/hg/icedtea-web: 3 new changesets
Jiri Vanek
jvanek at redhat.com
Wed Aug 8 00:20:42 PDT 2012
On 08/07/2012 11:30 PM, meyert at icedtea.classpath.org wrote:
I would like to backport "symbols patch" -
http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=7546e1e31105 - to i3. (with news).
ok?
> changeset dbfbb3670a6a in /hg/icedtea-web
> details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=dbfbb3670a6a
> author: Thomas Meyer <thomas at m3y3r.de>
> date: Fri Aug 03 10:24:49 2012 +0200
>
> ignore eclipse bin path
>
>
> changeset d7f2593595d9 in /hg/icedtea-web
> details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=d7f2593595d9
> author: Thomas Meyer <thomas at m3y3r.de>
> date: Tue Aug 07 23:06:03 2012 +0200
>
> Merge branches
>
>
> changeset 7546e1e31105 in /hg/icedtea-web
> details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=7546e1e31105
> author: Thomas Meyer <thomas at m3y3r.de>
> date: Tue Aug 07 23:11:28 2012 +0200
>
> Export only a minimum of symbols. This should fix PR472.
>
>
> diffstat:
>
> .hgignore | 1 +
> ChangeLog | 24 ++++++
> Makefile.am | 3 +-
> NEWS | 4 +-
> netx/net/sourceforge/jnlp/AppletLog.java | 37 ++++++++++
> netx/net/sourceforge/jnlp/JNLPMatcherException.java | 37 ++++++++++
> netx/net/sourceforge/jnlp/Log.java | 37 ++++++++++
> netx/net/sourceforge/jnlp/Node.java | 37 ++++++++++
> netx/net/sourceforge/jnlp/UpdateDesc.java | 37 ++++++++++
> netx/net/sourceforge/jnlp/cache/IllegalResourceDescriptorException.java | 37 ++++++++++
> netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java | 37 ++++++++++
> plugin/icedteanp/IcedTeaNPPlugin.cc | 11 ++-
> tests/test-extensions/net/sourceforge/jnlp/browsertesting/browsers/Firefox.java | 2 +-
> 13 files changed, 300 insertions(+), 4 deletions(-)
>
> diffs (445 lines):
>
> diff -r 10ce3bd661b1 -r 7546e1e31105 .hgignore
> --- a/.hgignore Wed Aug 01 17:12:08 2012 -0400
> +++ b/.hgignore Tue Aug 07 23:11:28 2012 +0200
> @@ -7,3 +7,4 @@
> missing
> config.guess
> config.sub
> +bin/
> \ No newline at end of file
> diff -r 10ce3bd661b1 -r 7546e1e31105 ChangeLog
> --- a/ChangeLog Wed Aug 01 17:12:08 2012 -0400
> +++ b/ChangeLog Tue Aug 07 23:11:28 2012 +0200
> @@ -1,3 +1,27 @@
> +2012-08-07 Thomas Meyer <thomas at m3y3r.de>
> +
> + * plugin/icedteanp/IcedTeaNPPlugin.cc: only export NP_GetMIMEDescription,
> + NP_GetValue, NP_Initialize and NP_Shutdown. This should fix PR472.
> +
> +2012-08-07 Saad Mohammad <smohammad at redhat.com>
> +
> + Added license header to files without one.
> + * netx/net/sourceforge/jnlp/AppletLog.java:
> + * netx/net/sourceforge/jnlp/JNLPMatcherException.java:
> + * netx/net/sourceforge/jnlp/Log.java:
> + * netx/net/sourceforge/jnlp/Node.java:
> + * netx/net/sourceforge/jnlp/UpdateDesc.java:
> + * netx/net/sourceforge/jnlp/cache/IllegalResourceDescriptorException.java:
> + * netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java: Added
> + license header.
