svn commit: r462554 - in head/www/waterfox: . files
Jan Beich
jbeich at FreeBSD.org
Thu Feb 22 00:59:44 UTC 2018
Author: jbeich
Date: Thu Feb 22 00:59:42 2018
New Revision: 462554
URL: https://svnweb.freebsd.org/changeset/ports/462554
Log:
www/waterfox: apply some FF59 fixes
Added:
head/www/waterfox/files/patch-bug1388020 (contents, props changed)
head/www/waterfox/files/patch-bug1435566 (contents, props changed)
head/www/waterfox/files/patch-bug1436768 (contents, props changed)
head/www/waterfox/files/patch-bug1437214 (contents, props changed)
head/www/waterfox/files/patch-bug1438645 (contents, props changed)
Modified:
head/www/waterfox/Makefile (contents, props changed)
Modified: head/www/waterfox/Makefile
==============================================================================
--- head/www/waterfox/Makefile Thu Feb 22 00:59:19 2018 (r462553)
+++ head/www/waterfox/Makefile Thu Feb 22 00:59:42 2018 (r462554)
@@ -2,7 +2,7 @@
PORTNAME= waterfox
DISTVERSION= 56.0.4
-PORTREVISION= 5
+PORTREVISION= 6
CATEGORIES= www ipv6
MAINTAINER= jbeich at FreeBSD.org
Added: head/www/waterfox/files/patch-bug1388020
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/www/waterfox/files/patch-bug1388020 Thu Feb 22 00:59:42 2018 (r462554)
@@ -0,0 +1,439 @@
+commit 56cb3a82e6f1
+Author: Andrew Osmond <aosmond at mozilla.com>
+Date: Wed Feb 7 09:33:12 2018 -0500
+
+ Bug 1388020. r=nical a=RyanVM
+
+ --HG--
+ extra : source : fd15c14e5efb1874591f4e113c1ae1c49154804f
+---
+ gfx/layers/client/TextureClient.h | 2 +-
+ gfx/layers/composite/TextureHost.cpp | 65 +++++++++++++++++++-----
+ gfx/layers/composite/X11TextureHost.cpp | 13 +++--
+ gfx/layers/d3d11/TextureD3D11.cpp | 6 +--
+ gfx/layers/opengl/MacIOSurfaceTextureHostOGL.cpp | 8 +++
+ gfx/layers/opengl/TextureHostOGL.cpp | 25 ++-------
+ gfx/tests/gtest/TestLayers.h | 16 ++++++
+ gfx/tests/gtest/TestTextureCompatibility.cpp | 12 +++--
+ gfx/tests/gtest/TestTextures.cpp | 7 ++-
+ gfx/tests/gtest/TextureHelper.h | 3 +-
+ 10 files changed, 108 insertions(+), 49 deletions(-)
+
+diff --git gfx/layers/client/TextureClient.h gfx/layers/client/TextureClient.h
+index e56ea21841ad..81be2867ca7a 100644
+--- gfx/layers/client/TextureClient.h
++++ gfx/layers/client/TextureClient.h
+@@ -761,7 +761,7 @@ protected:
+ friend void TestTextureClientSurface(TextureClient*, gfxImageSurface*);
+ friend void TestTextureClientYCbCr(TextureClient*, PlanarYCbCrData&);
+ friend already_AddRefed<TextureHost> CreateTextureHostWithBackend(
+- TextureClient*, LayersBackend&);
