diff options
Diffstat (limited to 'webkit')
| -rw-r--r-- | webkit/glue/plugins/plugin_group.cc | 133 | ||||
| -rw-r--r-- | webkit/glue/plugins/plugin_group.h | 62 | ||||
| -rw-r--r-- | webkit/glue/plugins/plugin_group_unittest.cc | 142 | ||||
| -rw-r--r-- | webkit/glue/plugins/plugin_list.cc | 104 |
4 files changed, 289 insertions, 152 deletions
diff --git a/webkit/glue/plugins/plugin_group.cc b/webkit/glue/plugins/plugin_group.cc index 52cc132..723a31d 100644 --- a/webkit/glue/plugins/plugin_group.cc +++ b/webkit/glue/plugins/plugin_group.cc @@ -13,8 +13,7 @@ #include "webkit/glue/plugins/plugin_list.h" #include "webkit/glue/plugins/webplugininfo.h" -const char* PluginGroup::kAdobeReader8GroupName = "Adobe Reader 8"; -const char* PluginGroup::kAdobeReader9GroupName = "Adobe Reader 9"; +const char* PluginGroup::kAdobeReaderGroupName = "Adobe Reader"; /*static*/ std::set<string16>* PluginGroup::policy_disabled_plugin_patterns_; @@ -59,47 +58,57 @@ bool PluginGroup::IsPluginPathDisabledByPolicy(const FilePath& plugin_path) { return false; } +VersionRange::VersionRange(VersionRangeDefinition definition) + : low_str(definition.version_matcher_low), + high_str(definition.version_matcher_high), + min_str(definition.min_version) { + if (!low_str.empty()) + low.reset(Version::GetVersionFromString(low_str)); + if (!high_str.empty()) + high.reset(Version::GetVersionFromString(high_str)); + if (!min_str.empty()) + min.reset(Version::GetVersionFromString(min_str)); +} + +VersionRange::VersionRange(const VersionRange& other) { + InitFrom(other); +} + +VersionRange& VersionRange::operator=(const VersionRange& other) { + InitFrom(other); + return *this; +} + +void VersionRange::InitFrom(const VersionRange& other) { + low_str = other.low_str; + high_str = other.high_str; + min_str = other.min_str; + low.reset(Version::GetVersionFromString(other.low_str)); + high.reset(Version::GetVersionFromString(other.high_str)); + min.reset(Version::GetVersionFromString(other.min_str)); +} + PluginGroup::PluginGroup(const string16& group_name, const string16& name_matcher, - const std::string& version_range_low, - const std::string& version_range_high, - const std::string& min_version, const std::string& update_url, const std::string& identifier) : identifier_(identifier), group_name_(group_name), name_matcher_(name_matcher), - version_range_low_str_(version_range_low), - version_range_high_str_(version_range_high), update_url_(update_url), enabled_(false), - min_version_str_(min_version), version_(Version::GetVersionFromString("0")) { - if (!version_range_low.empty()) - version_range_low_.reset(Version::GetVersionFromString(version_range_low)); - if (!version_range_high.empty()) { - version_range_high_.reset( - Version::GetVersionFromString(version_range_high)); - } - if (!min_version.empty()) - min_version_.reset(Version::GetVersionFromString(min_version)); } void PluginGroup::InitFrom(const PluginGroup& other) { identifier_ = other.identifier_; group_name_ = other.group_name_; name_matcher_ = other.name_matcher_; - version_range_low_str_ = other.version_range_low_str_; - version_range_high_str_ = other.version_range_high_str_; - version_range_low_.reset( - Version::GetVersionFromString(version_range_low_str_)); - version_range_high_.reset( - Version::GetVersionFromString(version_range_high_str_)); description_ = other.description_; update_url_ = other.update_url_; enabled_ = other.enabled_; - min_version_str_ = other.min_version_str_; - min_version_.reset(Version::GetVersionFromString(min_version_str_)); + for (size_t i = 0; i < other.version_ranges_.size(); ++i) + version_ranges_.push_back(other.version_ranges_[i]); DCHECK_EQ(other.web_plugin_infos_.size(), other.web_plugin_positions_.size()); for (size_t i = 0; i < other.web_plugin_infos_.size(); ++i) AddPlugin(other.web_plugin_infos_[i], other.web_plugin_positions_[i]); @@ -112,6 +121,7 @@ PluginGroup::PluginGroup(const PluginGroup& other) { } PluginGroup& PluginGroup::operator=(const PluginGroup& other) { + version_ranges_.clear(); InitFrom(other); return *this; } @@ -119,13 +129,13 @@ PluginGroup& PluginGroup::operator=(const PluginGroup& other) { /*static*/ PluginGroup* PluginGroup::FromPluginGroupDefinition( const PluginGroupDefinition& definition) { - return new PluginGroup(ASCIIToUTF16(definition.name), - ASCIIToUTF16(definition.name_matcher), - definition.version_matcher_low, - definition.version_matcher_high, - definition.min_version, - definition.update_url, - definition.identifier); + PluginGroup* group = new PluginGroup(ASCIIToUTF16(definition.name), + ASCIIToUTF16(definition.name_matcher), + definition.update_url, + definition.identifier); + for (size_t i = 0; i < definition.num_versions; ++i) + group->version_ranges_.push_back(VersionRange(definition.versions[i])); + return group; } PluginGroup::~PluginGroup() { } @@ -151,8 +161,7 @@ std::string PluginGroup::GetLongIdentifier(const WebPluginInfo& wpi) { /*static*/ PluginGroup* PluginGroup::FromWebPluginInfo(const WebPluginInfo& wpi) { // Create a matcher from the name of this plugin. - return new PluginGroup(wpi.name, wpi.name, std::string(), std::string(), - std::string(), std::string(), + return new PluginGroup(wpi.name, wpi.name, std::string(), GetIdentifier(wpi)); } @@ -166,12 +175,11 @@ bool PluginGroup::Match(const WebPluginInfo& plugin) const { return false; } - if (version_range_low_.get() == NULL || - version_range_high_.get() == NULL) { + if (version_ranges_.empty()) { return true; } - // There's a version range, we must be in it. + // There's at least one version range, the plugin's version must be in it. scoped_ptr<Version> plugin_version( Version::GetVersionFromString(UTF16ToWide(plugin.version))); if (plugin_version.get() == NULL) { @@ -179,9 +187,14 @@ bool PluginGroup::Match(const WebPluginInfo& plugin) const { return false; } - // We match if we are in the range: [low, high) - return (version_range_low_->CompareTo(*plugin_version) <= 0 && - version_range_high_->CompareTo(*plugin_version) > 0); + // Match if the plugin is contained in any of the defined VersionRanges. + for (size_t i = 0; i < version_ranges_.size(); ++i) { + if (IsVersionInRange(*plugin_version, version_ranges_[i])) { + return true; + } + } + // None of the VersionRanges matched. + return false; } Version* PluginGroup::CreateVersionFromString(const string16& version_string) { @@ -322,18 +335,38 @@ DictionaryValue* PluginGroup::GetDataForUI() const { return result; } +/*static*/ +bool PluginGroup::IsVersionInRange(const Version& version, + const VersionRange& range) { + DCHECK(range.low.get() != NULL || range.high.get() == NULL) + << "Lower bound of version range must be defined."; + return (range.low.get() == NULL && range.high.get() == NULL) || + (range.low->CompareTo(version) <= 0 && + (range.high.get() == NULL || range.high->CompareTo(version) > 0)); +} + +/*static*/ +bool PluginGroup::IsPluginOutdated(const Version& plugin_version, + const VersionRange& version_range) { + if (IsVersionInRange(plugin_version, version_range)) { + if (version_range.min.get() && + plugin_version.CompareTo(*version_range.min) < 0) { + return true; + } + } + return false; +} + // Returns true if the latest version