From a5635c454db2a79dac54e6c5d4bca25dc9f35897 Mon Sep 17 00:00:00 2001
From: estark <estark@chromium.org>
Date: Mon, 13 Jul 2015 17:06:53 -0700
Subject: Kill renderer on failure to deserialize security info in most cases

This CL adds a bool return value to DeserializeSecurityInfo() to
indicate if the information could be deserialized, and also adds a basic
sanity check to one of the deserialized values (|security_bits|).

In most places where security info is deserialized, this CL kills the
renderer if deserialization fails. The remaining place that this CL
doesn't handle is when the renderer passes ContextMenuParams to the
browser; this case requires a little more refactoring because the
renderer does the deserialization and passes the deserialized SSLStatus
to the browser.

Follow-up to https://codereview.chromium.org/1225983003/

BUG=508232

Review URL: https://codereview.chromium.org/1230003004

Cr-Commit-Position: refs/heads/master@{#338600}
---
 content/browser/ssl/ssl_manager.cc | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'content/browser/ssl')

diff --git a/content/browser/ssl/ssl_manager.cc b/content/browser/ssl/ssl_manager.cc
index 6f258a7..ab1048c 100644
--- a/content/browser/ssl/ssl_manager.cc
+++ b/content/browser/ssl/ssl_manager.cc
@@ -117,8 +117,7 @@ void SSLManager::DidCommitProvisionalLoad(const LoadCommittedDetails& details) {
     if (entry) {
       // We may not have an entry if this is a navigation to an initial blank
       // page. Add the new data we have.
-      entry->GetSSL() =
-          DeserializeSecurityInfo(details.serialized_security_info);
+      entry->GetSSL() = details.ssl_status;
     }
   }
 
-- 
cgit v1.1