Closed Bug 555018 (CVE-2011-2996) Opened 10 years ago Closed 10 years ago
Child View plugin ports
We should initialize nsChildView plugin ports.
Attachment #434946 - Flags: review?(roc)
Attachment #434946 - Flags: review?(roc) → review+
pushed to mozilla-central http://hg.mozilla.org/mozilla-central/rev/5e9d5bbf7596
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
This is a safe patch, we should take it on 1.9.2.
Attachment #434946 - Attachment is obsolete: true
Attachment #434953 - Flags: approval22.214.171.124? → approval126.96.36.199?
Comment on attachment 434953 [details] [diff] [review] fix v1.0 for 1.9.2 Is this still wanted on the 3.6 branch, or should we just forget about it?
Attachment #434953 - Flags: approval188.8.131.52? → approval184.108.40.206?
What's the benefit of taking this change?
If we don't initialize that structure it can contain pointers to random memory. It's a stability issue, and might also have security implications.
Comment on attachment 434953 [details] [diff] [review] fix v1.0 for 1.9.2 Approved for 220.127.116.11, a=dveditz for release-drivers
Attachment #434953 - Flags: approval18.104.22.168? → approval22.214.171.124+
Comment on attachment 434953 [details] [diff] [review] fix v1.0 for 1.9.2 doesn't apply on 1.9.2 because there's a context diff around the union nsPluginPort line. Not sure if it's still safe to remove that or if there were other changes to the file that would require a different patch. fwiw the trunk still seems to have that line in it.
Attachment #434953 - Flags: approval126.96.36.199+ → approval188.8.131.52-
blocking1.9.2: needed → .21+
Whiteboard: [sg:critical?] → [sg:moderate]
pushed to mozilla-1.9.2 http://hg.mozilla.org/releases/mozilla-1.9.2/rev/3fb441425998
You need to log in before you can comment on or make changes to this bug.