++ TextureClient*, ISurfaceAllocator*, LayersBackend&);
+
+ #ifdef GFX_DEBUG_TRACK_CLIENTS_IN_POOL
+ public:
+diff --git gfx/layers/composite/TextureHost.cpp gfx/layers/composite/TextureHost.cpp
+index a48a9081e155..e0a74920fbe5 100644
+--- gfx/layers/composite/TextureHost.cpp
++++ gfx/layers/composite/TextureHost.cpp
+@@ -116,15 +116,9 @@ TextureHost::CreateIPDLActor(HostIPCAllocator* aAllocator,
+ uint64_t aSerial,
+ const wr::MaybeExternalImageId& aExternalImageId)
+ {
+- if (aSharedData.type() == SurfaceDescriptor::TSurfaceDescriptorBuffer &&
+- aSharedData.get_SurfaceDescriptorBuffer().data().type() == MemoryOrShmem::Tuintptr_t &&
+- !aAllocator->IsSameProcess())
+- {
+- NS_ERROR("A client process is trying to peek at our address space using a MemoryTexture!");
+- return nullptr;
+- }
+ TextureParent* actor = new TextureParent(aAllocator, aSerial, aExternalImageId);
+ if (!actor->Init(aSharedData, aLayersBackend, aFlags)) {
++ actor->ActorDestroy(ipc::IProtocol::ActorDestroyReason::FailedConstructor);
+ delete actor;
+ return nullptr;
+ }
+@@ -232,6 +226,11 @@ TextureHost::Create(const SurfaceDescriptor& aDesc,
+
+ #ifdef MOZ_X11
+ case SurfaceDescriptor::TSurfaceDescriptorX11: {
++ if (!aDeallocator->IsSameProcess()) {
++ NS_ERROR("A client process is trying to peek at our address space using a X11Texture!");
++ return nullptr;
++ }
++
+ const SurfaceDescriptorX11& desc = aDesc.get_SurfaceDescriptorX11();
+ result = MakeAndAddRef<X11TextureHost>(aFlags, desc);
+ break;
+@@ -248,7 +247,7 @@ TextureHost::Create(const SurfaceDescriptor& aDesc,
+ MOZ_CRASH("GFX: Unsupported Surface type host");
+ }
+
+- if (WrapWithWebRenderTextureHost(aDeallocator, aBackend, aFlags)) {
++ if (result && WrapWithWebRenderTextureHost(aDeallocator, aBackend, aFlags)) {
+ MOZ_ASSERT(aExternalImageId.isSome());
+ result = new WebRenderTextureHost(aDesc, aFlags, result, aExternalImageId.ref());
+ }
+@@ -269,13 +268,50 @@ CreateBackendIndependentTextureHost(const SurfaceDescriptor& aDesc,
+ const MemoryOrShmem& data = bufferDesc.data();
+ switch (data.type()) {
+ case MemoryOrShmem::TShmem: {
+- result = new ShmemTextureHost(data.get_Shmem(),
+- bufferDesc.desc(),
+- aDeallocator,
+- aFlags);
++ const ipc::Shmem& shmem = data.get_Shmem();
++ const BufferDescriptor& desc = bufferDesc.desc();
++ if (!shmem.IsReadable()) {
++ // We failed to map the shmem so we can't verify its size. This
++ // should not be a fatal error, so just create the texture with
++ // nothing backing it.
