/hg/release/icedtea-web-1.1: fixes PR518, ensures null terminati...
adomurad at icedtea.classpath.org
adomurad at icedtea.classpath.org
Fri Jun 8 10:44:01 PDT 2012
changeset 1ebd1690ff09 in /hg/release/icedtea-web-1.1
details: http://icedtea.classpath.org/hg/release/icedtea-web-1.1?cmd=changeset;node=1ebd1690ff09
author: Adam Domurad <adomurad at redhat.com>
date: Fri Jun 08 13:43:52 2012 -0400
fixes PR518, ensures null termination of strings based off of NPVariant results.
diffstat:
ChangeLog | 17 +++++++++
NEWS | 1 +
plugin/icedteanp/IcedTeaJavaRequestProcessor.cc | 6 +--
plugin/icedteanp/IcedTeaNPPlugin.cc | 15 +------
plugin/icedteanp/IcedTeaPluginUtils.cc | 45 ++++++++++++------------
plugin/icedteanp/IcedTeaPluginUtils.h | 3 +
6 files changed, 47 insertions(+), 40 deletions(-)
diffs (185 lines):
diff -r 31252824a838 -r 1ebd1690ff09 ChangeLog
--- a/ChangeLog Fri Jun 01 16:05:18 2012 -0400
+++ b/ChangeLog Fri Jun 08 13:43:52 2012 -0400
@@ -1,3 +1,20 @@
+ChangeLog:
+2012-06-04 Adam Domurad <adomurad at redhat.com>
+
+ This patch fixes PR518, ensures null termination of strings based off
+ of NPVariant results.
+ * NEWS: Added line about fixing PR518
+ * plugin/icedteanp/IcedTeaPluginUtils.h: Added declaration of
+ NPVariantAsString
+ * plugin/icedteanp/IcedTeaPluginUtils.cc
+ (NPVariantAsString): New. Converts an NPVariant to a
+ std::string, assumes it is a string.
+ (isObjectJSArray): Now uses NPVariantAsString, minor cleanup.
+ * plugin/icedteanp/IcedTeaJavaRequestProcessor.cc
+ (plugin_get_documentbase): Now uses NPVariantAsString.
+ * plugin/icedteanp/IcedTeaNPPlugin.cc
+ (NPVariantToString): Now uses NPVariantAsString, minor cleanup.
+
2012-06-01 Deepak Bhole <dbhole at redhat.com>
PR863: Error passing strings to applet methods in Chromium
diff -r 31252824a838 -r 1ebd1690ff09 NEWS
--- a/NEWS Fri Jun 01 16:05:18 2012 -0400
+++ b/NEWS Fri Jun 08 13:43:52 2012 -0400
@@ -11,6 +11,7 @@
New in release 1.1.6 (2012-XX-XX):
* Plugin
- PR863: Error passing strings to applet methods in Chromium
+ - PR518: NPString.utf8characters not guaranteed to be nul-terminated
New in release 1.1.5 (2012-03-05):
* Plugin
diff -r 31252824a838 -r 1ebd1690ff09 plugin/icedteanp/IcedTeaJavaRequestProcessor.cc
--- a/plugin/icedteanp/IcedTeaJavaRequestProcessor.cc Fri Jun 01 16:05:18 2012 -0400
+++ b/plugin/icedteanp/IcedTeaJavaRequestProcessor.cc Fri Jun 08 13:43:52 2012 -0400
@@ -904,11 +904,7 @@
} else if (NPVARIANT_IS_STRING(variant))
{
className = "java.lang.String";
-#if MOZILLA_VERSION_COLLAPSED < 1090200
- stringArg.append(NPVARIANT_TO_STRING(variant).utf8characters, NPVARIANT_TO_STRING(variant).utf8length);
-#else
- stringArg.append(NPVARIANT_TO_STRING(variant).UTF8Characters, NPVARIANT_TO_STRING(variant).UTF8Length);
-#endif
+ stringArg = IcedTeaPluginUtilities::NPVariantAsString(variant);
} else if (NPVARIANT_IS_OBJECT(variant))
{
diff -r 31252824a838 -r 1ebd1690ff09 plugin/icedteanp/IcedTeaNPPlugin.cc
--- a/plugin/icedteanp/IcedTeaNPPlugin.cc Fri Jun 01 16:05:18 2012 -0400
+++ b/plugin/icedteanp/IcedTeaNPPlugin.cc Fri Jun 08 13:43:52 2012 -0400
@@ -1059,17 +1059,10 @@
browser_functions.getproperty(instance, NPVARIANT_TO_OBJECT(location),
href_id, &href);
+ std::string href_str = IcedTeaPluginUtilities::NPVariantAsString(href);
+
// Strip everything after the last "/"
- char *href_str;
-#if MOZILLA_VERSION_COLLAPSED < 1090200
- href_str = (char*) malloc(sizeof(char)*NPVARIANT_TO_STRING(href).utf8length + 1);
- snprintf(href_str, NPVARIANT_TO_STRING(href).utf8length+1, "%s", NPVARIANT_TO_STRING(href).utf8characters);
-#else
- href_str = (char*) malloc(sizeof(char)*NPVARIANT_TO_STRING(href).UTF8Length + 1);
- snprintf(href_str, NPVARIANT_TO_STRING(href).UTF8Length+1, "%s", NPVARIANT_TO_STRING(href).UTF8Characters);
-#endif
-
- gchar** parts = g_strsplit (href_str, "/", -1);
+ gchar** parts = g_strsplit (href_str.c_str(), "/", -1);
guint parts_sz = g_strv_length (parts);
std::string location_str;
@@ -1085,8 +1078,6 @@
