My favorites | Sign in
Google
Project Home
  
Downloads
  
Wiki
  
Issues
  
Source
    
New issue | Search
for
| Advanced search | Search tips
Issue 53: SRPC Shared Memory Infoleak / Memory corruption
3 people starred this issue and may be notified of changes. Back to list
Status:  Fixed
Owner:  sehr+leg...@google.com
Closed:  Apr 2009
Security-Contest
Type-Defect


Sign in to add a comment
 
Reported by mark.dowd, Mar 12, 2009 
Team: Beached As

An Integer overflow vulnerability exists within the SharedMemory
implementation of the browser plugin. Specifically, when read() is called
on a shared memory object, an overly large offset can result in a memory
leak, and an overly large length parameter can result in memory corruption
srpc_shm1.zip
7.6 KB Download
Comment 1 by nativeclient.admin, Mar 12, 2009 
Verified as an issue.
Status: Accepted
Owner: s...@google.com
Labels: Type-Defect
Comment 2 by nativeclient.admin, Apr 10, 2009 
Fix was released in build 57.
Status: Fixed
Sign in to add a comment