/hg/release/icedtea-web-1.1: 3 new changesets

dbhole at icedtea.classpath.org dbhole at icedtea.classpath.org
Wed Nov 7 10:04:23 PST 2012 

changeset d83a93e3dba5 in /hg/release/icedtea-web-1.1
details: http://icedtea.classpath.org/hg/release/icedtea-web-1.1?cmd=changeset;node=d83a93e3dba5
author: Deepak Bhole <dbhole at redhat.com>
date: Thu Nov 01 11:50:47 2012 -0400

	CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event attached to applet


changeset 7ddf332a0830 in /hg/release/icedtea-web-1.1
details: http://icedtea.classpath.org/hg/release/icedtea-web-1.1?cmd=changeset;node=7ddf332a0830
author: Deepak Bhole <dbhole at redhat.com>
date: Thu Nov 01 12:40:49 2012 -0400

	Prepare for 1.1.7


changeset d759ec560073 in /hg/release/icedtea-web-1.1
details: http://icedtea.classpath.org/hg/release/icedtea-web-1.1?cmd=changeset;node=d759ec560073
author: Deepak Bhole <dbhole at redhat.com>
date: Thu Nov 01 12:40:55 2012 -0400

	Added tag icedtea-web-1.1.7 for changeset 7ddf332a0830


diffstat:

 .hgtags                                           |   1 +
 ChangeLog                                         |  12 ++++++++++++
 NEWS                                              |   4 +++-
 configure.ac                                      |   2 +-
 plugin/icedteanp/IcedTeaScriptablePluginObject.cc |  18 +++---------------
 5 files changed, 20 insertions(+), 17 deletions(-)

diffs (92 lines):

diff -r b7d63cc06ec4 -r d759ec560073 .hgtags
--- a/.hgtags	Tue Aug 07 10:51:27 2012 -0400
+++ b/.hgtags	Thu Nov 01 12:40:55 2012 -0400
@@ -6,3 +6,4 @@
 77cbf8633a7c63046eb70fbe89d594a8c7b116af icedtea-web-1.1.4
 4303e215188f1ae6ffd6ac639ea71b569c2ac7fb icedtea-web-1.1.5
 e62245b1ab299666397584e430a4feeeb1c0865a icedtea-web-1.1.6
+7ddf332a0830fac5d334755d7efcf41919747aa1 icedtea-web-1.1.7
diff -r b7d63cc06ec4 -r d759ec560073 ChangeLog
--- a/ChangeLog	Tue Aug 07 10:51:27 2012 -0400
+++ b/ChangeLog	Thu Nov 01 12:40:55 2012 -0400
@@ -1,3 +1,15 @@
+2012-11-01  Deepak Bhole <dbhole at redhat.com>
+
+	* configure.ac: Prepare for 1.1.7
+	* NEWS: Same
+
+2012-11-01  Deepak Bhole <dbhole at redhat.com>
+
+	CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event
+	attached to applet
+	* plugin/icedteanp/IcedTeaScriptablePluginObject.cc: Removed unnecessary
+	heap allocations.
+
 2012-08-07  Adam Domurad  <adomurad at redhat.com>
 
 	Fixes PR1106, plugin crashing with firefox + archlinux/gentoo
diff -r b7d63cc06ec4 -r d759ec560073 NEWS
--- a/NEWS	Tue Aug 07 10:51:27 2012 -0400
+++ b/NEWS	Thu Nov 01 12:40:55 2012 -0400
@@ -8,7 +8,9 @@
 
 CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
 
-New in release 1.1.7 (2012-XX-XX):
+New in release 1.1.7 (2012-11-07):
+* Security Updates
+  - CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event attached to applet
 * Plugin
   - PR1106: Buffer overflow in plugin table
 
diff -r b7d63cc06ec4 -r d759ec560073 configure.ac
--- a/configure.ac	Tue Aug 07 10:51:27 2012 -0400
+++ b/configure.ac	Thu Nov 01 12:40:55 2012 -0400
@@ -1,4 +1,4 @@
-AC_INIT([icedtea-web],[1.1.7pre],[distro-pkg-dev at openjdk.java.net], [icedtea-web], [http://icedtea.classpath.org/wiki/IcedTea-Web])
+AC_INIT([icedtea-web],[1.1.7],[distro-pkg-dev at openjdk.java.net], [icedtea-web], [http://icedtea.classpath.org/wiki/IcedTea-Web])
 AM_INIT_AUTOMAKE([1.9 tar-pax foreign])
 AC_CONFIG_FILES([Makefile netx.manifest])
 
diff -r b7d63cc06ec4 -r d759ec560073 plugin/icedteanp/IcedTeaScriptablePluginObject.cc
--- a/plugin/icedteanp/IcedTeaScriptablePluginObject.cc	Tue Aug 07 10:51:27 2012 -0400
+++ b/plugin/icedteanp/IcedTeaScriptablePluginObject.cc	Thu Nov 01 12:40:55 2012 -0400
@@ -591,10 +591,7 @@
 
     if (java_result->error_occurred)
     {
-        // error message must be allocated on heap
-        char* error_msg = (char*) malloc(java_result->error_msg->length()*sizeof(char));
-        strcpy(error_msg, java_result->error_msg->c_str());
-        browser_functions.setexception(npobj, error_msg);
+        browser_functions.setexception(npobj, java_result->error_msg->c_str());
         return false;
     }
 
@@ -853,11 +850,7 @@
         createJavaObjectFromVariant(instance, args[i], &id);
         if (id == "0")
         {
-            // error message must be allocated on heap
-            char* error_msg = (char*) malloc(1024*sizeof(char));
-            strcpy(error_msg, "Unable to create argument on Java side");
-
-            browser_functions.setexception(npobj, error_msg);
+            browser_functions.setexception(npobj, "Unable to create argument on Java side");
             return false;
         }
 
@@ -871,12 +864,7 @@
 
     if (java_result->error_occurred)
     {
-        // error message must be allocated on heap
-        int length = java_result->error_msg->length();
-        char* error_msg = (char*) malloc((length+1)*sizeof(char));
-        strcpy(error_msg, java_result->error_msg->c_str());
-
-        browser_functions.setexception(npobj, error_msg);
+        browser_functions.setexception(npobj, java_result->error_msg->c_str());
         return false;
     }

More information about the distro-pkg-dev mailing list