Fix for bug 5427 ("Passing security principals into nsILiveConnect

methods will cause browser to crash"), fix contributed by jeff.dyer@compilercompany.com, r=drapeau@eng.sun.com. More bulletproof way of testing if principals passed in are valid (comments in the code fix explain in more detail). git-svn-id: svn://10.0.0.236/trunk@54836 18797224-902f-48f8-a5cc-f745e15eee43
1999-12-01 00:46:43 +00:00 · 1999-12-01 00:46:43 +00:00 · 6a5ed67b18
commit 6a5ed67b18
parent b3d902ea74
1 changed files with 5 additions and 1 deletions
--- a/mozilla/modules/oji/src/lcglue.cpp
+++ b/mozilla/modules/oji/src/lcglue.cpp
@ -372,7 +372,11 @@ enter_js_from_java_impl(JNIEnv *jEnv, char **errp,
 	}

 	// Setup tls to maintain a stack of security contexts.
-	if ((pNSIPrincipaArray != NULL) && (pNSISecurityContext != NULL)) {
+	// [Fix to #5427: test numPrincipals rather than pNSIPrincipaArray. This 
+	// allows the caller to pass in the address of a null reference to an 
+	// principal array without having to check it. jeff.dyer@compilercompany.com,
+	// Oct-4-1999]
+	if ((numPrincipals!=0) && (pNSISecurityContext != NULL)) {
 		JVMSecurityStack *pSecInfoNew    = new JVMSecurityStack;
 		pSecInfoNew->pNSIPrincipaArray   = pNSIPrincipaArray;
 		pSecInfoNew->numPrincipals       = numPrincipals;