/hg/icedtea-web: 3 new changesets
meyert at icedtea.classpath.org
meyert at icedtea.classpath.org
Tue Aug 7 14:30:58 PDT 2012
changeset dbfbb3670a6a in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=dbfbb3670a6a
author: Thomas Meyer <thomas at m3y3r.de>
date: Fri Aug 03 10:24:49 2012 +0200
ignore eclipse bin path
changeset d7f2593595d9 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=d7f2593595d9
author: Thomas Meyer <thomas at m3y3r.de>
date: Tue Aug 07 23:06:03 2012 +0200
Merge branches
changeset 7546e1e31105 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=7546e1e31105
author: Thomas Meyer <thomas at m3y3r.de>
date: Tue Aug 07 23:11:28 2012 +0200
Export only a minimum of symbols. This should fix PR472.
diffstat:
.hgignore | 1 +
ChangeLog | 24 ++++++
Makefile.am | 3 +-
NEWS | 4 +-
netx/net/sourceforge/jnlp/AppletLog.java | 37 ++++++++++
netx/net/sourceforge/jnlp/JNLPMatcherException.java | 37 ++++++++++
netx/net/sourceforge/jnlp/Log.java | 37 ++++++++++
netx/net/sourceforge/jnlp/Node.java | 37 ++++++++++
netx/net/sourceforge/jnlp/UpdateDesc.java | 37 ++++++++++
netx/net/sourceforge/jnlp/cache/IllegalResourceDescriptorException.java | 37 ++++++++++
netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java | 37 ++++++++++
plugin/icedteanp/IcedTeaNPPlugin.cc | 11 ++-
tests/test-extensions/net/sourceforge/jnlp/browsertesting/browsers/Firefox.java | 2 +-
13 files changed, 300 insertions(+), 4 deletions(-)
diffs (445 lines):
diff -r 10ce3bd661b1 -r 7546e1e31105 .hgignore
--- a/.hgignore Wed Aug 01 17:12:08 2012 -0400
+++ b/.hgignore Tue Aug 07 23:11:28 2012 +0200
@@ -7,3 +7,4 @@
missing
config.guess
config.sub
+bin/
\ No newline at end of file
diff -r 10ce3bd661b1 -r 7546e1e31105 ChangeLog
--- a/ChangeLog Wed Aug 01 17:12:08 2012 -0400
+++ b/ChangeLog Tue Aug 07 23:11:28 2012 +0200
@@ -1,3 +1,27 @@
+2012-08-07 Thomas Meyer <thomas at m3y3r.de>
+
+ * plugin/icedteanp/IcedTeaNPPlugin.cc: only export NP_GetMIMEDescription,
+ NP_GetValue, NP_Initialize and NP_Shutdown. This should fix PR472.
+
+2012-08-07 Saad Mohammad <smohammad at redhat.com>
+
+ Added license header to files without one.
+ * netx/net/sourceforge/jnlp/AppletLog.java:
+ * netx/net/sourceforge/jnlp/JNLPMatcherException.java:
+ * netx/net/sourceforge/jnlp/Log.java:
+ * netx/net/sourceforge/jnlp/Node.java:
+ * netx/net/sourceforge/jnlp/UpdateDesc.java:
+ * netx/net/sourceforge/jnlp/cache/IllegalResourceDescriptorException.java:
+ * netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java: Added
+ license header.
