Liveconnect bug

George Staikos staikos at kde.org
Fri Aug 6 17:19:22 BST 2004


On Friday 06 August 2004 11:00, Koos Vriezen wrote:
> > > No, but you might add some debug at HTMLObjectBaseElementImpl::put and
> > > HTMLObjectBaseElementImpl::setLiveConnect (html/html_objectimpl.cpp) to
> > > see if the return value is set to the same liveconnect extension that
> > > the plugin has.
> >
> >    No help so far.  Anyway this is a pretty major bug as far as KHTML is
> > concerned.  We should entirely disable liveconnect for plugins (and
> > therefore disable flash) if we can't fix this for 3.3.  The number of
> > crashes I'm seeing on "everyday websites" is rather large, though in many
> > cases it doesn't "crash" right away, but it does corrupt itself
> > internally.
>
> I haven't seen any crashes lately with liveconnect and KJAS. Why do you
> want to disable it. At least tell where the problem is or what clues you
> have that point to liveconnect (valgrind/bug reports/backtraces/test
> cases/). This liveconnect code in khtml hasn't changed much since 3.1 and
> is unchanged compared to 3.2.3.
>
> The case you mentioned makes for me the nspluginviewer crash. It has the
> bt as in bug 81401 (which is likely a dangling pointer in
> NSPluginInstance::_streams)...hmm after updating, I don't get that one
> anymore though.. But anyway, this cannot corrupt khtml.
>
> I took a quick look at the nsplugin code and noticed that there is no
> protection against a script that destroys the calling plugin. I've
> attached a patch for that. Also a static_cast -> dynamic_cast change.
>
> So please backup your claims.

   You could leave it in for KJAS - but for nspluginviewer we're better off 
not supporting liveconnect at all if we support it incorrectly because the 
plugins are very poorly written and crash on unexpected responses.  
http://www.jibjab.com/ illustrates the problem.  Valgrind nspluginviewer if 
you don't see crashes and you will see the invalid memory accesses.  The 
problem is definitely that the liveconnect pointer is null for the third 
flash, after it had detected that liveconnect is supported.  it may have to 
do with rewriting the document dynamically...  I'm just not sure.  I can't 
test that patch at least for another day or two because I don't have access 
to an x86 Linux box at the moment and Macromedia still won't give us a PPC 
flash plugin.

-- 
George Staikos
KDE Developer				http://www.kde.org/
Staikos Computing Services Inc.		http://www.staikos.net/




More information about the kfm-devel mailing list