mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions 1
electron/shell
History
Exact
trop[bot] d7bccf5b2f
 fix: UAF in api::UtilityProcessWrapper (#52094) 
* fix: UAF in api::UtilityProcessWrapper

Detach the wrapper from ServiceProcessHost during termination instead
of waiting for destruction. Add a regression test that forces GC.

This fixes a UAF error reported by ASAN: the wrapper lost its last JS
reference and become collectible after emitting exit *but* before it
had been removed from the global observer list.

UtilityProcessWrapper is now cppgc-managed as of b9e462f397, but its
ServiceProcessHost observer cleanup still depended on destructor-time
teardown.

* fixup! fix: UAF in api::UtilityProcessWrapper

fix: much better cleanup from Deepak code review

Co-authored-by: trop[bot] <37223003+trop[bot]@users.noreply.github.com>
Co-authored-by: Charles Kerr <charles@charleskerr.com>
2026-06-22 20:01:59 -07:00
..
app perf: backport startup performance improvements to 42-x-y (#51602, #51697, #51703) (#51831) 2026-06-02 23:22:48 -07:00
browser fix: UAF in api::UtilityProcessWrapper (#52094) 2026-06-22 20:01:59 -07:00
common fix: invalidate sandboxed preload code cache when source changes without changing length (#51933) 2026-06-09 05:39:57 +00:00
renderer fix: invalidate sandboxed preload code cache when source changes without changing length (#51933) 2026-06-09 05:39:57 +00:00
services/node chore: bump chromium to 148.0.7768.0 (42-x-y) (#50781) 2026-04-07 15:30:18 -04:00
utility fix: broken OOP window.print() on macOS/Linux (#45214) 2025-01-20 10:23:44 +01:00