+
+2012-08-07 Adam Domurad <adomurad at redhat.com>
+
+ Fixes PR1106, plugin crashing with firefox + archlinux/gentoo
+ * plugin/icedteanp/IcedTeaNPPlugin.cc
+ (initialize_browser_functions): Account for the fact that
+ browserTable->size can be larger than sizeof(NPNetscapeFuncs)
+
2012-08-01 Saad Mohammad <smohammad at redhat.com>
Fix PR1049: Extension jnlp's signed jar with the content of only META-INF/*
diff -r 10ce3bd661b1 -r 7546e1e31105 Makefile.am
--- a/Makefile.am Wed Aug 01 17:12:08 2012 -0400
+++ b/Makefile.am Tue Aug 07 23:11:28 2012 +0200
@@ -270,6 +270,7 @@
$(GLIB_CFLAGS) \
$(GTK_CFLAGS) \
$(MOZILLA_CFLAGS) \
+ -fvisibility=hidden \
-fPIC -o $@ -c $<
$(PLUGIN_DIR)/$(BUILT_PLUGIN_LIBRARY): $(addprefix $(PLUGIN_DIR)/,$(PLUGIN_OBJECTS))
@@ -278,7 +279,7 @@
$(PLUGIN_OBJECTS) \
$(GLIB_LIBS) \
$(GTK_LIBS) \
- $(MOZILLA_LIBS)\
+ $(MOZILLA_LIBS) \
-shared -o $@
clean-IcedTeaPlugin:
diff -r 10ce3bd661b1 -r 7546e1e31105 NEWS
--- a/NEWS Wed Aug 01 17:12:08 2012 -0400
+++ b/NEWS Tue Aug 07 23:11:28 2012 +0200
@@ -12,8 +12,10 @@
* Security updates
- CVE-2012-3422, RH840592: Potential read from an uninitialized memory location
- CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings
+* Plugin
+ - PR1106: Buffer overflow in plugin table-
* Common
- - PR1049: Extension jnlp's signed jar with the content of only META-INF/* is considered unsigned
+ - PR1049: Extension jnlp's signed jar with the content of only META-INF/* is considered
New in release 1.3 (2012-XX-XX):
* NetX
diff -r 10ce3bd661b1 -r 7546e1e31105 netx/net/sourceforge/jnlp/AppletLog.java
--- a/netx/net/sourceforge/jnlp/AppletLog.java Wed Aug 01 17:12:08 2012 -0400
+++ b/netx/net/sourceforge/jnlp/AppletLog.java Tue Aug 07 23:11:28 2012 +0200
@@ -1,3 +1,40 @@
+/* AppletLog.java
+ Copyright (C) 2011 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+IcedTea is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
package net.sourceforge.jnlp;
import java.io.ByteArrayOutputStream;
diff -r 10ce3bd661b1 -r 7546e1e31105 netx/net/sourceforge/jnlp/JNLPMatcherException.java
--- a/netx/net/sourceforge/jnlp/JNLPMatcherException.java Wed Aug 01 17:12:08 2012 -0400
+++ b/netx/net/sourceforge/jnlp/JNLPMatcherException.java Tue Aug 07 23:11:28 2012 +0200
@@ -1,3 +1,40 @@
+/* JNLPMatcherException.java
+ Copyright (C) 2011 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING. If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version.
+ */
+
package net.sourceforge.jnlp;
public class JNLPMatcherException extends Exception
diff -r 10ce3bd661b1 -r 7546e1e31105 netx/net/sourceforge/jnlp/Log.java
--- a/netx/net/sourceforge/jnlp/Log.java Wed Aug 01 17:12:08 2012 -0400
+++ b/netx/net/sourceforge/jnlp/Log.java Tue Aug 07 23:11:28 2012 +0200
@@ -1,3 +1,40 @@
+/* Log.java
+ Copyright (C) 2011 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING. If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version.
+ */
+
package net.sourceforge.jnlp;
import java.io.File;
diff -r 10ce3bd661b1 -r 7546e1e31105 netx/net/sourceforge/jnlp/Node.java
--- a/netx/net/sourceforge/jnlp/Node.java Wed Aug 01 17:12:08 2012 -0400
+++ b/netx/net/sourceforge/jnlp/Node.java Tue Aug 07 23:11:28 2012 +0200
@@ -1,3 +1,40 @@
+/* Node.java
+ Copyright (C) 2011 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING. If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version.
+ */
+
package net.sourceforge.jnlp;
import java.util.ArrayList;
diff -r 10ce3bd661b1 -r 7546e1e31105 netx/net/sourceforge/jnlp/UpdateDesc.java
--- a/netx/net/sourceforge/jnlp/UpdateDesc.java Wed Aug 01 17:12:08 2012 -0400
+++ b/netx/net/sourceforge/jnlp/UpdateDesc.java Tue Aug 07 23:11:28 2012 +0200
@@ -1,3 +1,40 @@
+/* UpdateDesc.java
+ Copyright (C) 2010 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING. If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version.
