diff options
| author | Mark H Weaver <mhw@netris.org> | 2015-06-05 23:15:25 -0400 |
|---|---|---|
| committer | Mark H Weaver <mhw@netris.org> | 2015-06-06 08:02:45 -0400 |
| commit | 716e20a2bccbbff71ff1839de2d9f97e7efd5a5f (patch) | |
| tree | a777888d51c92ab6c0f5fd15e4d7b5ca3ea9116c /gnu/packages/patches/icecat-CVE-2015-2716.patch | |
| parent | 8850303e769a742f407193e08388692cfcd09e67 (diff) | |
| download | guix-716e20a2bccbbff71ff1839de2d9f97e7efd5a5f.tar.gz | |
gnu: icecat: Update to 31.7.0-gnu1.
* gnu/packages/patches/icecat-CVE-2015-0797.patch, gnu/packages/patches/icecat-CVE-2015-2708-pt1.patch, gnu/packages/patches/icecat-CVE-2015-2708-pt2.patch, gnu/packages/patches/icecat-CVE-2015-2708-pt3.patch, gnu/packages/patches/icecat-CVE-2015-2708-pt4.patch, gnu/packages/patches/icecat-CVE-2015-2710-pt1.patch, gnu/packages/patches/icecat-CVE-2015-2710-pt2.patch, gnu/packages/patches/icecat-CVE-2015-2710-pt3.patch, gnu/packages/patches/icecat-CVE-2015-2713-pt1.patch, gnu/packages/patches/icecat-CVE-2015-2713-pt2.patch, gnu/packages/patches/icecat-CVE-2015-2716.patch: Remove files. * gnu-system.am (dist_patch_DATA): Remove them. * gnu/packages/gnuzilla.scm (icecat): Update to 31.7.0-gnu1. Remove patches.
Diffstat (limited to 'gnu/packages/patches/icecat-CVE-2015-2716.patch')
| -rw-r--r-- | gnu/packages/patches/icecat-CVE-2015-2716.patch | 62 |
1 files changed, 0 insertions, 62 deletions
diff --git a/gnu/packages/patches/icecat-CVE-2015-2716.patch b/gnu/packages/patches/icecat-CVE-2015-2716.patch deleted file mode 100644 index ce036a0921..0000000000 --- a/gnu/packages/patches/icecat-CVE-2015-2716.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 9dcb4563847cb6e2a8112dca03d2684907f96313 Mon Sep 17 00:00:00 2001 -From: Eric Rahm <erahm@mozilla.com> -Date: Fri, 10 Apr 2015 15:50:23 -0700 -Subject: [PATCH] Bug 1140537 - Sanity check size calculations. r=peterv, - a=abillings - ---- - parser/expat/lib/xmlparse.c | 23 +++++++++++++++++++++-- - 1 file changed, 21 insertions(+), 2 deletions(-) - -diff --git a/parser/expat/lib/xmlparse.c b/parser/expat/lib/xmlparse.c -index 70acf1a..436b735 100644 ---- a/parser/expat/lib/xmlparse.c -+++ b/parser/expat/lib/xmlparse.c -@@ -1651,6 +1651,12 @@ XML_ParseBuffer(XML_Parser parser, int len, int isFinal) - void * XMLCALL - XML_GetBuffer(XML_Parser parser, int len) - { -+/* BEGIN MOZILLA CHANGE (sanity check len) */ -+ if (len < 0) { -+ errorCode = XML_ERROR_NO_MEMORY; -+ return NULL; -+ } -+/* END MOZILLA CHANGE */ - switch (ps_parsing) { - case XML_SUSPENDED: - errorCode = XML_ERROR_SUSPENDED; -@@ -1662,8 +1668,13 @@ XML_GetBuffer(XML_Parser parser, int len) - } - - if (len > bufferLim - bufferEnd) { -- /* FIXME avoid integer overflow */ - int neededSize = len + (int)(bufferEnd - bufferPtr); -+/* BEGIN MOZILLA CHANGE (sanity check neededSize) */ -+ if (neededSize < 0) { -+ errorCode = XML_ERROR_NO_MEMORY; -+ return NULL; -+ } -+/* END MOZILLA CHANGE */ - #ifdef XML_CONTEXT_BYTES - int keep = (int)(bufferPtr - buffer); - -@@ -1692,7 +1703,15 @@ XML_GetBuffer(XML_Parser parser, int len) - bufferSize = INIT_BUFFER_SIZE; - do { - bufferSize *= 2; -- } while (bufferSize < neededSize); -+/* BEGIN MOZILLA CHANGE (prevent infinite loop on overflow) */ -+ } while (bufferSize < neededSize && bufferSize > 0); -+/* END MOZILLA CHANGE */ -+/* BEGIN MOZILLA CHANGE (sanity check bufferSize) */ -+ if (bufferSize <= 0) { -+ errorCode = XML_ERROR_NO_MEMORY; -+ return NULL; -+ } -+/* END MOZILLA CHANGE */ - newBuf = (char *)MALLOC(bufferSize); - if (newBuf == 0) { - errorCode = XML_ERROR_NO_MEMORY; --- -2.2.1 - |