of this plugin group is vulnerable. bool PluginGroup::IsVulnerable() const { - if (min_version_.get() == NULL || version_->GetString() == "0") { - return false; + for (size_t i = 0; i < version_ranges_.size(); ++i) { + if (IsPluginOutdated(*version_, version_ranges_[i])) + return true; } - return version_->CompareTo(*min_version_) < 0; + return false; } void PluginGroup::DisableOutdatedPlugins() { - if (!min_version_.get()) - return; - description_ = string16(); enabled_ = false; @@ -341,9 +374,13 @@ void PluginGroup::DisableOutdatedPlugins() { web_plugin_infos_.begin(); it != web_plugin_infos_.end(); ++it) { scoped_ptr<Version> version(CreateVersionFromString(it->version)); - if (version.get() && version->CompareTo(*min_version_) < 0) { - it->enabled = false; - NPAPI::PluginList::Singleton()->DisablePlugin(it->path); + if (version.get()) { + for (size_t i = 0; i < version_ranges_.size(); ++i) { + if (IsPluginOutdated(*version, version_ranges_[i])) { + it->enabled = false; + NPAPI::PluginList::Singleton()->DisablePlugin(it->path); + } + } } UpdateActivePlugin(*it); } diff --git a/webkit/glue/plugins/plugin_group.h b/webkit/glue/plugins/plugin_group.h index a2d1aaf..e916b84 100644 --- a/webkit/glue/plugins/plugin_group.h +++ b/webkit/glue/plugins/plugin_group.h @@ -21,23 +21,47 @@ class Version; struct WebPluginInfo; namespace NPAPI { - class PluginList; +class PluginList; +}; + +// Hard-coded version ranges for plugin groups. +struct VersionRangeDefinition { + // Matcher for lowest version matched by this range (inclusive). May be empty + // to match everything iff |version_matcher_high| is also empty. + const char* version_matcher_low; + // Matcher for highest version matched by this range (exclusive). May be empty + // to match anything higher than |version_matcher_low|. + const char* version_matcher_high; + const char* min_version; // Minimum secure version. }; -namespace plugin_test_internal { -class PluginExceptionsTableModelTest; -} // Hard-coded definitions of plugin groups. struct PluginGroupDefinition { const char* identifier; // Unique identifier for this group. const char* name; // Name of this group. const char* name_matcher; // Substring matcher for the plugin name. - const char* version_matcher_low; // Matchers for the plugin version. - const char* version_matcher_high; - const char* min_version; // Minimum secure version. + const VersionRangeDefinition* versions; // List of version ranges. + const size_t num_versions; // Size of the array |versions| points to. const char* update_url; // Location of latest secure version. }; +// Run-time structure to hold version range information. +struct VersionRange { + public: + explicit VersionRange(VersionRangeDefinition definition); + VersionRange(const VersionRange& other); + VersionRange& operator=(const VersionRange& other); + + std::string low_str; + std::string high_str; + std::string min_str; + scoped_ptr<Version> low; + scoped_ptr<Version> high; + scoped_ptr<Version> min; + private: + void InitFrom(const VersionRange& other); +}; + // A PluginGroup can match a range of versions of a specific plugin (as defined // by matching a substring of its name). // It contains all WebPluginInfo structs (at least one) matching its definition. @@ -49,8 +73,7 @@ class PluginGroup { public: // Used by about:plugins to disable Reader plugin when internal PDF viewer is // enabled. - static const char* kAdobeReader8GroupName; - static const char* kAdobeReader9GroupName; + static const char* kAdobeReaderGroupName; PluginGroup(const PluginGroup& other); @@ -118,7 +141,7 @@ class PluginGroup { friend class NPAPI::PluginList; friend class PluginGroupTest; friend class TableModelArrayControllerTest; - friend class plugin_test_internal::PluginExceptionsTableModelTest; + friend class PluginExceptionsTableModelTest; // Generates the (short) identifier string for the given plugin. static std::string GetIdentifier(const WebPluginInfo& wpi); @@ -136,11 +159,17 @@ class PluginGroup { // the created PluginGroup. static PluginGroup* FromWebPluginInfo(const WebPluginInfo& wpi); + // Returns |true| if |version| is contained in [low, high) of |range|. + static bool IsVersionInRange(const Version& version, + const VersionRange& range); + + // Returns |true| iff |plugin_version| is both contained in |version_range| + // and declared outdated (== vulnerable) by it. + static bool IsPluginOutdated(const Version& plugin_version, + const VersionRange& version_range); + PluginGroup(const string16& group_name, const string16& name_matcher, - const std::string& version_range_low, - const std::string& version_range_high, - const std::string& min_version, const std::string& update_url, const std::string& identifier); @@ -161,15 +190,10 @@ class PluginGroup { std::string identifier_; string16 group_name_; string16 name_matcher_; - std::string version_range_low_str_; - std::string version_range_high_str_; - scoped_ptr<Version> version_range_low_; - scoped_ptr<Version> version_range_high_; string16 description_; std::string update_url_; bool enabled_; - std::string min_version_str_; - scoped_ptr<Version> min_version_; + std::vector<VersionRange> version_ranges_; scoped_ptr<Version> version_; std::vector<WebPluginInfo> web_plugin_infos_; std::vector<int> web_plugin_positions_; diff --git a/webkit/glue/plugins/plugin_group_unittest.cc b/webkit/glue/plugins/plugin_group_unittest.cc index 1868fb4..31dee1e 100644 --- a/webkit/glue/plugins/plugin_group_unittest.cc +++ b/webkit/glue/plugins/plugin_group_unittest.cc @@ -16,16 +16,34 @@ #include "webkit/glue/plugins/webplugininfo.h" #include "webkit/glue/plugins/plugin_list.h" +static const VersionRangeDefinition kPluginVersionRange[] = { + { "", "", "3.0.44" } +}; +static const VersionRangeDefinition kPlugin3VersionRange[] = { + { "0", "4", "3.0.44" } +}; +static const VersionRangeDefinition kPlugin4VersionRange[] = { + { "4", "5", "4.0.44" } +}; +static const VersionRangeDefinition kPlugin34VersionRange[] = { + { "0", "4", "3.0.44" }, + { "4", "5", "4.0.44" } +}; + static const PluginGroupDefinition kPluginDef = { - "myplugin", "MyPlugin", "MyPlugin", "", "", "3.0.44", "http://latest/" }; + "myplugin", "MyPlugin", "MyPlugin", kPluginVersionRange, 1, + "http://latest/" }; static const PluginGroupDefinition kPluginDef3 = { - "myplugin-3", "MyPlugin 3", "MyPlugin", "0", "4", "3.0.44", + "myplugin-3", "MyPlugin 3", "MyPlugin", kPlugin3VersionRange, 1, "http://latest" }; static const PluginGroupDefinition kPluginDef4 = { - "myplugin-4", "MyPlugin 4", "MyPlugin", "4", "5", "4.0.44", + "myplugin-4", "MyPlugin 4", "MyPlugin", kPlugin4VersionRange, 1, + "http://latest" }; +static const PluginGroupDefinition kPluginDef34 = { + "myplugin-34", "MyPlugin 3/4", "MyPlugin", kPlugin34VersionRange, 2, "http://latest" }; static const PluginGroupDefinition kPluginDefNotVulnerable = { - "myplugin-latest", "MyPlugin", "MyPlugin", "", "", "", "http://latest" }; + "myplugin-latest", "MyPlugin", "MyPlugin", NULL, 0, "http://latest" }; // name, path, version, desc, mime_types, enabled. static WebPluginInfo kPlugin2043 = WebPluginInfo( @@ -78,55 +96,64 @@ TEST(PluginGroupTest, PluginGroupMatchCorrectVersion) { EXPECT_FALSE(group->Match(kPlugin2043)); EXPECT_FALSE(group->Match(kPlugin3043)); EXPECT_TRUE(group->Match(kPlugin4043)); + + group.reset(PluginGroupTest::CreatePluginGroup(kPluginDef34)); + EXPECT_TRUE(group->Match(kPlugin2043)); + EXPECT_TRUE(group->Match(kPlugin3043)); + EXPECT_TRUE(group->Match(kPlugin4043)); } TEST(PluginGroupTest, PluginGroupDescription) { string16 desc3043(ASCIIToUTF16("MyPlugin version 3.0.43")); string16 desc3045(ASCIIToUTF16("MyPlugin version 3.0.45")); - WebPluginInfo plugin3043(kPlugin3043); - WebPluginInfo plugin3045(kPlugin3045); - - { - scoped_ptr<PluginGroup> group(PluginGroupTest::CreatePluginGroup( - kPluginDef3)); - EXPECT_TRUE(group->Match(plugin3043)); - group->AddPlugin(plugin3043, 0); - EXPECT_EQ(desc3043, group->description()); - EXPECT_TRUE(group->IsVulnerable()); - EXPECT_TRUE(group->Match(plugin3045)); - group->AddPlugin(plugin3045, 1); - EXPECT_EQ(desc3043, group->description()); - EXPECT_TRUE(group->IsVulnerable()); - } - { - // Disable the first plugin. - plugin3043.enabled = false; - scoped_ptr<PluginGroup> group(PluginGroupTest::CreatePluginGroup( - kPluginDef3)); - EXPECT_TRUE(group->Match(plugin3043)); - group->AddPlugin(plugin3043, 0); - EXPECT_EQ(desc3043, group->description()); - EXPECT_TRUE(group->IsVulnerable()); - EXPECT_TRUE(group->Match(plugin3045)); - group->AddPlugin(plugin3045, 1); - EXPECT_EQ(desc3045, group->description()); - EXPECT_FALSE(group->IsVulnerable()); - } - - { - // Disable the second plugin. - plugin3045.enabled = false; - scoped_ptr<PluginGroup> group(PluginGroupTest::CreatePluginGroup( - kPluginDef3)); - EXPECT_TRUE(group->Match(plugin3043)); - group->AddPlugin(plugin3043, 1); - EXPECT_EQ(desc3043, group->description()); - EXPECT_TRUE(group->IsVulnerable()); - EXPECT_TRUE(group->Match(plugin3045)); - group->AddPlugin(plugin3045, 0); - EXPECT_EQ(desc3043, group->description()); - EXPECT_TRUE(group->IsVulnerable()); + PluginGroupDefinition plugindefs[] = { kPluginDef3, kPluginDef34 }; + for (size_t i = 0; i < 2; ++i) { + WebPluginInfo plugin3043(kPlugin3043); + WebPluginInfo plugin3045(kPlugin3045); + { + scoped_ptr<PluginGroup> group(PluginGroupTest::CreatePluginGroup( + plugindefs[i])); + EXPECT_TRUE(group->Match(plugin3043)); + group->AddPlugin(plugin3043, 0); + EXPECT_EQ(desc3043, group->description()); + EXPECT_TRUE(group->IsVulnerable()); + EXPECT_TRUE(group->Match(plugin3045)); + group->AddPlugin(plugin3045, 1); + EXPECT_EQ(desc3043, group->description()); + EXPECT_TRUE(group->IsVulnerable()); + } + + { + // Disable the first plugin. + plugin3043.enabled = false; + scoped_ptr<PluginGroup> group(PluginGroupTest::CreatePluginGroup( + plugindefs[i])); + EXPECT_TRUE(group->Match(plugin3043)); + group->AddPlugin(plugin3043, 0); + EXPECT_EQ(desc3043, group->description()); + EXPECT_TRUE(group->IsVulnerable()); + EXPECT_FALSE(group->Enabled()); + EXPECT_TRUE(group->Match(plugin3045)); + group->AddPlugin(plugin3045, 1); + EXPECT_EQ(desc3045, group->description()); + EXPECT_FALSE(group->IsVulnerable()); + } + + { + // Disable the second plugin. + plugin3045.enabled = false; + scoped_ptr<PluginGroup> group(PluginGroupTest::CreatePluginGroup( + plugindefs[i])); + EXPECT_TRUE(group->Match(plugin3043)); + group->AddPlugin(plugin3043, 1); + EXPECT_EQ(desc3043, group->description()); + EXPECT_TRUE(group->IsVulnerable()); + EXPECT_TRUE(group->Match(plugin3045)); + group->AddPlugin(plugin3045, 0); + EXPECT_EQ(desc3043, group->description()); + EXPECT_TRUE(group->IsVulnerable()); + } } } @@ -144,16 +171,19 @@ TEST(PluginGroupTest, PluginGroupDefinition) { } TEST(PluginGroupTest, DisableOutdated) { - scoped_ptr<PluginGroup> group(PluginGroupTest::CreatePluginGroup( - kPluginDef3)); - group->AddPlugin(kPlugin3043, 0); - group->AddPlugin(kPlugin3045, 1); - EXPECT_EQ(ASCIIToUTF16("MyPlugin version 3.0.43"), group->description()); - EXPECT_TRUE(group->IsVulnerable()); + PluginGroupDefinition plugindefs[] = { kPluginDef3, kPluginDef34 }; + for (size_t i = 0; i < 2; ++i) { + scoped_ptr<PluginGroup> group(PluginGroupTest::CreatePluginGroup( + plugindefs[i])); + group->AddPlugin(kPlugin3043, 0); + group->AddPlugin(kPlugin3045, 1); + EXPECT_EQ(ASCIIToUTF16("MyPlugin version 3.0.43"), group->description()); + EXPECT_TRUE(group->IsVulnerable()); - group->DisableOutdatedPlugins(); - EXPECT_EQ(ASCIIToUTF16("MyPlugin version 3.0.45"), group->description()); - EXPECT_FALSE(group->IsVulnerable()); + group->DisableOutdatedPlugins(); + EXPECT_EQ(ASCIIToUTF16("MyPlugin version 3.0.45"), group->description()); + EXPECT_FALSE(group->IsVulnerable()); + } } TEST(PluginGroupTest, VersionExtraction) { diff --git a/webkit/glue/plugins/plugin_list.cc b/webkit/glue/plugins/plugin_list.cc index 922f6ce..d682cce 100644 --- a/webkit/glue/plugins/plugin_list.cc +++ b/webkit/glue/plugins/plugin_list.cc @@ -32,56 +32,102 @@ namespace NPAPI { // Plugins are listed here as soon as vulnerabilities and solutions // (new versions) are published. // TODO(panayiotis): Get the Real Player version on Mac, somehow. +static const VersionRangeDefinition kQuicktimeVersionRange[] = { + { "", "", "7.6.6" } +}; +static const VersionRangeDefinition kJavaVersionRange[] = { + { "", "", "" } +}; +static const VersionRangeDefinition kFlashVersionRange[] = { + { "", "", "10.1.102" } +}; +static const VersionRangeDefinition kSilverlightVersionRange[] = { + { "0", "4", "3.0.50106.0" }, + { "4", "5", "" } +}; +static const VersionRangeDefinition kFlip4MacVersionRange[] = { + { "", "", "2.2.1" } +}; +static const VersionRangeDefinition kShockwaveVersionRange[] = { + { "", "", "11.5.9.615" } +}; static const PluginGroupDefinition kGroupDefinitions[] = { - { "apple-quicktime", "Quicktime", "QuickTime Plug-in", "", "", "7.6.6", + { "apple-quicktime", "Quicktime", "QuickTime Plug-in", kQuicktimeVersionRange, + arraysize(kQuicktimeVersionRange), "http://www.apple.com/quicktime/download/" }, - { "java-runtime-environment", "Java", "Java", "", "", "", - "http://support.apple.com/kb/HT1338" }, - { "adobe-flash-player", "Flash", "Shockwave Flash", "", "", "10.1.102", - "http://get.adobe.com/flashplayer/" }, - { "silverlight-3", "Silverlight 3", "Silverlight", "0", "4", "3.0.50106.0", + { "java-runtime-environment", "Java", "Java", kJavaVersionRange, + arraysize(kJavaVersionRange), "http://support.apple.com/kb/HT1338" }, + { "adobe-flash-player", "Flash", "Shockwave Flash", kFlashVersionRange, + arraysize(kFlashVersionRange), "http://get.adobe.com/flashplayer/" }, + { "silverlight", "Silverlight", "Silverlight", kSilverlightVersionRange, + arraysize(kSilverlightVersionRange), "http://www.microsoft.com/getsilverlight/" }, - { "silverlight-4", "Silverlight 4", "Silverlight", "4", "5", "", - "http://www.microsoft.com/getsilverlight/" }, - { "flip4mac", "Flip4Mac", "Flip4Mac", "", "", "2.2.1", + { "flip4mac", "Flip4Mac", "Flip4Mac", kFlip4MacVersionRange, + arraysize(kFlip4MacVersionRange), "http://www.telestream.net/flip4mac-wmv/overview.htm" }, - { "shockwave", "Shockwave", "Shockwave for Director", "", "", "11.5.9.615", + { "shockwave", "Shockwave", "Shockwave for Director", kShockwaveVersionRange, + arraysize(kShockwaveVersionRange), "http://www.adobe.com/shockwave/download/" } }; #elif