/hg/release/icedtea-web-1.3: CVE-2012-3422, RH840592: Potential ...

dbhole at icedtea.classpath.org dbhole at icedtea.classpath.org
Tue Jul 31 12:16:35 PDT 2012 

changeset 3b9b763bf1fc in /hg/release/icedtea-web-1.3
details: http://icedtea.classpath.org/hg/release/icedtea-web-1.3?cmd=changeset;node=3b9b763bf1fc
author: Deepak Bhole <dbhole at redhat.com>
date: Tue Jul 24 11:44:50 2012 -0400

	CVE-2012-3422, RH840592: Potential read from an uninitialized memory location

	Updated NEWS file with entry for CVE-2012-3423


diffstat:

 ChangeLog                           |  10 ++++++++++
 NEWS                                |   3 +++
 plugin/icedteanp/IcedTeaNPPlugin.cc |  10 ++++++++++
 3 files changed, 23 insertions(+), 0 deletions(-)

diffs (60 lines):

diff -r 55911b39b5c0 -r 3b9b763bf1fc ChangeLog
--- a/ChangeLog	Tue Jul 31 14:38:12 2012 +0200
+++ b/ChangeLog	Tue Jul 24 11:44:50 2012 -0400
@@ -9,6 +9,16 @@
 
 2012-07-24  Adam Domurad  <adomurad at redhat.com>
 
+	CVE-2012-3422, RH840592: Potential read from an uninitialized
+	memory location.
+	* plugin/icedteanp/IcedTeaNPPlugin.cc
+	(get_cookie_info): Only attempt to perform this operation if there is a
+	valid plugin instance
+	(get_proxy_info): Only attempt to perform this operation if there is a
+	valid plugin instance
+
+2012-07-24  Adam Domurad  <adomurad at redhat.com>
+
 	* plugin/icedteanp/IcedTeaPluginUtils.cc
 	(IcedTeaPluginUtilities::strSplit): Replace usage of " " with proper 
 	delimiter
diff -r 55911b39b5c0 -r 3b9b763bf1fc NEWS
--- a/NEWS	Tue Jul 31 14:38:12 2012 +0200
+++ b/NEWS	Tue Jul 24 11:44:50 2012 -0400
@@ -9,6 +9,9 @@
 CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
 
 New in release 1.3 (2012-XX-XX):
+* Security updates
+  - CVE-2012-3422, RH840592: Potential read from an uninitialized memory location
+  - CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings
 * NetX
   - PR898: signed applications with big jnlp-file doesn't start (webstart affect like "frozen")
   - PR811: javaws is not handling urls with spaces (and other characters needing encoding) correctly
diff -r 55911b39b5c0 -r 3b9b763bf1fc plugin/icedteanp/IcedTeaNPPlugin.cc
--- a/plugin/icedteanp/IcedTeaNPPlugin.cc	Tue Jul 31 14:38:12 2012 +0200
+++ b/plugin/icedteanp/IcedTeaNPPlugin.cc	Tue Jul 24 11:44:50 2012 -0400
@@ -925,6 +925,11 @@
 NPError
 get_cookie_info(const char* siteAddr, char** cookieString, uint32_t* len)
 {
+  // Only attempt to perform this operation if there is a valid plugin instance
+  if (g_hash_table_size(instance_to_id_map) <= 0)
+  {
+    return NPERR_GENERIC_ERROR;
+  }
 #if MOZILLA_VERSION_COLLAPSED < 1090100
   nsresult rv;
   nsCOMPtr<nsIScriptSecurityManager> sec_man =
@@ -1330,6 +1335,11 @@
 NPError
 get_proxy_info(const char* siteAddr, char** proxy, uint32_t* len)
 {
+  // Only attempt to perform this operation if there is a valid plugin instance
+  if (g_hash_table_size(instance_to_id_map) <= 0)
+  {
+	  return NPERR_GENERIC_ERROR;
+  }
 #if MOZILLA_VERSION_COLLAPSED < 1090100
   nsresult rv;

More information about the distro-pkg-dev mailing list