diff options
author | Mark H Weaver <mhw@netris.org> | 2016-10-10 23:15:32 -0400 |
---|---|---|
committer | Mark H Weaver <mhw@netris.org> | 2016-10-11 12:59:26 -0400 |
commit | bfb48f4f33583f58392a05f1d6cbf559156293ed (patch) | |
tree | 450023fcf5720c000268b6b64d4aa77356453cf7 /gnu/packages/patches/icecat-CVE-2016-2818-pt5.patch | |
parent | b25f060fbde97bd4f9863c8521396639d53b8831 (diff) | |
download | guix-bfb48f4f33583f58392a05f1d6cbf559156293ed.tar.gz |
gnu: icecat: Update to 45.3.0-gnu1-beta. Add fixes from Firefox ESR 45.4.0.
Includes fixes for CVE-2016-5250, CVE-2016-5257, CVE-2016-5261, CVE-2016-5270, CVE-2016-5272, CVE-2016-5274, CVE-2016-5276, CVE-2016-5277, CVE-2016-5278, CVE-2016-5280, CVE-2016-5281, and CVE-2016-5284. * gnu/packages/gnuzilla.scm (mozilla-patch): New procedure. (icecat): Update to 45.3.0-gnu1. [source]: Add alternate source URI for the beta release. Update patches. [inputs]: Replace 'sqlite' input with a customized sqlite with SQLITE_ENABLE_DBSTAT_VTAB support. [native-inputs]: Add 'which'. * gnu/packages/patches/icecat-avoid-bundled-includes.patch: Rename to... * gnu/packages/patches/icecat-avoid-bundled-libraries.patch: ... and adapt to version 45. * gnu/packages/patches/icecat-CVE-2016-2818-pt1.patch, gnu/packages/patches/icecat-CVE-2016-2818-pt2.patch, gnu/packages/patches/icecat-CVE-2016-2818-pt3.patch, gnu/packages/patches/icecat-CVE-2016-2818-pt4.patch, gnu/packages/patches/icecat-CVE-2016-2818-pt5.patch, gnu/packages/patches/icecat-CVE-2016-2818-pt6.patch, gnu/packages/patches/icecat-CVE-2016-2818-pt7.patch, gnu/packages/patches/icecat-CVE-2016-2818-pt8.patch, gnu/packages/patches/icecat-CVE-2016-2818-pt9.patch, gnu/packages/patches/icecat-CVE-2016-2819.patch, gnu/packages/patches/icecat-CVE-2016-2821.patch, gnu/packages/patches/icecat-CVE-2016-2824.patch, gnu/packages/patches/icecat-CVE-2016-2828.patch, gnu/packages/patches/icecat-CVE-2016-2831.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Update accordingly.
Diffstat (limited to 'gnu/packages/patches/icecat-CVE-2016-2818-pt5.patch')
-rw-r--r-- | gnu/packages/patches/icecat-CVE-2016-2818-pt5.patch | 266 |
1 files changed, 0 insertions, 266 deletions
diff --git a/gnu/packages/patches/icecat-CVE-2016-2818-pt5.patch b/gnu/packages/patches/icecat-CVE-2016-2818-pt5.patch deleted file mode 100644 index cd98d0b28b..0000000000 --- a/gnu/packages/patches/icecat-CVE-2016-2818-pt5.patch +++ /dev/null @@ -1,266 +0,0 @@ - changeset: 312063:88bea96c802a - user: Andrea Marchesini <amarchesini@mozilla.com> - Date: Tue May 10 10:52:19 2016 +0200 - summary: Bug 1267130 - Improve the URL segment calculation, r=valentin a=ritu - -diff -r 28dcecced055 -r 88bea96c802a netwerk/base/nsStandardURL.cpp ---- a/netwerk/base/nsStandardURL.cpp Wed May 18 11:55:29 2016 +1200 -+++ b/netwerk/base/nsStandardURL.cpp Tue May 10 10:52:19 2016 +0200 -@@ -475,19 +475,28 @@ - } - - uint32_t --nsStandardURL::AppendSegmentToBuf(char *buf, uint32_t i, const char *str, URLSegment &seg, const nsCString *escapedStr, bool useEscaped) -+nsStandardURL::AppendSegmentToBuf(char *buf, uint32_t i, const char *str, -+ const URLSegment &segInput, URLSegment &segOutput, -+ const nsCString *escapedStr, -+ bool useEscaped, int32_t *diff) - { -- if (seg.mLen > 0) { -+ MOZ_ASSERT(segInput.mLen == segOutput.mLen); -+ -+ if (diff) *diff = 0; -+ -+ if (segInput.mLen > 0) { - if (useEscaped) { -- seg.mLen = escapedStr->Length(); -- memcpy(buf + i, escapedStr->get(), seg.mLen); -+ MOZ_ASSERT(diff); -+ segOutput.mLen = escapedStr->Length(); -+ *diff = segOutput.mLen - segInput.mLen; -+ memcpy(buf + i, escapedStr->get(), segOutput.mLen); -+ } else { -+ memcpy(buf + i, str + segInput.mPos, segInput.mLen); - } -- else -- memcpy(buf + i, str + seg.mPos, seg.mLen); -- seg.mPos = i; -- i += seg.mLen; -+ segOutput.mPos = i; -+ i += segOutput.mLen; - } else { -- seg.mPos = i; -+ segOutput.mPos = i; - } - return i; - } -@@ -598,6 +607,20 @@ - } - } - -+ // We must take a copy of every single segment because they are pointing to -+ // the |spec| while we are changing their value, in case we must use -+ // encoded strings. -+ URLSegment username(mUsername); -+ URLSegment password(mPassword); -+ URLSegment host(mHost); -+ URLSegment path(mPath); -+ URLSegment filepath(mFilepath); -+ URLSegment directory(mDirectory); -+ URLSegment basename(mBasename); -+ URLSegment extension(mExtension); -+ URLSegment query(mQuery); -+ URLSegment ref(mRef); -+ - // - // generate the normalized URL string - // -@@ -607,9 +630,10 @@ - char *buf; - mSpec.BeginWriting(buf); - uint32_t i = 0; -+ int32_t diff = 0; - - if (mScheme.mLen > 0) { -- i = AppendSegmentToBuf(buf, i, spec, mScheme); -+ i = AppendSegmentToBuf(buf, i, spec, mScheme, mScheme); - net_ToLowerCase(buf + mScheme.mPos, mScheme.mLen); - i = AppendToBuf(buf, i, "://", 3); - } -@@ -619,15 +643,22 @@ - - // append authority - if (mUsername.mLen > 0) { -- i = AppendSegmentToBuf(buf, i, spec, mUsername, &encUsername, useEncUsername); -- if (mPassword.mLen >= 0) { -+ i = AppendSegmentToBuf(buf, i, spec, username, mUsername, -+ &encUsername, useEncUsername, &diff); -+ ShiftFromPassword(diff); -+ if (password.mLen >= 0) { - buf[i++] = ':'; -- i = AppendSegmentToBuf(buf, i, spec, mPassword, &encPassword, useEncPassword); -+ i = AppendSegmentToBuf(buf, i, spec, password, mPassword, -+ &encPassword, useEncPassword, &diff); -+ ShiftFromHost(diff); - } - buf[i++] = '@'; - } -- if (mHost.mLen > 0) { -- i = AppendSegmentToBuf(buf, i, spec, mHost, &encHost, useEncHost); -+ if (host.mLen > 0) { -+ i = AppendSegmentToBuf(buf, i, spec, host, mHost, &encHost, useEncHost, -+ &diff); -+ ShiftFromPath(diff); -+ - net_ToLowerCase(buf + mHost.mPos, mHost.mLen); - MOZ_ASSERT(mPort >= -1, "Invalid negative mPort"); - if (mPort != -1 && mPort != mDefaultPort) { -@@ -652,21 +683,23 @@ - } - else { - uint32_t leadingSlash = 0; -- if (spec[mPath.mPos] != '/') { -+ if (spec[path.mPos] != '/') { - LOG(("adding leading slash to path\n")); - leadingSlash = 1; - buf[i++] = '/'; - // basename