++ result = new ShmemTextureHost(shmem, desc, aDeallocator, aFlags);
++ break;
++ }
++
++ size_t bufSize = shmem.Size<char>();
++ size_t reqSize = SIZE_MAX;
++ switch (desc.type()) {
++ case BufferDescriptor::TYCbCrDescriptor: {
++ const YCbCrDescriptor& ycbcr = desc.get_YCbCrDescriptor();
++ reqSize =
++ ImageDataSerializer::ComputeYCbCrBufferSize(ycbcr.ySize(), ycbcr.yStride(),
++ ycbcr.cbCrSize(), ycbcr.cbCrStride());
++ break;
++ }
++ case BufferDescriptor::TRGBDescriptor: {
++ const RGBDescriptor& rgb = desc.get_RGBDescriptor();
++ reqSize = ImageDataSerializer::ComputeRGBBufferSize(rgb.size(), rgb.format());
++ break;
++ }
++ default:
++ gfxCriticalError() << "Bad buffer host descriptor " << (int)desc.type();
++ MOZ_CRASH("GFX: Bad descriptor");
++ }
++
++ if (bufSize < reqSize) {
++ NS_ERROR("A client process gave a shmem too small to fit for its descriptor!");
++ return nullptr;
++ }
++
++ result = new ShmemTextureHost(shmem, desc, aDeallocator, aFlags);
+ break;
+ }
+ case MemoryOrShmem::Tuintptr_t: {
++ if (!aDeallocator->IsSameProcess()) {
++ NS_ERROR("A client process is trying to peek at our address space using a MemoryTexture!");
++ return nullptr;
++ }
++
+ result = new MemoryTextureHost(reinterpret_cast<uint8_t*>(data.get_uintptr_t()),
+ bufferDesc.desc(),
+ aFlags);
+@@ -293,6 +329,11 @@ CreateBackendIndependentTextureHost(const SurfaceDescriptor& aDesc,
+ }
+ #ifdef XP_WIN
+ case SurfaceDescriptor::TSurfaceDescriptorDIB: {
++ if (!aDeallocator->IsSameProcess()) {
++ NS_ERROR("A client process is trying to peek at our address space using a DIBTexture!");
++ return nullptr;
++ }
++
+ result = new DIBTextureHost(aFlags, aDesc);
+ break;
+ }
+diff --git gfx/layers/composite/X11TextureHost.cpp gfx/layers/composite/X11TextureHost.cpp
+index e2251f0c531a..94cb3f2f9594 100644
+--- gfx/layers/composite/X11TextureHost.cpp
++++ gfx/layers/composite/X11TextureHost.cpp
+@@ -23,10 +23,9 @@ X11TextureHost::X11TextureHost(TextureFlags aFlags,
+ const SurfaceDescriptorX11& aDescriptor)
+ : TextureHost(aFlags)
+ {
+- RefPtr<gfxXlibSurface> surface = aDescriptor.OpenForeign();
+- mSurface = surface.get();
++ mSurface = aDescriptor.OpenForeign();
+
+- if (!(aFlags & TextureFlags::DEALLOCATE_CLIENT)) {
++ if (mSurface && !(aFlags & TextureFlags::DEALLOCATE_CLIENT)) {
+ mSurface->TakePixmap();
+ }
+ }
+@@ -34,7 +33,7 @@ X11TextureHost::X11TextureHost(TextureFlags aFlags,
+ bool
+ X11TextureHost::Lock()
+ {
+- if (!mCompositor) {
++ if (!mCompositor || !mSurface) {
+ return false;
+ }
+
+@@ -75,6 +74,9 @@ X11TextureHost::SetTextureSourceProvider(TextureSourceProvider* aProvider)
+ SurfaceFormat
+ X11TextureHost::GetFormat() const
+ {
++ if (!mSurface) {
++ return SurfaceFormat::UNKNOWN;
++ }
+ gfxContentType type = mSurface->GetContentType();
