Commit d50b5839 authored by Benedikt Meurer's avatar Benedikt Meurer Committed by V8 LUCI CQ

[inspector] Validate samplingInterval in HeapProfiler.startSampling

The HeapProfiler.startSampling method accepts a samplingInterval
parameter, which is assumed to be a positive (non-zero) number,
but doesn't validate the input (the renderer process just crashes
hard on a CHECK instead).

Fixed: chromium:1197392
Change-Id: Ib8e34f4b9881cd195214791ca0a3892e7b49bf55
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2891573
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Reviewed-by: 's avatarKim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74523}
parent 03820443
......@@ -379,6 +379,9 @@ Response V8HeapProfilerAgentImpl::startSampling(
const unsigned defaultSamplingInterval = 1 << 15;
double samplingIntervalValue =
samplingInterval.fromMaybe(defaultSamplingInterval);
if (samplingIntervalValue <= 0.0) {
return Response::ServerError("Invalid sampling interval");
}
m_state->setDouble(HeapProfilerAgentState::samplingHeapProfilerInterval,
samplingIntervalValue);
m_state->setBoolean(HeapProfilerAgentState::samplingHeapProfilerEnabled,
......
Regression test for crbug.com/1197392
Running test: testInvalidSamplingInterval
{
error : {
code : -32000
message : Invalid sampling interval
}
id : <messageId>
}
// Copyright 2021 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Flags: --sampling-heap-profiler-suppress-randomness
let {contextGroup, Protocol} = InspectorTest.start('Regression test for crbug.com/1197392');
InspectorTest.runAsyncTestSuite([
async function testInvalidSamplingInterval() {
await Protocol.HeapProfiler.enable();
const message = await Protocol.HeapProfiler.startSampling({samplingInterval: 0});
InspectorTest.logMessage(message);
await Protocol.HeapProfiler.disable();
}
]);
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment