Ubuntu
nspluginwrapper package

nspluginwrapper crash in the "plugin_instance" function

Bug #344639 reported by Dima Ryazanov on 2009-03-18

Affects		Status	Importance	Assigned to	Milestone
	nspluginwrapper (Ubuntu)	New	Undecided	Unassigned

Bug Description

nspluginwrapper can crash if the browser gives it a NULL plugin instance. In npw-wrapper.c, it calls "plugin_instance" lots of times and checks if the return value is NULL - which doesn't do any good, because plugin_instance itself dereferences its return value inside of "assert":

static inline PluginInstance *plugin_instance(NPP instance)
{
  PluginInstance *plugin = (PluginInstance *)instance->pdata;
  assert(plugin->instance == instance);
  return plugin;
}

Changing it to "assert(!plugin || plugin->instance == instance)" should fix it.

Also, asserts probably shouldn't be enabled in release mode...

Alessandro Ghersi (alessandro-ghersi) on 2009-04-01

affects:

ubuntu → nspluginwrapper (Ubuntu)

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntunspluginwrapper package

nspluginwrapper crash in the "plugin_instance" function

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
nspluginwrapper package