# HG changeset patch # User Jiri Vanek # Date 1391514791 -3600 # Node ID 1ae3613c82f2fe7c8b86f98ee262a01f6f6a6b9b # Parent 84032d1e6f93f5c8bb90e9fc51303d49a07c6754 Added salt to plugin-java pipes' directory (fixing RH1010958) * plugin/icedteanp/IcedTeaNPPlugin.cc: (cleanUpDir) new utility method to clean up pipes directory. (start_jvm_if_needed) is now returning error status and creating salt in directory name. diff -r 84032d1e6f93 -r 1ae3613c82f2 ChangeLog --- a/ChangeLog Sat Feb 01 01:00:00 2014 +0000 +++ b/ChangeLog Tue Feb 04 12:53:11 2014 +0100 @@ -1,3 +1,10 @@ +2014-02-04 Jiri Vanek + + Added salt to plugin-java pipes' directory (fixing RH1010958) + * plugin/icedteanp/IcedTeaNPPlugin.cc: (cleanUpDir) new utility method + to clean up pipes directory. (start_jvm_if_needed) is now returning + error status and creating salt in directory name. + 2014-02-01 Jacob Wisor Added missing DE localized messages diff -r 84032d1e6f93 -r 1ae3613c82f2 NEWS --- a/NEWS Sat Feb 01 01:00:00 2014 +0000 +++ b/NEWS Tue Feb 04 12:53:11 2014 +0100 @@ -8,7 +8,7 @@ CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY -New in release 1.4.2 (2013-MM-DD): +New in release 1.4.2 (2014-02-05): * Dialogs center on screen before becoming visible * Support for u45 new manifest attributes (Application-Name) * Custom applet permission policies panel in itweb-settings control panel @@ -16,6 +16,7 @@ - PR1271: icedtea-web does not handle 'javascript:'-protocol URLs - RH976833: Multiple applets on one page cause deadlock - Enabled javaconsole + - RH1010958: insecure temporary file use flaw in LiveConnect implementation New in release 1.4.1 (2013-09-19): * Improved and cleaned Temporary internet files panel diff -r 84032d1e6f93 -r 1ae3613c82f2 plugin/icedteanp/IcedTeaNPPlugin.cc --- a/plugin/icedteanp/IcedTeaNPPlugin.cc Sat Feb 01 01:00:00 2014 +0000 +++ b/plugin/icedteanp/IcedTeaNPPlugin.cc Tue Feb 04 12:53:11 2014 +0100 @@ -38,6 +38,9 @@ // System includes. #include +#include +#include +#include #include #include #include @@ -120,6 +123,7 @@ // Data directory for plugin. static std::string data_directory; +static DIR *data_directory_descriptor; // Fully-qualified appletviewer default executable and rt.jar static const char* appletviewer_default_executable = ICEDTEA_WEB_JRE "/bin/java"; @@ -193,7 +197,7 @@ NPError get_cookie_info(const char* siteAddr, char** cookieString, uint32_t* len); NPError get_proxy_info(const char* siteAddr, char** proxy, uint32_t* len); void consume_message(gchar* message); -void start_jvm_if_needed(); +NPError start_jvm_if_needed(); static void appletviewer_monitor(GPid pid, gint status, gpointer data); void plugin_send_initialization_message(char* instance, gulong handle, int width, int height, @@ -268,7 +272,21 @@ return appletviewer_default_rtjar; } - +static void cleanUpDir(){ + //free data_directory descriptor + if (data_directory_descriptor != NULL) { + closedir(data_directory_descriptor); + } + //clean up pipes directory + PLUGIN_DEBUG ("Removing runtime directory %s \n", data_directory.c_str()); + int removed = rmdir(data_directory.c_str()); + if (removed != 0) { + PLUGIN_ERROR ("Failed to remove runtime directory %s, because of %s \n", data_directory.c_str(), strerror(errno)); + } else { + PLUGIN_DEBUG ("Removed runtime directory %s \n", data_directory.c_str()); + } + data_directory_descriptor = NULL; +} /* * Find first member in GHashTable* depending on version of glib */ @@ -333,6 +351,7 @@ gchar* cookie_info = NULL; NPObject* npPluginObj = NULL; + NPError startup_error = NPERR_NO_ERROR; if (!instance) { @@ -351,7 +370,7 @@ } // start the jvm if needed - start_jvm_if_needed(); + startup_error = start_jvm_if_needed(); // Initialize data->instance_id. // @@ -423,7 +442,7 @@ } // Starts the JVM if it is not already running -void start_jvm_if_needed() +NPError start_jvm_if_needed() { // This is asynchronized function. It must @@ -438,7 +457,7 @@ if (jvm_up) { PLUGIN_DEBUG("JVM is up. Returning.\n"); - return; + return NPERR_NO_ERROR; } PLUGIN_DEBUG("No JVM is running. Attempting to start one...\n"); @@ -606,10 +625,12 @@ g_free (in_pipe_name); in_pipe_name = NULL; + cleanUpDir(); done: // Now other threads may re-enter.. unlock the mutex g_mutex_unlock(vm_start_mutex); + return np_error; } @@ -1887,35 +1908,29 @@ // necessary. data_directory = IcedTeaPluginUtilities::getRuntimePath() + "/icedteaplugin-"; - if (getenv("USER") != NULL) - data_directory += getenv("USER"); - + if (getenv("USER") != NULL) { + data_directory = data_directory + getenv("USER") + "-"; + } + data_directory += "XXXXXX"; // Now create a icedteaplugin subdir - if (!g_file_test (data_directory.c_str(), - (GFileTest) (G_FILE_TEST_EXISTS | G_FILE_TEST_IS_DIR))) - { - int file_error = 0; + char fileNameX[data_directory.length()+1]; + std::strcpy (fileNameX, data_directory.c_str()); + char * fileName = mkdtemp(fileNameX); + if (fileName == NULL) { + PLUGIN_ERROR ("Failed to create data directory %s, %s\n", + data_directory.c_str(), + strerror (errno)); + return NPERR_GENERIC_ERROR; + } + data_directory = std::string(fileName); - file_error = g_mkdir (data_directory.c_str(), 0700); - if (file_error != 0) - { - PLUGIN_ERROR ("Failed to create data directory", - data_directory.c_str(), - strerror (errno)); - return NPERR_GENERIC_ERROR; - } - } - - - // If data directory doesn't exist by this point, bail - if (!g_file_test (data_directory.c_str(), - (GFileTest) (G_FILE_TEST_EXISTS | G_FILE_TEST_IS_DIR))) - { - PLUGIN_ERROR ("Temp directory does not exist: ", - data_directory.c_str(), - strerror (errno)); + //open uniques icedteaplugin subdir for one single run + data_directory_descriptor = opendir(data_directory.c_str()); + if (data_directory_descriptor == NULL) { + PLUGIN_ERROR ("Failed to open data directory %s %s\n", + data_directory.c_str(), strerror (errno)); return NPERR_GENERIC_ERROR; - } + } // Set appletviewer_executable. PLUGIN_DEBUG("Executing java at %s\n", get_plugin_executable().c_str()); @@ -2098,6 +2113,8 @@ delete plugin_to_java_bus; //delete internal_bus; + cleanUpDir(); + PLUGIN_DEBUG ("NP_Shutdown return\n"); return NPERR_NO_ERROR;