Crash with potnetial buffur overflow message

Having problems with building or using CEF's C/C++ APIs? This forum is here to help. Please do not post bug reports or feature requests here.

Crash with potnetial buffur overflow message

Postby gigi777 » Wed Aug 30, 2017 1:10 pm

Hi, My application tries to print to pdf using the printing/pdf_metadata_skia.cc APIs. For some URLs (e.g. apple.com, huffingtonpost.com), even before it gets to the printing code, I see the following message followed by intermittent crashes.
[0830/103259.786:ERROR:source_stream.cc(57)] potential buffer overflow; data_out_written > data_out_size
The stack trace for the crash is below which does not relate to any of my code changes.
I see this crash in CEF versions 3071 and 2924. I am currently not set up for later versions of CEF.
Has anybody seen this issue or confirm that it is an issue in the CEF branch?
Thanks.

> cefsimple.exe!memcpy() Line 194 Unknown
cefsimple.exe!`anonymous namespace'::response_filter_filter(_cef_response_filter_t * self, void * data_in, unsigned int data_in_size, unsigned int * data_in_read, void * data_out, unsigned int data_out_size, unsigned int * data_out_written) Line 65 C++
libcef.dll!CefResponseFilterCToCpp::Filter(void * data_in, unsigned int data_in_size, unsigned int & data_in_read, void * data_out, unsigned int data_out_size, unsigned int & data_out_written) Line 57 C++
libcef.dll!CefSourceStream::FilterData(net::IOBuffer * output_buffer, int output_buffer_size, net::IOBuffer * input_buffer, int input_buffer_size, int * consumed_bytes, bool upstream_eof_reached) Line 42 C++
libcef.dll!net::FilterSourceStream::DoFilterData() Line 138 C++
libcef.dll!net::FilterSourceStream::DoLoop(int result) Line 87 C++
libcef.dll!net::FilterSourceStream::OnIOComplete(int result) Line 162 C++
libcef.dll!base::internal::Invoker<base::internal::BindState<void (__thiscall content::devtools::tethering::`anonymous namespace'::SocketPump::*)(int),base::internal::UnretainedWrapper<content::devtools::tethering::`anonymous namespace'::SocketPump> >,void __cdecl(int)>::Run(base::internal::BindStateBase * base, int && <unbound_args_0>) Line 343 C++
libcef.dll!net::URLRequestJob::ReadRawDataComplete(int result) Line 553 C++
libcef.dll!net::URLRequestHttpJob::OnReadCompleted(int result) Line 955 C++
libcef.dll!base::internal::Invoker<base::internal::BindState<void (__thiscall content::devtools::tethering::`anonymous namespace'::SocketPump::*)(int),base::internal::UnretainedWrapper<content::devtools::tethering::`anonymous namespace'::SocketPump> >,void __cdecl(int)>::Run(base::internal::BindStateBase * base, int && <unbound_args_0>) Line 343 C++
libcef.dll!base::internal::RunMixin<base::Callback<void __cdecl(enum payments::mojom::PaymentAppManifestError),1,1> >::Run(payments::mojom::PaymentAppManifestError <args_0>) Line 64 C++
libcef.dll!net::HttpCache::Transaction::DoLoop(int result) Line 881 C++
libcef.dll!base::internal::InvokeHelper<1,void>::MakeItSo<void (__thiscall media::DXVAVideoDecodeAccelerator::*const &)(int),base::WeakPtr<media::DXVAVideoDecodeAccelerator> const &,__int64 const &>(void(media::DXVAVideoDecodeAccelerator::*)(int) & functor, const base::WeakPtr<media::DXVAVideoDecodeAccelerator> & weak_ptr, const __int64 & <args_0>) Line 305 C++
libcef.dll!base::internal::Invoker<base::internal::BindState<void (__thiscall content::ShaderDiskReadHelper::*)(int),base::WeakPtr<content::ShaderDiskReadHelper> >,void __cdecl(int)>::Run(base::internal::BindStateBase * base, int && <unbound_args_0>) Line 339 C++
libcef.dll!base::internal::RunMixin<base::Callback<void __cdecl(enum payments::mojom::PaymentAppManifestError),1,1> >::Run(payments::mojom::PaymentAppManifestError <args_0>) Line 64 C++
libcef.dll!net::HttpNetworkTransaction::DoCallback(int rv) Line 660 C++
libcef.dll!net::HttpNetworkTransaction::OnIOComplete(int result) Line 665 C++
libcef.dll!base::internal::Invoker<base::internal::BindState<void (__thiscall content::URLResponseBodyConsumer::*)(unsigned int),base::internal::UnretainedWrapper<content::URLResponseBodyConsumer> >,void __cdecl(unsigned int)>::Run(base::internal::BindStateBase * base, unsigned int && <unbound_args_0>) Line 339 C++