must exist, even if empty (bugs 113508, 429347) - if (mBasename.mLen == -1) { -- mBasename.mPos = i; -- mBasename.mLen = 0; -+ mBasename.mPos = basename.mPos = i; -+ mBasename.mLen = basename.mLen = 0; - } - } - - // record corrected (file)path starting position - mPath.mPos = mFilepath.mPos = i - leadingSlash; - -- i = AppendSegmentToBuf(buf, i, spec, mDirectory, &encDirectory, useEncDirectory); -+ i = AppendSegmentToBuf(buf, i, spec, directory, mDirectory, -+ &encDirectory, useEncDirectory, &diff); -+ ShiftFromBasename(diff); - - // the directory must end with a '/' - if (buf[i-1] != '/') { -@@ -674,7 +707,9 @@ - mDirectory.mLen++; - } - -- i = AppendSegmentToBuf(buf, i, spec, mBasename, &encBasename, useEncBasename); -+ i = AppendSegmentToBuf(buf, i, spec, basename, mBasename, -+ &encBasename, useEncBasename, &diff); -+ ShiftFromExtension(diff); - - // make corrections to directory segment if leadingSlash - if (leadingSlash) { -@@ -687,18 +722,24 @@ - - if (mExtension.mLen >= 0) { - buf[i++] = '.'; -- i = AppendSegmentToBuf(buf, i, spec, mExtension, &encExtension, useEncExtension); -+ i = AppendSegmentToBuf(buf, i, spec, extension, mExtension, -+ &encExtension, useEncExtension, &diff); -+ ShiftFromQuery(diff); - } - // calculate corrected filepath length - mFilepath.mLen = i - mFilepath.mPos; - - if (mQuery.mLen >= 0) { - buf[i++] = '?'; -- i = AppendSegmentToBuf(buf, i, spec, mQuery, &encQuery, useEncQuery); -+ i = AppendSegmentToBuf(buf, i, spec, query, mQuery, -+ &encQuery, useEncQuery, -+ &diff); -+ ShiftFromRef(diff); - } - if (mRef.mLen >= 0) { - buf[i++] = '#'; -- i = AppendSegmentToBuf(buf, i, spec, mRef, &encRef, useEncRef); -+ i = AppendSegmentToBuf(buf, i, spec, ref, mRef, &encRef, useEncRef, -+ &diff); - } - // calculate corrected path length - mPath.mLen = i - mPath.mPos; -@@ -953,6 +994,39 @@ - #undef GOT_PREF - } - -+#define SHIFT_FROM(name, what) \ -+void \ -+nsStandardURL::name(int32_t diff) \ -+{ \ -+ if (!diff) return; \ -+ if (what.mLen >= 0) { \ -+ CheckedInt<int32_t> pos = what.mPos; \ -+ pos += diff; \ -+ MOZ_ASSERT(pos.isValid()); \ -+ what.mPos = pos.value(); \ -+ } -+ -+#define SHIFT_FROM_NEXT(name, what, next) \ -+ SHIFT_FROM(name, what) \ -+ next(diff); \ -+} -+ -+#define SHIFT_FROM_LAST(name, what) \ -+ SHIFT_FROM(name, what) \ -+} -+ -+SHIFT_FROM_NEXT(ShiftFromAuthority, mAuthority, ShiftFromUsername) -+SHIFT_FROM_NEXT(ShiftFromUsername, mUsername, ShiftFromPassword) -+SHIFT_FROM_NEXT(ShiftFromPassword, mPassword, ShiftFromHost) -+SHIFT_FROM_NEXT(ShiftFromHost, mHost, ShiftFromPath) -+SHIFT_FROM_NEXT(ShiftFromPath, mPath, ShiftFromFilepath) -+SHIFT_FROM_NEXT(ShiftFromFilepath, mFilepath, ShiftFromDirectory) -+SHIFT_FROM_NEXT(ShiftFromDirectory, mDirectory, ShiftFromBasename) -+SHIFT_FROM_NEXT(ShiftFromBasename, mBasename, ShiftFromExtension) -+SHIFT_FROM_NEXT(ShiftFromExtension, mExtension, ShiftFromQuery) -+SHIFT_FROM_NEXT(ShiftFromQuery, mQuery, ShiftFromRef) -+SHIFT_FROM_LAST(ShiftFromRef, mRef) -+ - //---------------------------------------------------------------------------- - // nsStandardURL::nsISupports - //---------------------------------------------------------------------------- -diff -r 28dcecced055 -r 88bea96c802a netwerk/base/nsStandardURL.h ---- a/netwerk/base/nsStandardURL.h Wed May 18 11:55:29 2016 +1200 -+++ b/netwerk/base/nsStandardURL.h Tue May 10 10:52:19 2016 +0200 -@@ -77,6 +77,7 @@ - - URLSegment() : mPos(0), mLen(-1) {} - URLSegment(uint32_t pos, int32_t len) : mPos(pos), mLen(len) {} -+ URLSegment(const URLSegment& aCopy) : mPos(aCopy.mPos), mLen(aCopy.mLen) {} - void Reset() { mPos = 0; mLen = -1; } - // Merge another segment following this one to it if they're contiguous - // Assumes we have something like "foo;bar" where this object is 'foo' and right -@@ -177,7 +178,10 @@ - bool NormalizeIDN(const nsCSubstring &host, nsCString &result); - void CoalescePath(netCoalesceFlags coalesceFlag, char *path); - -- uint32_t AppendSegmentToBuf(char *, uint32_t, const char *, URLSegment &, const nsCString *esc=nullptr, bool useEsc = false); -+ uint32_t AppendSegmentToBuf(char *, uint32_t, const char *, -+ const URLSegment &input, URLSegment &output, -+ const nsCString *esc=nullptr, -+ bool useEsc = false, int32_t* diff = nullptr); - uint32_t AppendToBuf(char *, uint32_t, const char *, uint32_t); - - nsresult BuildNormalizedSpec(const char *spec); -@@ -216,17 +220,17 @@ - const nsDependentCSubstring Ref() { return Segment(mRef); } - - // shift the URLSegments to the right by diff -- void ShiftFromAuthority(int32_t diff) { mAuthority.mPos += diff; ShiftFromUsername(diff); } -- void ShiftFromUsername(int32_t diff) { mUsername.mPos += diff; ShiftFromPassword(diff); } -- void ShiftFromPassword(int32_t diff) { mPassword.mPos += diff; ShiftFromHost(diff); } -- void ShiftFromHost(int32_t diff) { mHost.mPos += diff; ShiftFromPath(diff); } -- void ShiftFromPath(int32_t diff) { mPath.mPos += diff; ShiftFromFilepath(diff); } -- void ShiftFromFilepath(int32_t diff) { mFilepath.mPos += diff; ShiftFromDirectory(diff); } -- void ShiftFromDirectory(int32_t diff) { mDirectory.mPos += diff; ShiftFromBasename(diff); } -- void ShiftFromBasename(int32_t diff) { mBasename.mPos += diff; ShiftFromExtension(diff); } -- void ShiftFromExtension(int32_t diff) { mExtension.mPos += diff; ShiftFromQuery(diff); } -- void ShiftFromQuery(int32_t diff) { mQuery.mPos += diff; ShiftFromRef(diff); } -- void ShiftFromRef(int32_t diff) { mRef.mPos += diff; } -+ void ShiftFromAuthority(int32_t diff); -+ void ShiftFromUsername(int32_t diff); -+ void ShiftFromPassword(int32_t diff); -+ void ShiftFromHost(int32_t diff); -+ void ShiftFromPath(int32_t diff); -+ void ShiftFromFilepath(int32_t diff); -+ void ShiftFromDirectory(int32_t diff); -+ void ShiftFromBasename(int32_t diff); -+ void ShiftFromExtension(int32_t diff); -+ void ShiftFromQuery(int32_t diff); -+ void ShiftFromRef(int32_t diff); - - // fastload helper functions - nsresult ReadSegment(nsIBinaryInputStream *, URLSegment &); |