+ #ifdef GL_PROVIDER_GLX
+ if (mCompositor->GetBackendType() == LayersBackend::LAYERS_OPENGL) {
+@@ -87,6 +89,9 @@ X11TextureHost::GetFormat() const
+ IntSize
+ X11TextureHost::GetSize() const
+ {
++ if (!mSurface) {
++ return IntSize();
++ }
+ return mSurface->GetSize();
+ }
+
+diff --git gfx/layers/d3d11/TextureD3D11.cpp gfx/layers/d3d11/TextureD3D11.cpp
+index 379686418ef0..4ad758849b93 100644
+--- gfx/layers/d3d11/TextureD3D11.cpp
++++ gfx/layers/d3d11/TextureD3D11.cpp
+@@ -763,10 +763,6 @@ CreateTextureHostD3D11(const SurfaceDescriptor& aDesc,
+ {
+ RefPtr<TextureHost> result;
+ switch (aDesc.type()) {
+- case SurfaceDescriptor::TSurfaceDescriptorBuffer: {
+- result = CreateBackendIndependentTextureHost(aDesc, aDeallocator, aBackend, aFlags);
+- break;
+- }
+ case SurfaceDescriptor::TSurfaceDescriptorD3D10: {
+ result = new DXGITextureHostD3D11(aFlags,
+ aDesc.get_SurfaceDescriptorD3D10());
+@@ -778,7 +774,7 @@ CreateTextureHostD3D11(const SurfaceDescriptor& aDesc,
+ break;
+ }
+ default: {
+- NS_WARNING("Unsupported SurfaceDescriptor type");
++ MOZ_ASSERT_UNREACHABLE("Unsupported SurfaceDescriptor type");
+ }
+ }
+ return result.forget();
+diff --git gfx/layers/opengl/MacIOSurfaceTextureHostOGL.cpp gfx/layers/opengl/MacIOSurfaceTextureHostOGL.cpp
+index 291b0eb3d0dc..f363bb5a7cf7 100644
+--- gfx/layers/opengl/MacIOSurfaceTextureHostOGL.cpp
++++ gfx/layers/opengl/MacIOSurfaceTextureHostOGL.cpp
+@@ -32,6 +32,8 @@ MacIOSurfaceTextureHostOGL::~MacIOSurfaceTextureHostOGL()
+ GLTextureSource*
+ MacIOSurfaceTextureHostOGL::CreateTextureSourceForPlane(size_t aPlane)
+ {
++ MOZ_ASSERT(mSurface);
++
+ GLuint textureHandle;
+ gl::GLContext* gl = mProvider->GetGLContext();
+ gl->fGenTextures(1, &textureHandle);
+@@ -94,11 +96,17 @@ MacIOSurfaceTextureHostOGL::SetTextureSourceProvider(TextureSourceProvider* aPro
+
+ gfx::SurfaceFormat
+ MacIOSurfaceTextureHostOGL::GetFormat() const {
++ if (!mSurface) {
++ return gfx::SurfaceFormat::UNKNOWN;
++ }
+ return mSurface->GetFormat();
+ }
+
+ gfx::SurfaceFormat
+ MacIOSurfaceTextureHostOGL::GetReadFormat() const {
++ if (!mSurface) {
++ return gfx::SurfaceFormat::UNKNOWN;
++ }
+ return mSurface->GetReadFormat();
+ }
+
+diff --git gfx/layers/opengl/TextureHostOGL.cpp gfx/layers/opengl/TextureHostOGL.cpp
+index bdcd8778c10d..2b28c19a126d 100644
+--- gfx/layers/opengl/TextureHostOGL.cpp
++++ gfx/layers/opengl/TextureHostOGL.cpp
+@@ -26,10 +26,6 @@
+ #include "mozilla/layers/MacIOSurfaceTextureHostOGL.h"
+ #endif
+
+-#ifdef GL_PROVIDER_GLX
+-#include "mozilla/layers/X11TextureHost.h"
+-#endif
+-
+ using namespace mozilla::gl;
+ using namespace mozilla::gfx;
+
+@@ -46,14 +42,6 @@ CreateTextureHostOGL(const SurfaceDescriptor& aDesc,
+ {
+ RefPtr<TextureHost> result;
+ switch (aDesc.type()) {