libcef.dll!base::internal::RunMixin<base::Callback<void __cdecl(enum payments::mojom::PaymentAppManifestError),1,1> >::Run(payments::mojom::PaymentAppManifestError <args_0>) Line 64 C++
libcef.dll!net::HttpStreamParser::OnIOComplete(int result) Line 405 C++
libcef.dll!base::internal::InvokeHelper<1,void>::MakeItSo<void (__thiscall media::DXVAVideoDecodeAccelerator::*const &)(int),base::WeakPtr<media::DXVAVideoDecodeAccelerator> const &,__int64 const &>(void(media::DXVAVideoDecodeAccelerator::*)(int) & functor, const base::WeakPtr<media::DXVAVideoDecodeAccelerator> & weak_ptr, const __int64 & <args_0>) Line 305 C++
libcef.dll!base::internal::Invoker<base::internal::BindState<void (__thiscall content::ShaderDiskReadHelper::*)(int),base::WeakPtr<content::ShaderDiskReadHelper> >,void __cdecl(int)>::Run(base::internal::BindStateBase * base, int && <unbound_args_0>) Line 339 C++
libcef.dll!net::SSLClientSocketImpl::DoReadCallback(int rv) Line 1032 C++
libcef.dll!net::SSLClientSocketImpl::RetryAllOperations() Line 1523 C++
libcef.dll!net::SocketBIOAdapter::OnSocketReadComplete(int result) Line 136 C++
libcef.dll!base::internal::InvokeHelper<1,void>::MakeItSo<void (__thiscall media::DXVAVideoDecodeAccelerator::*const &)(int),base::WeakPtr<media::DXVAVideoDecodeAccelerator> const &,__int64 const &>(void(media::DXVAVideoDecodeAccelerator::*)(int) & functor, const base::WeakPtr<media::DXVAVideoDecodeAccelerator> & weak_ptr, const __int64 & <args_0>) Line 305 C++
libcef.dll!base::internal::Invoker<base::internal::BindState<void (__thiscall content::ShaderDiskReadHelper::*)(int),base::WeakPtr<content::ShaderDiskReadHelper> >,void __cdecl(int)>::Run(base::internal::BindStateBase * base, int && <unbound_args_0>) Line 339 C++
libcef.dll!net::TCPClientSocket::DidCompleteReadWrite(const base::Callback<void __cdecl(int),1,1> & callback, int result) Line 374 C++
libcef.dll!base::internal::Invoker<base::internal::BindState<void (__thiscall net::WebSocketBasicHandshakeStream::*)(base::Callback<void __cdecl(int),1,1> const &,int),base::internal::UnretainedWrapper<net::WebSocketBasicHandshakeStream>,base::Callback<void __cdecl(int),1,1> >,void __cdecl(int)>::Run(base::internal::BindStateBase * base, int && <unbound_args_0>) Line 343 C++
libcef.dll!base::internal::RunMixin<base::Callback<void __cdecl(enum payments::mojom::PaymentAppManifestError),1,1> >::Run(payments::mojom::PaymentAppManifestError <args_0>) Line 64 C++
libcef.dll!net::TCPSocketWin::DidSignalRead() Line 1008 C++
libcef.dll!net::TCPSocketWin::Core::ReadDelegate::OnObjectSignaled(void * object) Line 234 C++
libcef.dll!base::internal::Invoker<base::internal::BindState<void (__thiscall cc::ContextCacheController::*)(unsigned int),base::WeakPtr<cc::ContextCacheController>,unsigned int>,void __cdecl(void)>::Run(base::internal::BindStateBase * base) Line 339 C++
libcef.dll!base::debug::TaskAnnotator::RunTask(const char * queue_function, base::PendingTask * pending_task) Line 52 C++
libcef.dll!base::MessageLoop::RunTask(base::PendingTask * pending_task) Line 411 C++
libcef.dll!base::MessageLoop::DoWork() Line 512 C++
libcef.dll!base::MessagePumpForIO::DoRunLoop() Line 621 C++
libcef.dll!base::MessagePumpWin::Run(base::MessagePump::Delegate * delegate) Line 58 C++
libcef.dll!base::MessageLoop::RunHandler() Line 375 C++
libcef.dll!base::RunLoop::Run() Line 36 C++
libcef.dll!base::Thread::Run(base::RunLoop * run_loop) Line 246 C++
libcef.dll!content::BrowserThreadImpl::IOThreadRun(base::RunLoop * run_loop) Line 254 C++
libcef.dll!content::BrowserThreadImpl::Run(base::RunLoop * run_loop) Line 288 C++
libcef.dll!base::Thread::ThreadMain() Line 336 C++
libcef.dll!base::`anonymous namespace'::ThreadFunc(void * params) Line 86 C++
gigi777
Techie
 
Posts: 13
Joined: Fri Aug 11, 2017 5:35 pm

Re: Crash with potnetial buffur overflow message

Postby magreenblatt » Wed Aug 30, 2017 2:37 pm

It sounds like you are implementing CefResponseFilter incorrectly in your code.
magreenblatt
Site Admin
 
Posts: 12384
Joined: Fri May 29, 2009 6:57 pm


Return to Support Forum

Who is online

Users browsing this forum: Majestic-12 [Bot] and 37 guests