> +
> +2012-08-07 Adam Domurad <adomurad at redhat.com>
> +
> + Fixes PR1106, plugin crashing with firefox + archlinux/gentoo
> + * plugin/icedteanp/IcedTeaNPPlugin.cc
> + (initialize_browser_functions): Account for the fact that
> + browserTable->size can be larger than sizeof(NPNetscapeFuncs)
> +
> 2012-08-01 Saad Mohammad <smohammad at redhat.com>
>
> Fix PR1049: Extension jnlp's signed jar with the content of only META-INF/*
> diff -r 10ce3bd661b1 -r 7546e1e31105 Makefile.am
> --- a/Makefile.am Wed Aug 01 17:12:08 2012 -0400
> +++ b/Makefile.am Tue Aug 07 23:11:28 2012 +0200
> @@ -270,6 +270,7 @@
> $(GLIB_CFLAGS) \
> $(GTK_CFLAGS) \
> $(MOZILLA_CFLAGS) \
> + -fvisibility=hidden \
> -fPIC -o $@ -c $<
>
> $(PLUGIN_DIR)/$(BUILT_PLUGIN_LIBRARY): $(addprefix $(PLUGIN_DIR)/,$(PLUGIN_OBJECTS))
> @@ -278,7 +279,7 @@
> $(PLUGIN_OBJECTS) \
> $(GLIB_LIBS) \
> $(GTK_LIBS) \
> - $(MOZILLA_LIBS)\
> + $(MOZILLA_LIBS) \
> -shared -o $@
>
> clean-IcedTeaPlugin:
> diff -r 10ce3bd661b1 -r 7546e1e31105 NEWS
> --- a/NEWS Wed Aug 01 17:12:08 2012 -0400
> +++ b/NEWS Tue Aug 07 23:11:28 2012 +0200
> @@ -12,8 +12,10 @@
> * Security updates
> - CVE-2012-3422, RH840592: Potential read from an uninitialized memory location
> - CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings
> +* Plugin
> + - PR1106: Buffer overflow in plugin table-
> * Common
> - - PR1049: Extension jnlp's signed jar with the content of only META-INF/* is considered unsigned
> + - PR1049: Extension jnlp's signed jar with the content of only META-INF/* is considered
>
> New in release 1.3 (2012-XX-XX):
> * NetX
> diff -r 10ce3bd661b1 -r 7546e1e31105 netx/net/sourceforge/jnlp/AppletLog.java
> --- a/netx/net/sourceforge/jnlp/AppletLog.java Wed Aug 01 17:12:08 2012 -0400
> +++ b/netx/net/sourceforge/jnlp/AppletLog.java Tue Aug 07 23:11:28 2012 +0200
> @@ -1,3 +1,40 @@
> +/* AppletLog.java
> + Copyright (C) 2011 Red Hat, Inc.
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or modify
> +it under the terms of the GNU General Public License as published by
> +the Free Software Foundation; either version 2, or (at your option)
> +any later version.
> +
> +IcedTea is distributed in the hope that it will be useful, but
> +WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to the
> +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version. */
> +
> package net.sourceforge.jnlp;
>
> import java.io.ByteArrayOutputStream;
> diff -r 10ce3bd661b1 -r 7546e1e31105 netx/net/sourceforge/jnlp/JNLPMatcherException.java
> --- a/netx/net/sourceforge/jnlp/JNLPMatcherException.java Wed Aug 01 17:12:08 2012 -0400
> +++ b/netx/net/sourceforge/jnlp/JNLPMatcherException.java Tue Aug 07 23:11:28 2012 +0200
> @@ -1,3 +1,40 @@
> +/* JNLPMatcherException.java
> + Copyright (C) 2011 Red Hat, Inc.
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or
> +modify it under the terms of the GNU General Public License as published by
> +the Free Software Foundation, version 2.
> +
> +IcedTea is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to
> +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version.
> + */
> +
> package net.sourceforge.jnlp;
>
> public class JNLPMatcherException extends Exception
> diff -r 10ce3bd661b1 -r 7546e1e31105 netx/net/sourceforge/jnlp/Log.java
> --- a/netx/net/sourceforge/jnlp/Log.java Wed Aug 01 17:12:08 2012 -0400
> +++ b/netx/net/sourceforge/jnlp/Log.java Tue Aug 07 23:11:28 2012 +0200
> @@ -1,3 +1,40 @@
> +/* Log.java
> + Copyright (C) 2011 Red Hat, Inc.
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or
> +modify it under the terms of the GNU General Public License as published by
> +the Free Software Foundation, version 2.
> +
> +IcedTea is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to
> +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version.
> + */
> +
> package net.sourceforge.jnlp;
>
> import java.io.File;
> diff -r 10ce3bd661b1 -r 7546e1e31105 netx/net/sourceforge/jnlp/Node.java
> --- a/netx/net/sourceforge/jnlp/Node.java Wed Aug 01 17:12:08 2012 -0400
> +++ b/netx/net/sourceforge/jnlp/Node.java Tue Aug 07 23:11:28 2012 +0200
> @@ -1,3 +1,40 @@
> +/* Node.java
> + Copyright (C) 2011 Red Hat, Inc.
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or
> +modify it under the terms of the GNU General Public License as published by
> +the Free Software Foundation, version 2.
> +
> +IcedTea is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to
> +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version.
> + */
> +
> package net.sourceforge.jnlp;
>
> import java.util.ArrayList;
> diff -r 10ce3bd661b1 -r 7546e1e31105 netx/net/sourceforge/jnlp/UpdateDesc.java
> --- a/netx/net/sourceforge/jnlp/UpdateDesc.java Wed Aug 01 17:12:08 2012 -0400
> +++ b/netx/net/sourceforge/jnlp/UpdateDesc.java Tue Aug 07 23:11:28 2012 +0200
> @@ -1,3 +1,40 @@
> +/* UpdateDesc.java
> + Copyright (C) 2010 Red Hat, Inc.