+- case SurfaceDescriptor::TSurfaceDescriptorBuffer: {
+- result = CreateBackendIndependentTextureHost(aDesc,
+- aDeallocator,
+- aBackend,
+- aFlags);
+- break;
+- }
+-
+ #ifdef MOZ_WIDGET_ANDROID
+ case SurfaceDescriptor::TSurfaceTextureDescriptor: {
+ const SurfaceTextureDescriptor& desc = aDesc.get_SurfaceTextureDescriptor();
+@@ -88,14 +76,6 @@ CreateTextureHostOGL(const SurfaceDescriptor& aDesc,
+ }
+ #endif
+
+-#ifdef GL_PROVIDER_GLX
+- case SurfaceDescriptor::TSurfaceDescriptorX11: {
+- const auto& desc = aDesc.get_SurfaceDescriptorX11();
+- result = new X11TextureHost(aFlags, desc);
+- break;
+- }
+-#endif
+-
+ case SurfaceDescriptor::TSurfaceDescriptorSharedGLTexture: {
+ const auto& desc = aDesc.get_SurfaceDescriptorSharedGLTexture();
+ result = new GLTextureHost(aFlags, desc.texture(),
+@@ -105,7 +85,10 @@ CreateTextureHostOGL(const SurfaceDescriptor& aDesc,
+ desc.hasAlpha());
+ break;
+ }
+- default: return nullptr;
++ default: {
++ MOZ_ASSERT_UNREACHABLE("Unsupported SurfaceDescriptor type");
++ break;
++ }
+ }
+ return result.forget();
+ }
+diff --git gfx/tests/gtest/TestLayers.h gfx/tests/gtest/TestLayers.h
+index 18e351f7718c..fc6b750f1c62 100644
+--- gfx/tests/gtest/TestLayers.h
++++ gfx/tests/gtest/TestLayers.h
+@@ -8,6 +8,22 @@
+
+ #include "Layers.h"
+ #include "nsTArray.h"
++#include "mozilla/layers/ISurfaceAllocator.h"
++
++namespace mozilla {
++namespace layers {
++
++class TestSurfaceAllocator final : public ISurfaceAllocator
++{
++public:
++ TestSurfaceAllocator() {}
++ ~TestSurfaceAllocator() override {}
++
++ bool IsSameProcess() const override { return true; }
++};
++
++} // layers
++} // mozilla
+
+ /* Create layer tree from a simple layer tree description syntax.
+ * Each index is either the first letter of the layer type or
+diff --git gfx/tests/gtest/TestTextureCompatibility.cpp gfx/tests/gtest/TestTextureCompatibility.cpp
+index 45db4943ed1c..0815823b81ce 100644
+--- gfx/tests/gtest/TestTextureCompatibility.cpp
++++ gfx/tests/gtest/TestTextureCompatibility.cpp
+@@ -14,6 +14,7 @@
+ #include "mozilla/layers/TextureClient.h"
+ #include "mozilla/layers/TextureHost.h"
+ #include "mozilla/RefPtr.h"
++#include "TestLayers.h"
+ #include "TextureHelper.h"
+
+ using mozilla::gfx::Feature;
+@@ -22,6 +23,7 @@ using mozilla::layers::BasicCompositor;
+ using mozilla::layers::Compositor;
+ using mozilla::layers::CompositorOptions;
+ using mozilla::layers::LayersBackend;
++using mozilla::layers::TestSurfaceAllocator;
+ using mozilla::layers::TextureClient;
+ using mozilla::layers::TextureHost;
+ using mozilla::widget::CompositorWidget;
+@@ -31,8 +33,9 @@ using mozilla::widget::InProcessCompositorWidget;
+ * This function will create the possible TextureClient and TextureHost pairs
+ * according to the given backend.