defined(OS_WIN) // TODO(panayiotis): We should group "RealJukebox NS Plugin" with the rest of // the RealPlayer files. +static const VersionRangeDefinition kQuicktimeVersionRange[] = { + { "", "", "7.6.8" } +}; +static const VersionRangeDefinition kJavaVersionRange[] = { + { "0", "7", "6.0.220" } // "220" is not a typo. +}; +static const VersionRangeDefinition kAdobeReaderVersionRange[] = { + { "10", "11", "" }, + { "9", "10", "9.4.1" }, + { "0", "9", "8.2.5" } +}; +static const VersionRangeDefinition kFlashVersionRange[] = { + { "", "", "10.1.102" } +}; +static const VersionRangeDefinition kSilverlightVersionRange[] = { + { "0", "4", "3.0.50106.0" }, + { "4", "5", "" } +}; +static const VersionRangeDefinition kShockwaveVersionRange[] = { + { "", "", "11.5.9.615" } +}; +static const VersionRangeDefinition kDivXVersionRange[] = { + { "", "", "1.4.3.4" } +}; static const PluginGroupDefinition kGroupDefinitions[] = { - { "apple-quicktime", "Quicktime", "QuickTime Plug-in", "", "", "7.6.8", + { "apple-quicktime", "Quicktime", "QuickTime Plug-in", kQuicktimeVersionRange, + arraysize(kQuicktimeVersionRange), "http://www.apple.com/quicktime/download/" }, - { "java-runtime-environment", "Java 6", "Java", "", "6", "6.0.220", - "http://www.java.com/" }, - { "adobe-reader", PluginGroup::kAdobeReader9GroupName, "Adobe Acrobat", "9", - "10", "9.4.1", "http://get.adobe.com/reader/" }, - { "adobe-reader-8", PluginGroup::kAdobeReader8GroupName, "Adobe Acrobat", "0", - "9", "8.2.5", "http://get.adobe.com/reader/" }, - { "adobe-flash-player", "Flash", "Shockwave Flash", "", "", "10.1.102", - "http://get.adobe.com/flashplayer/" }, - { "silverlight-3", "Silverlight 3", "Silverlight", "0", "4", "3.0.50106.0", + { "java-runtime-environment", "Java 6", "Java", kJavaVersionRange, + arraysize(kJavaVersionRange), "http://www.java.com/" }, + { "adobe-reader", PluginGroup::kAdobeReaderGroupName, "Adobe Acrobat", + kAdobeReaderVersionRange, arraysize(kAdobeReaderVersionRange), + "http://get.adobe.com/reader/" }, + { "adobe-flash-player", "Flash", "Shockwave Flash", kFlashVersionRange, + arraysize(kFlashVersionRange), "http://get.adobe.com/flashplayer/" }, + { "silverlight", "Silverlight", "Silverlight", kSilverlightVersionRange, + arraysize(kSilverlightVersionRange), "http://www.microsoft.com/getsilverlight/" }, - { "silverlight-4", "Silverlight 4", "Silverlight", "4", "5", "", - "http://www.microsoft.com/getsilverlight/" }, - { "shockwave", "Shockwave", "Shockwave for Director", "", "", "11.5.9.615", + { "shockwave", "Shockwave", "Shockwave for Director", kShockwaveVersionRange, + arraysize(kShockwaveVersionRange), "http://www.adobe.com/shockwave/download/" }, - { "divx-player", "DivX Player", "DivX Web Player", "", "", "1.4.3.4", + { "divx-player", "DivX Player", "DivX Web Player", kDivXVersionRange, + arraysize(kDivXVersionRange), "http://download.divx.com/divx/autoupdate/player/" "DivXWebPlayerInstaller.exe" }, - // These are here for grouping, no vulnerabilies known. + // These are here for grouping, no vulnerabilities known. { "windows-media-player", "Windows Media Player", "Windows Media Player", - "", "", "", "" }, + NULL, 0, "" }, { "microsoft-office", "Microsoft Office", "Microsoft Office", - "", "", "", "" }, + NULL, 0, "" }, // TODO(panayiotis): The vulnerable versions are // (v >= 6.0.12.1040 && v <= 6.0.12.1663) // || v == 6.0.12.1698 || v == 6.0.12.1741 - { "realplayer", "RealPlayer", "RealPlayer", "", "", "", - "http://www.adobe.com/shockwave/download/" }, + { "realplayer", "RealPlayer", "RealPlayer", NULL, 0, + "www.real.com/realplayer/downloads" }, }; #else |