RESOLVED WONTFIX60795
REGRESSION (WebKit2): Crash due to heap corruption in old versions of VLC plugin when page has two or more plugin instances 
https://bugs.webkit.org/show_bug.cgi?id=60795
Summary REGRESSION (WebKit2): Crash due to heap corruption in old versions of VLC plu...
Adam Roben (:aroben)
Reported 2011-05-13 13:28:22 PDT
To reproduce: 1. Install VLC 0.6.8d from http://download.videolan.org/pub/videolan/vlc/0.8.6d/win32/vlc-0.8.6d-win32.exe 2. Go to data:text/html,<embed type="application/x-vlc-plugin"><embed type="application/x-vlc-plugin"> 3. Reload the page until crash occurs The crash is in free() inside VLC code. The bug happens only in WebKit2, not in WebKit1. It looks like this happens in Firefox and Chrome, too, but it's harder to detect there due to out-of-process plugins.
Attachments
Add attachment proposed patch, testcase, etc.
Adam Roben (:aroben)
Comment 1 2011-05-13 13:29:08 PDT
WebKit1 works around this VLC bug using the PluginQuirkDontAllowMultipleInstances quirk. Note that the crash does not occur with the most recent version of VLC, 1.1.9. I haven't tested any other versions.
Adam Roben (:aroben)
Comment 2 2011-05-13 13:29:54 PDT
<rdar://problem/9436117>
Alexey Proskuryakov
Comment 3 2022-06-23 19:51:45 PDT
Plug-in support has been removed from WebKit.
Note You need to log in before you can comment on or make changes to this bug.