Bug 723133 - Protect against recursive calls in nsPluginNativeWindowWin's PluginWndProc. r=bsmedberg
authorJim Mathies <jmathies@mozilla.com>
Mon, 02 Jul 2012 12:15:17 -0500
changeset 98121 46a9d74546bc898e76c17a9666b5d419ddfce06f
parent 98120 c9c5ff6c35594dd0e701e3f529b5c0abf7ba8b25
child 98122 a92bb4e1842de83bb4b853734d5c707f2a0a4a86
push id23024
push userryanvm@gmail.com
push dateMon, 02 Jul 2012 22:29:23 +0000
treeherdermozilla-central@26aa29fdd888 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbsmedberg
bugs723133
milestone16.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 723133 - Protect against recursive calls in nsPluginNativeWindowWin's PluginWndProc. r=bsmedberg
dom/plugins/base/nsPluginNativeWindowWin.cpp
--- a/dom/plugins/base/nsPluginNativeWindowWin.cpp
+++ b/dom/plugins/base/nsPluginNativeWindowWin.cpp
@@ -180,16 +180,18 @@ private:
 };
 
 NS_IMETHODIMP nsDelayedPopupsEnabledEvent::Run()
 {
   mInst->PushPopupsEnabledState(false);
   return NS_OK;	
 }
 
+static LRESULT CALLBACK PluginWndProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam);
+
 /**
  *   New plugin window procedure
  */
 static LRESULT CALLBACK PluginWndProcInternal(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam)
 {
   nsPluginNativeWindowWin * win = (nsPluginNativeWindowWin *)::GetProp(hWnd, NS_PLUGIN_WINDOW_PROPERTY_ASSOCIATION);
   if (!win)
     return TRUE;
@@ -308,20 +310,25 @@ static LRESULT CALLBACK PluginWndProcInt
     PRUint16 apiVersion;
     if (NS_SUCCEEDED(inst->GetPluginAPIVersion(&apiVersion)) &&
         !versionOK(apiVersion, NP_POPUP_API_VERSION)) {
       inst->PushPopupsEnabledState(true);
     }
   }
 
   sInMessageDispatch = true;
-
-  LRESULT res = CallWindowProc((WNDPROC)win->GetWindowProc(),
-                               hWnd, msg, wParam, lParam);
-
+  LRESULT res;
+  WNDPROC proc = (WNDPROC)win->GetWindowProc();
+  if (PluginWndProc == proc) {
+    NS_WARNING("Previous plugin window procedure references PluginWndProc! "
+               "Report this bug!");
+    res = CallWindowProc(DefWindowProc, hWnd, msg, wParam, lParam);
+  } else {
+    res = CallWindowProc(proc, hWnd, msg, wParam, lParam);
+  }
   sInMessageDispatch = false;
 
   if (inst) {
     // Popups are enabled (were enabled before the call to
     // CallWindowProc()). Some plugins (at least the flash player)
     // post messages from their key handlers etc that delay the actual
     // processing, so we need to delay the disabling of popups so that
     // popups remain enabled when the flash player ends up processing
@@ -412,19 +419,19 @@ SetWindowLongAHook(HWND hWnd,
 
   // Set flash's new subclass to get the result. 
   LONG_PTR proc = sUser32SetWindowLongAHookStub(hWnd, nIndex, newLong);
 
   // We already checked this in SetWindowLongHookCheck
   nsPluginNativeWindowWin * win =
     (nsPluginNativeWindowWin *)GetProp(hWnd, NS_PLUGIN_WINDOW_PROPERTY_ASSOCIATION);
 
-  // Hook our subclass back up, just like we do on setwindow.   
+  // Hook our subclass back up, just like we do on setwindow.
   win->SetPrevWindowProc(
-    reinterpret_cast<WNDPROC>(sUser32SetWindowLongAHookStub(hWnd, nIndex,
+    reinterpret_cast<WNDPROC>(sUser32SetWindowLongWHookStub(hWnd, nIndex,
       reinterpret_cast<LONG_PTR>(PluginWndProc))));
   return proc;
 }
 
 #ifdef _WIN64
 LONG_PTR WINAPI
 SetWindowLongPtrWHook(HWND hWnd,
                       int nIndex,