Mercurial > hg > release > icedtea-web-1.4

changeset 790:1ae3613c82f2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added salt to plugin-java pipes' directory (fixing RH1010958) * plugin/icedteanp/IcedTeaNPPlugin.cc: (cleanUpDir) new utility method to clean up pipes directory. (start_jvm_if_needed) is now returning error status and creating salt in directory name.
author Jiri Vanek <jvanek@redhat.com>
date Tue, 04 Feb 2014 12:53:11 +0100
parents 84032d1e6f93
children 9b2e5d0cbd6f
files ChangeLog NEWS plugin/icedteanp/IcedTeaNPPlugin.cc
diffstat 3 files changed, 57 insertions(+), 32 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Sat Feb 01 01:00:00 2014 +0000
+++ b/ChangeLog	Tue Feb 04 12:53:11 2014 +0100
@@ -1,3 +1,10 @@
+2014-02-04  Jiri Vanek  <jvanek@redhat.com>
+
+	Added salt to plugin-java pipes' directory (fixing RH1010958)
+	* plugin/icedteanp/IcedTeaNPPlugin.cc: (cleanUpDir) new utility method
+	to clean up pipes directory. (start_jvm_if_needed) is now returning 
+	error status and creating salt in directory name.
+
 2014-02-01  Jacob Wisor  <gitne@gmx.de>
 
 	Added missing DE localized messages
--- a/NEWS	Sat Feb 01 01:00:00 2014 +0000
+++ b/NEWS	Tue Feb 04 12:53:11 2014 +0100
@@ -8,7 +8,7 @@
 
 CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
 
-New in release 1.4.2 (2013-MM-DD):
+New in release 1.4.2 (2014-02-05):
 * Dialogs center on screen before becoming visible
 * Support for u45 new manifest attributes (Application-Name)
 * Custom applet permission policies panel in itweb-settings control panel
@@ -16,6 +16,7 @@
   - PR1271: icedtea-web does not handle 'javascript:'-protocol URLs
   - RH976833: Multiple applets on one page cause deadlock
   - Enabled javaconsole
+  - RH1010958: insecure temporary file use flaw in LiveConnect implementation
 
 New in release 1.4.1 (2013-09-19):
 * Improved and cleaned Temporary internet files panel
--- a/plugin/icedteanp/IcedTeaNPPlugin.cc	Sat Feb 01 01:00:00 2014 +0000
+++ b/plugin/icedteanp/IcedTeaNPPlugin.cc	Tue Feb 04 12:53:11 2014 +0100
@@ -38,6 +38,9 @@
 
 // System includes.
 #include <dlfcn.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <dirent.h>
 #include <errno.h>
 #include <libgen.h>
 #include <stdio.h>
@@ -120,6 +123,7 @@
 
 // Data directory for plugin.
 static std::string data_directory;
+static DIR *data_directory_descriptor;
 
 // Fully-qualified appletviewer default  executable and rt.jar
 static const char* appletviewer_default_executable = ICEDTEA_WEB_JRE "/bin/java";
@@ -193,7 +197,7 @@
 NPError get_cookie_info(const char* siteAddr, char** cookieString, uint32_t* len);
 NPError get_proxy_info(const char* siteAddr, char** proxy, uint32_t* len);
 void consume_message(gchar* message);
-void start_jvm_if_needed();
+NPError start_jvm_if_needed();
 static void appletviewer_monitor(GPid pid, gint status, gpointer data);
 void plugin_send_initialization_message(char* instance, gulong handle,
                                                int width, int height,
@@ -268,7 +272,21 @@
       return appletviewer_default_rtjar;      
 }
 
-
+static void cleanUpDir(){
+  //free data_directory descriptor 
+  if (data_directory_descriptor != NULL) {
+    closedir(data_directory_descriptor);
+  }
+  //clean up pipes directory
+  PLUGIN_DEBUG ("Removing runtime directory %s \n", data_directory.c_str());
+  int removed = rmdir(data_directory.c_str());
+  if (removed != 0) {
+    PLUGIN_ERROR ("Failed to remove runtime directory %s, because of  %s \n", data_directory.c_str(), strerror(errno));
+  } else {
+    PLUGIN_DEBUG ("Removed runtime directory %s \n", data_directory.c_str());
+  }
+  data_directory_descriptor = NULL;
+}
 /* 
  * Find first member in GHashTable* depending on version of glib
  */
@@ -333,6 +351,7 @@
   gchar* cookie_info = NULL;
 
