webrtc.gni
  51. webrtc_lib_link_test.cc
  52. whitespace.txt
README.md

WebRTC is a free, open software project that provides browsers and mobile applications with Real-Time Communications (RTC) capabilities via simple APIs. The WebRTC components have been optimized to best serve this purpose.

Our mission: To enable rich, high-quality RTC applications to be developed for the browser, mobile platforms, and IoT devices, and allow them all to communicate via a common set of protocols.

The WebRTC initiative is a project supported by Google, Mozilla and Opera, amongst others.

Development

See here for instructions on how to get started developing with the native code.

Authoritative list of directories that contain the native API header files.

More info