[Webkit-unassigned] [Bug 19309] uninitialised variable in PluginView

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu May 29 11:08:08 PDT 2008


http://bugs.webkit.org/show_bug.cgi?id=19309





------- Comment #6 from alp at nuanti.com  2008-05-29 11:08 PDT -------
(In reply to comment #5)
> 
> The NPN_MemAlloc change sounds OK. Any other specific cases?
> 

The WebKit NPP, NPWindow, NPStream we pass to plugins are allocated as part of
the C++ class, and the default memory allocator used for objects doesn't zero.
There are some attempts to zero the fields, but if you take a look at
PluginStream.cpp, the 'headers' field remains uninitialized until
PluginStream::startStream(), by which time a plugin may already have tried to
access it.

Perhaps it'd be more effective to allocate and initialize these structures
explicitly rather than pointing the plugin to an offset in the C++ class?


-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.



More information about the webkit-unassigned mailing list