   NPObject* npPluginObj = NULL;
+  NPError startup_error = NPERR_NO_ERROR; 
 
   if (!instance)
     {
@@ -351,7 +370,7 @@
     }
 
   // start the jvm if needed
-  start_jvm_if_needed();
+  startup_error = start_jvm_if_needed();
 
   // Initialize data->instance_id.
   //
@@ -423,7 +442,7 @@
 }
 
 // Starts the JVM if it is not already running
-void start_jvm_if_needed()
+NPError start_jvm_if_needed()
 {
 
   // This is asynchronized function. It must
@@ -438,7 +457,7 @@
   if (jvm_up)
   {
       PLUGIN_DEBUG("JVM is up. Returning.\n");
-      return;
+      return  NPERR_NO_ERROR;
   }
 
   PLUGIN_DEBUG("No JVM is running. Attempting to start one...\n");
@@ -606,10 +625,12 @@
   g_free (in_pipe_name);
   in_pipe_name = NULL;
 
+  cleanUpDir();
  done:
 
   // Now other threads may re-enter.. unlock the mutex
   g_mutex_unlock(vm_start_mutex);
+  return np_error;
 
 }
 
@@ -1887,35 +1908,29 @@
   // necessary.
 
   data_directory = IcedTeaPluginUtilities::getRuntimePath() + "/icedteaplugin-";
-  if (getenv("USER") != NULL)
-      data_directory += getenv("USER");
-
+  if (getenv("USER") != NULL) {
+    data_directory = data_directory + getenv("USER") + "-";
+  }
+  data_directory += "XXXXXX";
   // Now create a icedteaplugin subdir
-  if (!g_file_test (data_directory.c_str(),
-                    (GFileTest) (G_FILE_TEST_EXISTS | G_FILE_TEST_IS_DIR)))
-    {
-      int file_error = 0;
+  char fileNameX[data_directory.length()+1];
+  std::strcpy (fileNameX, data_directory.c_str());
+  char * fileName = mkdtemp(fileNameX);
+  if (fileName == NULL) {
+    PLUGIN_ERROR ("Failed to create data directory %s, %s\n",
+                        data_directory.c_str(),
+                        strerror (errno));
+    return NPERR_GENERIC_ERROR;
+  }
+  data_directory = std::string(fileName);
 
-      file_error = g_mkdir (data_directory.c_str(), 0700);
-      if (file_error != 0)
-        {
-          PLUGIN_ERROR ("Failed to create data directory",
-                          data_directory.c_str(),
-                          strerror (errno));
-          return NPERR_GENERIC_ERROR;
-        }
-    }
-
-
-  // If data directory doesn't exist by this point, bail
-  if (!g_file_test (data_directory.c_str(),
-                    (GFileTest) (G_FILE_TEST_EXISTS | G_FILE_TEST_IS_DIR)))
-    {
-      PLUGIN_ERROR ("Temp directory does not exist: ",
-                          data_directory.c_str(),
-                          strerror (errno));
+  //open uniques icedteaplugin subdir for one single run  
+  data_directory_descriptor = opendir(data_directory.c_str());
+  if (data_directory_descriptor == NULL) {
+      PLUGIN_ERROR ("Failed to open data directory %s %s\n",
+                      data_directory.c_str(), strerror (errno));
       return NPERR_GENERIC_ERROR;
-    }
+  }
 
   // Set appletviewer_executable.
   PLUGIN_DEBUG("Executing java at %s\n", get_plugin_executable().c_str());
@@ -2098,6 +2113,8 @@
   delete plugin_to_java_bus;
   //delete internal_bus;
 
+  cleanUpDir();
+  
   PLUGIN_DEBUG ("NP_Shutdown return\n");
 
   return NPERR_NO_ERROR;