Enum type safety in NPNGetValue

Stuart Morgan stuartmorgan at chromium.org
Thu Jun 3 12:18:19 PDT 2010


Most of NPAPI is very clear about the size of types, but NPNGetValue's
void* argument, combined with the various enums in NPAPI, seem to
create the possibility for nasty bugs. When the variable passed to
NPNGetValue is something like NPNVToolkit or NPNVpluginDrawingModel,
the void* argument is a pointer to an enum value. My understanding is
that in C++, enum size is unspecified, which means that the plugin and
the browser could disagree about how much memory is pointed to,
resulting in either memory stomping or unexpected values.

Perhaps any time there is a variable like this, the specification
should specify explicitly that the pointer is to a specific memory
size (int32_t probably), so that the boundary point has a well-defined
size, and both sides can then cast that int to and from the enum as
necessary.

Thoughts?


More information about the plugin-futures mailing list