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or
> +modify it under the terms of the GNU General Public License as published by
> +the Free Software Foundation, version 2.
> +
> +IcedTea is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to
> +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version.
> + */
> +
> package net.sourceforge.jnlp;
>
> /**
> diff -r 10ce3bd661b1 -r 7546e1e31105 netx/net/sourceforge/jnlp/cache/IllegalResourceDescriptorException.java
> --- a/netx/net/sourceforge/jnlp/cache/IllegalResourceDescriptorException.java Wed Aug 01 17:12:08 2012 -0400
> +++ b/netx/net/sourceforge/jnlp/cache/IllegalResourceDescriptorException.java Tue Aug 07 23:11:28 2012 +0200
> @@ -1,3 +1,40 @@
> +/* IllegalResourceDescriptorException.java
> + Copyright (C) 2012 Red Hat, Inc.
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or
> +modify it under the terms of the GNU General Public License as published by
> +the Free Software Foundation, version 2.
> +
> +IcedTea is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to
> +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version.
> + */
> +
> package net.sourceforge.jnlp.cache;
>
> @SuppressWarnings("serial")
> diff -r 10ce3bd661b1 -r 7546e1e31105 netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java
> --- a/netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java Wed Aug 01 17:12:08 2012 -0400
> +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java Tue Aug 07 23:11:28 2012 +0200
> @@ -1,3 +1,40 @@
> +/* SecurityDialogMessage.java
> + Copyright (C) 2011 Red Hat, Inc.
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or
> +modify it under the terms of the GNU General Public License as published by
> +the Free Software Foundation, version 2.
> +
> +IcedTea is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to
> +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version.
> + */
> +
> package net.sourceforge.jnlp.security;
>
> import java.security.cert.X509Certificate;
> diff -r 10ce3bd661b1 -r 7546e1e31105 plugin/icedteanp/IcedTeaNPPlugin.cc
> --- a/plugin/icedteanp/IcedTeaNPPlugin.cc Wed Aug 01 17:12:08 2012 -0400
> +++ b/plugin/icedteanp/IcedTeaNPPlugin.cc Tue Aug 07 23:11:28 2012 +0200
> @@ -2043,8 +2043,13 @@
>
> //Ensure any unused fields are NULL
> memset(&browser_functions, 0, sizeof(NPNetscapeFuncs));
> +
> + //browserTable->size can be larger than sizeof(NPNetscapeFuncs) (PR1106)
> + size_t copySize = browserTable->size < sizeof(NPNetscapeFuncs) ?
> + browserTable->size : sizeof(NPNetscapeFuncs);
> +
> //Copy fields according to given size
> - memcpy(&browser_functions, browserTable, browserTable->size);
> + memcpy(&browser_functions, browserTable, copySize);
>
> return true;
> }
> @@ -2107,6 +2112,7 @@
> // this function, then it is evident that NP_Initialize has already
> // been called. There is no need to call this function more than once and
> // this workaround avoids any duplicate calls.
> +__attribute__ ((visibility ("default")))
> NPError
> NP_Initialize (NPNetscapeFuncs* browserTable, NPPluginFuncs* pluginTable)
> {
> @@ -2309,6 +2315,7 @@
>
> // Returns a string describing the MIME type that this plugin
> // handles.
> +__attribute__ ((visibility ("default")))
> #ifdef LEGACY_XULRUNNERAPI
> char*
> #else
> @@ -2325,6 +2332,7 @@
>
> // Returns a value relevant to the plugin as a whole. The browser
> // calls this function to obtain information about the plugin.
> +__attribute__ ((visibility ("default")))
> NPError
> NP_GetValue (void* future, NPPVariable variable, void* value)
> {
> @@ -2358,6 +2366,7 @@
>
> // Shuts down the plugin. Called after the last plugin instance is
> // destroyed.
> +__attribute__ ((visibility ("default")))
> NPError
> NP_Shutdown (void)
> {
> diff -r 10ce3bd661b1 -r 7546e1e31105 tests/test-extensions/net/sourceforge/jnlp/browsertesting/browsers/Firefox.java
> --- a/tests/test-extensions/net/sourceforge/jnlp/browsertesting/browsers/Firefox.java Wed Aug 01 17:12:08 2012 -0400
> +++ b/tests/test-extensions/net/sourceforge/jnlp/browsertesting/browsers/Firefox.java Tue Aug 07 23:11:28 2012 +0200
> @@ -47,7 +47,7 @@
> super(bin);
> }
>
> - String[] cs={"-no-remote", "-new-tab"};
> + String[] cs={"-new-tab"};
>
> @Override
> public Browsers getID() {
>
More information about the distro-pkg-dev
mailing list