+ */
+
package net.sourceforge.jnlp;
/**
diff -r 10ce3bd661b1 -r 7546e1e31105 netx/net/sourceforge/jnlp/cache/IllegalResourceDescriptorException.java
--- a/netx/net/sourceforge/jnlp/cache/IllegalResourceDescriptorException.java Wed Aug 01 17:12:08 2012 -0400
+++ b/netx/net/sourceforge/jnlp/cache/IllegalResourceDescriptorException.java Tue Aug 07 23:11:28 2012 +0200
@@ -1,3 +1,40 @@
+/* IllegalResourceDescriptorException.java
+ Copyright (C) 2012 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING. If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version.
+ */
+
package net.sourceforge.jnlp.cache;
@SuppressWarnings("serial")
diff -r 10ce3bd661b1 -r 7546e1e31105 netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java
--- a/netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java Wed Aug 01 17:12:08 2012 -0400
+++ b/netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java Tue Aug 07 23:11:28 2012 +0200
@@ -1,3 +1,40 @@
+/* SecurityDialogMessage.java
+ Copyright (C) 2011 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING. If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version.
+ */
+
package net.sourceforge.jnlp.security;
import java.security.cert.X509Certificate;
diff -r 10ce3bd661b1 -r 7546e1e31105 plugin/icedteanp/IcedTeaNPPlugin.cc
--- a/plugin/icedteanp/IcedTeaNPPlugin.cc Wed Aug 01 17:12:08 2012 -0400
+++ b/plugin/icedteanp/IcedTeaNPPlugin.cc Tue Aug 07 23:11:28 2012 +0200
@@ -2043,8 +2043,13 @@
//Ensure any unused fields are NULL
memset(&browser_functions, 0, sizeof(NPNetscapeFuncs));
+
+ //browserTable->size can be larger than sizeof(NPNetscapeFuncs) (PR1106)
+ size_t copySize = browserTable->size < sizeof(NPNetscapeFuncs) ?
+ browserTable->size : sizeof(NPNetscapeFuncs);
+
//Copy fields according to given size
- memcpy(&browser_functions, browserTable, browserTable->size);
+ memcpy(&browser_functions, browserTable, copySize);
return true;
}
@@ -2107,6 +2112,7 @@
// this function, then it is evident that NP_Initialize has already
// been called. There is no need to call this function more than once and
// this workaround avoids any duplicate calls.
+__attribute__ ((visibility ("default")))
NPError
NP_Initialize (NPNetscapeFuncs* browserTable, NPPluginFuncs* pluginTable)
{
@@ -2309,6 +2315,7 @@
// Returns a string describing the MIME type that this plugin
// handles.
+__attribute__ ((visibility ("default")))
#ifdef LEGACY_XULRUNNERAPI
char*
#else
@@ -2325,6 +2332,7 @@
// Returns a value relevant to the plugin as a whole. The browser
// calls this function to obtain information about the plugin.
+__attribute__ ((visibility ("default")))
NPError
NP_GetValue (void* future, NPPVariable variable, void* value)
{
@@ -2358,6 +2366,7 @@
// Shuts down the plugin. Called after the last plugin instance is
// destroyed.
+__attribute__ ((visibility ("default")))
NPError
NP_Shutdown (void)
{
diff -r 10ce3bd661b1 -r 7546e1e31105 tests/test-extensions/net/sourceforge/jnlp/browsertesting/browsers/Firefox.java
--- a/tests/test-extensions/net/sourceforge/jnlp/browsertesting/browsers/Firefox.java Wed Aug 01 17:12:08 2012 -0400
+++ b/tests/test-extensions/net/sourceforge/jnlp/browsertesting/browsers/Firefox.java Tue Aug 07 23:11:28 2012 +0200
@@ -47,7 +47,7 @@
super(bin);
}
- String[] cs={"-no-remote", "-new-tab"};
+ String[] cs={"-new-tab"};
@Override
public Browsers getID() {
More information about the distro-pkg-dev
mailing list