[Bug 344639] [NEW] nspluginwrapper crash in the "plugin_instance" function
Launchpad Bug Tracker
344639 at bugs.launchpad.net
Wed Apr 1 12:10:48 UTC 2009
You have been subscribed to a public bug:
nspluginwrapper can crash if the browser gives it a NULL plugin
instance. In npw-wrapper.c, it calls "plugin_instance" lots of times and
checks if the return value is NULL - which doesn't do any good, because
plugin_instance itself dereferences its return value inside of "assert":
static inline PluginInstance *plugin_instance(NPP instance)
{
PluginInstance *plugin = (PluginInstance *)instance->pdata;
assert(plugin->instance == instance);
return plugin;
}
Changing it to "assert(!plugin || plugin->instance == instance)" should
fix it.
Also, asserts probably shouldn't be enabled in release mode...
** Affects: nspluginwrapper (Ubuntu)
Importance: Undecided
Status: New
--
nspluginwrapper crash in the "plugin_instance" function
https://bugs.edge.launchpad.net/bugs/344639
You received this bug notification because you are a member of Mozilla Bugs, which is subscribed to nspluginwrapper in ubuntu.
More information about the Ubuntu-mozillateam-bugs
mailing list