diff options
| author | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-07 21:27:51 +0000 |
|---|---|---|
| committer | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-07 21:27:51 +0000 |
| commit | 8162d3d0a3d027adbe0d8b45954dada8067aa4f6 (patch) | |
| tree | 23de89e749eea640b004b6b1fd50fdc1fb762b05 /webkit/plugins | |
| parent | 4caac9b8241f2beb08790de9e82c8b1710d886c8 (diff) | |
| download | chromium_src-8162d3d0a3d027adbe0d8b45954dada8067aa4f6.zip chromium_src-8162d3d0a3d027adbe0d8b45954dada8067aa4f6.tar.gz chromium_src-8162d3d0a3d027adbe0d8b45954dada8067aa4f6.tar.bz2 | |
While initializing the pepper plugin registry in the renderer we load each plugin and attempt to initialize
it. If initialization fails for a plugin the code in PluginModule unloads the plugin but still attempts
to invoke the shutdown function on an unloaded plugin module.
Proposed fix is to initialize the entry points member with the plugin entry points only when initialization
succeeds.
BUG=none
TEST=The renderer should not crash if initializing a pepper plugin fails.
Review URL: http://codereview.chromium.org/7277077
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@91756 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit/plugins')
| -rw-r--r-- | webkit/plugins/ppapi/plugin_module.cc | 21 | ||||
| -rw-r--r-- | webkit/plugins/ppapi/plugin_module.h | 2 |
2 files changed, 15 insertions, 8 deletions
diff --git a/webkit/plugins/ppapi/plugin_module.cc b/webkit/plugins/ppapi/plugin_module.cc index cf20fe9..4fc1fd2 100644 --- a/webkit/plugins/ppapi/plugin_module.cc +++ b/webkit/plugins/ppapi/plugin_module.cc @@ -449,6 +449,7 @@ PluginModule::PluginModule(const std::string& name, name_(name), path_(path), reserve_instance_id_(NULL) { + memset(&entry_points_, 0, sizeof(entry_points_)); pp_module_ = ResourceTracker::Get()->AddModule(this); GetMainThreadMessageLoop(); // Initialize the main thread message loop. GetLivePluginSet()->insert(this); @@ -478,8 +479,11 @@ PluginModule::~PluginModule() { } bool PluginModule::InitAsInternalPlugin(const EntryPoints& entry_points) { - entry_points_ = entry_points; - return InitializeModule(); + if (InitializeModule(entry_points)) { + entry_points_ = entry_points; + return true; + } + return false; } bool PluginModule::InitAsLibrary(const FilePath& path) { @@ -487,12 +491,14 @@ bool PluginModule::InitAsLibrary(const FilePath& path) { if (!library) return false; - if (!LoadEntryPointsFromLibrary(library, &entry_points_) || - !InitializeModule()) { + EntryPoints entry_points; + + if (!LoadEntryPointsFromLibrary(library, &entry_points) || + !InitializeModule(entry_points)) { base::UnloadNativeLibrary(library); return false; } - + entry_points_ = entry_points; library_ = library; return true; } @@ -603,9 +609,10 @@ PluginDelegate::PpapiBroker* PluginModule::GetBroker() { return webkit_forwarding_.get(); } -bool PluginModule::InitializeModule() { +bool PluginModule::InitializeModule(const EntryPoints& entry_points) { DCHECK(!out_of_process_proxy_.get()) << "Don't call for proxied modules."; - int retval = entry_points_.initialize_module(pp_module(), &GetInterface); + DCHECK(entry_points.initialize_module != NULL); + int retval = entry_points.initialize_module(pp_module(), &GetInterface); if (retval != 0) { LOG(WARNING) << "PPP_InitializeModule returned failure " << retval; return false; diff --git a/webkit/plugins/ppapi/plugin_module.h b/webkit/plugins/ppapi/plugin_module.h index cce03df..52865bfc 100644 --- a/webkit/plugins/ppapi/plugin_module.h +++ b/webkit/plugins/ppapi/plugin_module.h @@ -160,7 +160,7 @@ class PluginModule : public base::RefCounted<PluginModule>, // Calls the InitializeModule entrypoint. The entrypoint must have been // set and the plugin must not be out of process (we don't maintain // entrypoints in that case). - bool InitializeModule(); + bool InitializeModule(const EntryPoints& entry_points); PluginDelegate::ModuleLifetime* lifetime_delegate_; |