Comment 7 for bug 487141

Created attachment 353833
patch

Description of problem (by Tristan Schmelcher):

Hello,

I'm a developer on Google's open-source O3D plugin project for doing
hardware-accelerated 3D rendering in web browsers (
http://code.google.com/apis/o3d/). O3D is 32-bit only due to a dependency on
Google's V8 JavaScript JIT engine, so I've been working on compatibility
with nspluginwrapper so that we can support 64-bit Linux. Along the way I
discovered that one of the issues was a bug in nspluginwrapper's marshalling
of arrays of NPIdentifiers. A patch with the fix is attached. Apply with
"patch -p0 < FILENAME".

The bug exists in versions 1.2.0 and later. The issue is that NPIdentifiers
are passed to the do_send_NPIdentifier function by _value_, not by pointer,
which is how other parameters are passed to their marshallers. This is fine
when calling rpc_method_send_reply, but it results in a bug when marshalling
arrays of NPIdentifiers, because the array marshalling code in
rpc_message_send_args passes the individual elements by passing a pointer to
their position in the array. This resulted in do_send_NPIdentifier
interpreting the address of the NPIdentifier as the NPIdentifier itself. As
a result, nspluginwrapper's implementation of NPN_GetStringIdentifiers was
broken, because the NPIdentifier values that it returned to the plugin were
mapped to garbage addresses in the browser.

My fix is to change NPIdentifiers to be passed by pointer. With this fix,
nspluginwrapper can successfully run O3D plugins built from our SVN trunk at
revision 19440 or later.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.
2.
3.

Actual results:

Expected results:

Additional info: