Mercurial > hg > release > icedtea-web-1.4
changeset 474:504ad6ea95fa
CVE-2012-3422, RH840592: Potential read from an uninitialized memory location
Updated NEWS file with entry for CVE-2012-3423
author | Deepak Bhole <dbhole@redhat.com> |
---|---|
date | Tue, 24 Jul 2012 11:44:50 -0400 |
parents | 09198dc413b5 |
children | 08e677a02458 |
files | ChangeLog NEWS plugin/icedteanp/IcedTeaNPPlugin.cc |
diffstat | 3 files changed, 25 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Tue Jul 31 09:55:12 2012 -0400 +++ b/ChangeLog Tue Jul 24 11:44:50 2012 -0400 @@ -1,3 +1,13 @@ +2012-07-24 Adam Domurad <adomurad@redhat.com> + + CVE-2012-3422, RH840592: Potential read from an uninitialized + memory location. + * plugin/icedteanp/IcedTeaNPPlugin.cc + (get_cookie_info): Only attempt to perform this operation if there is a + valid plugin instance + (get_proxy_info): Only attempt to perform this operation if there is a + valid plugin instance + 2012-07-31 Danesh Dadachanji <ddadacha@redhat.com> * Makefile.am: Fix call to keytool that is missing its absolute path.
--- a/NEWS Tue Jul 31 09:55:12 2012 -0400 +++ b/NEWS Tue Jul 24 11:44:50 2012 -0400 @@ -8,6 +8,11 @@ CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY +New in release 1.4 (2012-XX-XX): +* Security updates + - CVE-2012-3422, RH840592: Potential read from an uninitialized memory location + - CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings + New in release 1.3 (2012-XX-XX): * NetX - PR898: signed applications with big jnlp-file doesn't start (webstart affect like "frozen")
--- a/plugin/icedteanp/IcedTeaNPPlugin.cc Tue Jul 31 09:55:12 2012 -0400 +++ b/plugin/icedteanp/IcedTeaNPPlugin.cc Tue Jul 24 11:44:50 2012 -0400 @@ -925,6 +925,11 @@ NPError get_cookie_info(const char* siteAddr, char** cookieString, uint32_t* len) { + // Only attempt to perform this operation if there is a valid plugin instance + if (g_hash_table_size(instance_to_id_map) <= 0) + { + return NPERR_GENERIC_ERROR; + } #if MOZILLA_VERSION_COLLAPSED < 1090100 nsresult rv; nsCOMPtr<nsIScriptSecurityManager> sec_man = @@ -1330,6 +1335,11 @@ NPError get_proxy_info(const char* siteAddr, char** proxy, uint32_t* len) { + // Only attempt to perform this operation if there is a valid plugin instance + if (g_hash_table_size(instance_to_id_map) <= 0) + { + return NPERR_GENERIC_ERROR; + } #if MOZILLA_VERSION_COLLAPSED < 1090100 nsresult rv;