Re: djvulibre-plugin/testing and #504340

Thu, 18 Dec 2008 15:17:10 -0800 

Hi,

so here is an update on the djvulibre-plugin segfault.
Using only the upstream patch, the segfault remained for me, the plugin
segfaulting at the first line changed in the patch. There seems to be
some race condition: sprinkling a few fprintf's for debugging makes the
segfault go away, as does the attached, slightly more orthodox patch.
Unfortunately, I don't have a full analysis to offer, but it would seem
that the attached strictly reduces the problem and in my testing (both
in a testing chroot and compiling the testing version in unstable)
resulted in the submitter's example link and a few other attempts
working where they segfaulted without the patch and with only the
upstream part.

Kind regards

T.
-- 
Thomas Viehmann, http://thomas.viehmann.net/

diff -u djvulibre-3.5.20/debian/changelog djvulibre-3.5.20/debian/changelog
--- djvulibre-3.5.20/debian/changelog
+++ djvulibre-3.5.20/debian/changelog
@@ -1,3 +1,12 @@
+djvulibre (3.5.20-8+lenny1) testing; urgency=low
+
+  * Non-maintainer upload.
+  * djvulibre-plugin: Verify data passed to SetWindow plugin
+    callback to avoid crash. Patch from upstream, slightly amended.
+    Closes: #504340, #507972
+
+ -- Thomas Viehmann <t...@ramanujan>  Tue, 16 Dec 2008 22:38:06 +0100
+
 djvulibre (3.5.20-8+lenny0) testing; urgency=low
 
   * Non-maintainer upload to testing.
only in patch2:
unchanged:
--- djvulibre-3.5.20.orig/gui/nsdejavu/nsdejavu.c
+++ djvulibre-3.5.20/gui/nsdejavu/nsdejavu.c
@@ -2037,7 +2037,7 @@
 
   if (map_lookup(&instance, id, &inst) < 0)
     return NPERR_INVALID_INSTANCE_ERROR;
-  cur_window = inst->window;
+  cur_window = (inst) ? inst->window : 0;
   new_window = (win_str) ? (Window) win_str->window : 0;
   if (cur_window)
     {
@@ -2054,9 +2054,10 @@
     }
   if (new_window)
     {
-      NPSetWindowCallbackStruct *cbs 
-        = (NPSetWindowCallbackStruct *) win_str->ws_info;
-      Display * displ=cbs->display;
+      Display *displ = 0;
+      if (NPN_GetValue(np_inst, NPNVxDisplay, &displ) != NPERR_NO_ERROR)
+        displ = ((NPSetWindowCallbackStruct *)(win_str->ws_info))->display;
+      
       if (!IsConnectionOK(FALSE)) 
         return NPERR_GENERIC_ERROR;
       if (Attach(displ, new_window, id) < 0)

Reply via email to