From 5ff3ed50f59b0d05d57aacd73870c6155140f2c8 Mon Sep 17 00:00:00 2001
From: Deepak Bhole <dbhole@redhat.com>
Date: Tue, 24 Jul 2012 11:44:50 -0400
Subject: CVE-2012-3422, RH840592: Potential read from an uninitialized memory
 location

Updated NEWS file with entry for CVE-2012-3423
---
 plugin/icedteanp/IcedTeaNPPlugin.cc | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'plugin/icedteanp')

diff --git a/plugin/icedteanp/IcedTeaNPPlugin.cc b/plugin/icedteanp/IcedTeaNPPlugin.cc
index eb6d4ec..d8b8948 100644
--- a/plugin/icedteanp/IcedTeaNPPlugin.cc
+++ b/plugin/icedteanp/IcedTeaNPPlugin.cc
@@ -925,6 +925,11 @@ ITNP_URLNotify (NPP instance, const char* url, NPReason reason,
 NPError
 get_cookie_info(const char* siteAddr, char** cookieString, uint32_t* len)
 {
+  // Only attempt to perform this operation if there is a valid plugin instance
+  if (g_hash_table_size(instance_to_id_map) <= 0)
+  {
+    return NPERR_GENERIC_ERROR;
+  }
 #if MOZILLA_VERSION_COLLAPSED < 1090100
   nsresult rv;
   nsCOMPtr<nsIScriptSecurityManager> sec_man =
@@ -1330,6 +1335,11 @@ int get_id_from_instance(NPP instance)
 NPError
 get_proxy_info(const char* siteAddr, char** proxy, uint32_t* len)
 {
+  // Only attempt to perform this operation if there is a valid plugin instance
+  if (g_hash_table_size(instance_to_id_map) <= 0)
+  {
+	  return NPERR_GENERIC_ERROR;
+  }
 #if MOZILLA_VERSION_COLLAPSED < 1090100
   nsresult rv;
 
-- 
cgit v1.2.3