browser_functions.releasevariantvalue(&href);
browser_functions.releasevariantvalue(&location);
g_strfreev(parts);
- free(href_str);
- href_str = NULL;
cleanup_done:
PLUGIN_DEBUG ("plugin_get_documentbase return\n");
PLUGIN_DEBUG("plugin_get_documentbase returning: %s\n", documentbase_copy);
diff -r 31252824a838 -r 1ebd1690ff09 plugin/icedteanp/IcedTeaPluginUtils.cc
--- a/plugin/icedteanp/IcedTeaPluginUtils.cc Fri Jun 01 16:05:18 2012 -0400
+++ b/plugin/icedteanp/IcedTeaPluginUtils.cc Fri Jun 08 13:43:52 2012 -0400
@@ -668,11 +668,8 @@
}
else if (NPVARIANT_IS_STRING(variant))
{
-#if MOZILLA_VERSION_COLLAPSED < 1090200
- PLUGIN_DEBUG("STRING: %s (length=%d)\n", NPVARIANT_TO_STRING(variant).utf8characters, NPVARIANT_TO_STRING(variant).utf8length);
-#else
- PLUGIN_DEBUG("STRING: %s (length=%d)\n", NPVARIANT_TO_STRING(variant).UTF8Characters, NPVARIANT_TO_STRING(variant).UTF8Length);
-#endif
+ std::string str = IcedTeaPluginUtilities::NPVariantAsString(variant);
+ PLUGIN_DEBUG("STRING: %s (length=%d)\n", str.c_str(), str.size());
}
else
{
@@ -684,7 +681,7 @@
IcedTeaPluginUtilities::NPVariantToString(NPVariant variant, std::string* result)
{
char* str = (char*) malloc(sizeof(char)*32); // enough for everything except string
-
+ bool was_string_already = false;
if (NPVARIANT_IS_VOID(variant))
{
sprintf(str, "%p", variant);
@@ -710,21 +707,15 @@
}
else if (NPVARIANT_IS_STRING(variant))
{
- free(str);
-#if MOZILLA_VERSION_COLLAPSED < 1090200
- str = (char*) malloc(sizeof(char)*NPVARIANT_TO_STRING(variant).utf8length + 1);
- snprintf(str, NPVARIANT_TO_STRING(variant).utf8length+1, "%s", NPVARIANT_TO_STRING(variant).utf8characters);
-#else
- str = (char*) malloc(sizeof(char)*NPVARIANT_TO_STRING(variant).UTF8Length + 1);
- snprintf(str, NPVARIANT_TO_STRING(variant).UTF8Length+1, "%s", NPVARIANT_TO_STRING(variant).UTF8Characters);
-#endif
+ result->append(IcedTeaPluginUtilities::NPVariantAsString(variant));
+ was_string_already = true;
}
else
{
sprintf(str, "[Object %p]", variant);
}
-
- result->append(str);
+ if (!was_string_already)
+ result->append(str);
free(str);
}
@@ -864,13 +855,7 @@
browser_functions.invoke(instance, constructor, toString, NULL, 0, &constructor_str);
IcedTeaPluginUtilities::printNPVariant(constructor_str);
- std::string constructor_name = std::string();
-
-#if MOZILLA_VERSION_COLLAPSED < 1090200
- constructor_name.append(NPVARIANT_TO_STRING(constructor_str).utf8characters, NPVARIANT_TO_STRING(constructor_str).utf8length);
-#else
- constructor_name.append(NPVARIANT_TO_STRING(constructor_str).UTF8Characters, NPVARIANT_TO_STRING(constructor_str).UTF8Length);
-#endif
+ std::string constructor_name = IcedTeaPluginUtilities::NPVariantAsString(constructor_str);
PLUGIN_DEBUG("Constructor for NPObject is %s\n", constructor_name.c_str());
@@ -913,6 +898,20 @@
PLUGIN_DEBUG("SENDING URL: %s\n", *decoded_url);
}
+/* Copies a variant data type into a C++ string */
+std::string
+IcedTeaPluginUtilities::NPVariantAsString(NPVariant variant)
+{
+#if MOZILLA_VERSION_COLLAPSED < 1090200
+ return std::string((
+ NPVARIANT_TO_STRING(variant).utf8characters,
+ NPVARIANT_TO_STRING(variant).utf8ength);
+#else
+ return std::string(
+ NPVARIANT_TO_STRING(variant).UTF8Characters,
+ NPVARIANT_TO_STRING(variant).UTF8Length);
+#endif
+}
/**
* Posts a function for execution on the plug-in thread and wait for result.
diff -r 31252824a838 -r 1ebd1690ff09 plugin/icedteanp/IcedTeaPluginUtils.h
--- a/plugin/icedteanp/IcedTeaPluginUtils.h Fri Jun 01 16:05:18 2012 -0400
+++ b/plugin/icedteanp/IcedTeaPluginUtils.h Fri Jun 08 13:43:52 2012 -0400
@@ -205,6 +205,9 @@
/* Converts the given integer to a string */
static void itoa(int i, std::string* result);
+ /* Copies a variant data type into a C++ string */
+ static std::string NPVariantAsString(NPVariant variant);
+
/* Frees the given vector and the strings that its contents point to */
static void freeStringPtrVector(std::vector<std::string*>* v);
More information about the distro-pkg-dev
mailing list