aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog10
-rw-r--r--NEWS5
-rw-r--r--plugin/icedteanp/IcedTeaNPPlugin.cc10
3 files changed, 25 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 0a42b3b..cd71836 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2012-07-24 Adam Domurad <[email protected]>
+
+ CVE-2012-3422, RH840592: Potential read from an uninitialized
+ memory location.
+ * plugin/icedteanp/IcedTeaNPPlugin.cc
+ (get_cookie_info): Only attempt to perform this operation if there is a
+ valid plugin instance
+ (get_proxy_info): Only attempt to perform this operation if there is a
+ valid plugin instance
+
2012-07-31 Danesh Dadachanji <[email protected]>
* Makefile.am: Fix call to keytool that is missing its absolute path.
diff --git a/NEWS b/NEWS
index 3bec098..2b69f00 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,11 @@ GX - http://bugs.gentoo.org/show_bug.cgi?id=X
CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
+New in release 1.4 (2012-XX-XX):
+* Security updates
+ - CVE-2012-3422, RH840592: Potential read from an uninitialized memory location
+ - CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings
+
New in release 1.3 (2012-XX-XX):
* NetX
- PR898: signed applications with big jnlp-file doesn't start (webstart affect like "frozen")
diff --git a/plugin/icedteanp/IcedTeaNPPlugin.cc b/plugin/icedteanp/IcedTeaNPPlugin.cc
index eb6d4ec..d8b8948 100644
--- a/plugin/icedteanp/IcedTeaNPPlugin.cc
+++ b/plugin/icedteanp/IcedTeaNPPlugin.cc
@@ -925,6 +925,11 @@ ITNP_URLNotify (NPP instance, const char* url, NPReason reason,
NPError
get_cookie_info(const char* siteAddr, char** cookieString, uint32_t* len)
{
+ // Only attempt to perform this operation if there is a valid plugin instance
+ if (g_hash_table_size(instance_to_id_map) <= 0)
+ {
+ return NPERR_GENERIC_ERROR;
+ }
#if MOZILLA_VERSION_COLLAPSED < 1090100
nsresult rv;
nsCOMPtr<nsIScriptSecurityManager> sec_man =
@@ -1330,6 +1335,11 @@ int get_id_from_instance(NPP instance)
NPError
get_proxy_info(const char* siteAddr, char** proxy, uint32_t* len)
{
+ // Only attempt to perform this operation if there is a valid plugin instance
+ if (g_hash_table_size(instance_to_id_map) <= 0)
+ {
+ return NPERR_GENERIC_ERROR;
+ }
#if MOZILLA_VERSION_COLLAPSED < 1090100
nsresult rv;
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-15 08:21:33 +0000