Closed
Bug 548434
Opened 13 years ago
Closed 13 years ago
Plugin crash with nspluginwrapper [@ _ZN7mozilla7plugins5childL15_invalidaterectEP4_NPPP7_NPRect ]
Categories
(Core Graveyard :: Plug-ins, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
mozilla1.9.3a2
People
(Reporter: karlt, Assigned: karlt)
References
Details
Attachments
(1 file)
|
974 bytes,
patch
|
cjones
:
review+
|
Details | Diff | Splinter Review |
|
Assignee | |
Comment 1•13 years ago
|
||
From viewing npw-wrapper.c in nspluginwrapper-1.2.2, g_NPP_Destroy sets plugin->instance to NULL, but it looks like handle_NPN_InvalidateRect is passing the NULL plugin->instance to mozilla_funcs.invalidaterect. This would cause the crash at 0x4 accessing ndata in a NULL NPP. It would be a bug in the plugin but it wouldn't have caused a crash with IPP. I don't know why, but _invalidaterect in nsNPAPIPlugin.cpp checks for NULL NPPs (and also NPP::ndata). http://hg.mozilla.org/mozilla-central/annotate/29f9e4224533/modules/plugin/base/src/nsNPAPIPlugin.cpp#l1319
|
|
Assignee | |
Comment 2•13 years ago
|
||
Attachment #428839 -
Flags: review?(jones.chris.g)
|
||
Updated•13 years ago
|
Attachment #428839 -
Flags: review?(jones.chris.g) → review+
|
|
Assignee | |
Comment 3•13 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/2cc3e6d170eb
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla1.9.3a2
|
||
Updated•11 months ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•