[Backport] Security bug 1202534

Cherry-pick of patch originally reviewed on https://chromium-review.googlesource.com/c/v8/v8/+/2940882: M86-LTS: [debugger] Return ServerError if debugger agent is disabled This returns a server error on setting breakpoints if the agent is disabled. (cherry picked from commit 5aa2de8128f885c44df79d38fb4aa5c6a5d94306) Also-by: [email protected] Fixed: chromium:1202534 No-Try: true No-Presubmit: true No-Tree-Checks: true Change-Id: I87c80a4bd785fa5c59a8dd0d5ac5f4b31b015ed8 Commit-Queue: Kim-Anh Tran <[email protected]> Commit-Queue: Benedikt Meurer <[email protected]> Auto-Submit: Kim-Anh Tran <[email protected]> Reviewed-by: Benedikt Meurer <[email protected]> Cr-Original-Commit-Position: refs/heads/master@{#74399} Reviewed-by: Achuith Bhandarkar <[email protected]> Commit-Queue: Artem Sumaneev <[email protected]> Cr-Commit-Position: refs/branch-heads/8.6@{#105} Cr-Branched-From: a64aed2333abf49e494d2a5ce24bbd14fff19f60-refs/heads/8.6.395@{#1} Cr-Branched-From: a626bc036236c9bf92ac7b87dc40c9e538b087e3-refs/heads/master@{#69472} Reviewed-by: Michal Klocek <[email protected]>
qt · Aug 2, 2021 · 9995d42 · 9995d42
1 parent 8b6c2cc
commit 9995d42
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/chromium/v8/src/inspector/v8-debugger-agent-impl.cc b/chromium/v8/src/inspector/v8-debugger-agent-impl.cc
@@ -499,6 +499,8 @@ Response V8DebuggerAgentImpl::setBreakpointByUrl(
     Maybe<int> optionalColumnNumber, Maybe<String16> optionalCondition,
     String16* outBreakpointId,
     std::unique_ptr<protocol::Array<protocol::Debugger::Location>>* locations) {
+  if (!enabled()) return Response::ServerError(kDebuggerNotEnabled);
+
   *locations = std::make_unique<Array<protocol::Debugger::Location>>();
 
   int specified = (optionalURL.isJust() ? 1 : 0) +
@@ -587,6 +589,8 @@ Response V8DebuggerAgentImpl::setBreakpoint(
   String16 breakpointId = generateBreakpointId(
       BreakpointType::kByScriptId, location->getScriptId(),
       location->getLineNumber(), location->getColumnNumber(0));
+  if (!enabled()) return Response::ServerError(kDebuggerNotEnabled);
+
   if (m_breakpointIdToDebuggerBreakpointIds.find(breakpointId) !=
       m_breakpointIdToDebuggerBreakpointIds.end()) {
     return Response::ServerError(
@@ -605,6 +609,8 @@ Response V8DebuggerAgentImpl::setBreakpoint(
 Response V8DebuggerAgentImpl::setBreakpointOnFunctionCall(
     const String16& functionObjectId, Maybe<String16> optionalCondition,
     String16* outBreakpointId) {
+  if (!enabled()) return Response::ServerError(kDebuggerNotEnabled);
+
   InjectedScript::ObjectScope scope(m_session, functionObjectId);
   Response response = scope.initialize();
   if (!response.IsSuccess()) return response;