+ */
+-void
++static void
+ CreateTextureWithBackend(LayersBackend& aLayersBackend,
++ ISurfaceAllocator* aDeallocator,
+ nsTArray<RefPtr<TextureClient>>& aTextureClients,
+ nsTArray<RefPtr<TextureHost>>& aTextureHosts)
+ {
+@@ -43,7 +46,8 @@ CreateTextureWithBackend(LayersBackend& aLayersBackend,
+
+ for (uint32_t i = 0; i < aTextureClients.Length(); i++) {
+ aTextureHosts.AppendElement(
+- CreateTextureHostWithBackend(aTextureClients[i], aLayersBackend));
++ CreateTextureHostWithBackend(aTextureClients[i], aDeallocator,
++ aLayersBackend));
+ }
+ }
+
+@@ -115,13 +119,15 @@ CheckCompatibilityWithBasicCompositor(LayersBackend aBackends,
+ TEST(Gfx, TestTextureCompatibility)
+ {
+ nsTArray<LayersBackend> backendHints;
++ RefPtr<TestSurfaceAllocator> deallocator = new TestSurfaceAllocator();
+
+ GetPlatformBackends(backendHints);
+ for (uint32_t i = 0; i < backendHints.Length(); i++) {
+ nsTArray<RefPtr<TextureClient>> textureClients;
+ nsTArray<RefPtr<TextureHost>> textureHosts;
+
+- CreateTextureWithBackend(backendHints[i], textureClients, textureHosts);
++ CreateTextureWithBackend(backendHints[i], deallocator,
++ textureClients, textureHosts);
+ CheckCompatibilityWithBasicCompositor(backendHints[i], textureHosts);
+ }
+ }
+diff --git gfx/tests/gtest/TestTextures.cpp gfx/tests/gtest/TestTextures.cpp
+index 19b94b867117..291eb55ca7e5 100644
+--- gfx/tests/gtest/TestTextures.cpp
++++ gfx/tests/gtest/TestTextures.cpp
+@@ -5,6 +5,7 @@
+
+ #include "gtest/gtest.h"
+ #include "gmock/gmock.h"
++#include "TestLayers.h"
+
+ #include "mozilla/gfx/2D.h"
+ #include "mozilla/gfx/Tools.h"
+@@ -147,7 +148,8 @@ void TestTextureClientSurface(TextureClient* texture, gfxImageSurface* surface)
+ ASSERT_NE(descriptor.type(), SurfaceDescriptor::Tnull_t);
+
+ // host deserialization
+- RefPtr<TextureHost> host = CreateBackendIndependentTextureHost(descriptor, nullptr,
++ RefPtr<TestSurfaceAllocator> deallocator = new TestSurfaceAllocator();
++ RefPtr<TextureHost> host = CreateBackendIndependentTextureHost(descriptor, deallocator,
+ LayersBackend::LAYERS_NONE,
+ texture->GetFlags());
+
+@@ -193,7 +195,8 @@ void TestTextureClientYCbCr(TextureClient* client, PlanarYCbCrData& ycbcrData) {
+ ASSERT_EQ(ycbcrDesc.stereoMode(), ycbcrData.mStereoMode);
+
+ // host deserialization
+- RefPtr<TextureHost> textureHost = CreateBackendIndependentTextureHost(descriptor, nullptr,
++ RefPtr<TestSurfaceAllocator> deallocator = new TestSurfaceAllocator();
++ RefPtr<TextureHost> textureHost = CreateBackendIndependentTextureHost(descriptor, deallocator,
+ LayersBackend::LAYERS_NONE,
+ client->GetFlags());
+
+diff --git gfx/tests/gtest/TextureHelper.h gfx/tests/gtest/TextureHelper.h
+index 144a237b17d4..770f7464f829 100644
+--- gfx/tests/gtest/TextureHelper.h
++++ gfx/tests/gtest/TextureHelper.h
+@@ -140,6 +140,7 @@ CreateTextureClientWithBackend(LayersBackend aLayersBackend)
+ */
+ already_AddRefed<TextureHost>
+ CreateTextureHostWithBackend(TextureClient* aClient,
++ ISurfaceAllocator* aDeallocator,
+ LayersBackend& aLayersBackend)
+ {
+ if (!aClient) {
+@@ -153,7 +154,7 @@ CreateTextureHostWithBackend(TextureClient* aClient,
+ aClient->ToSurfaceDescriptor(descriptor);
+
+ wr::MaybeExternalImageId id = Nothing();
+- return TextureHost::Create(descriptor, nullptr, aLayersBackend,
++ return TextureHost::Create(descriptor, aDeallocator, aLayersBackend,
+ aClient->GetFlags(), id);
+ }
+
Added: head/www/waterfox/files/patch-bug1435566
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/www/waterfox/files/patch-bug1435566 Thu Feb 22 00:59:42 2018 (r462554)
@@ -0,0 +1,27 @@
+commit 2d6648d9388d
+Author: Emilio Cobos Álvarez <emilio at crisal.io>
+Date: Thu Feb 15 11:21:55 2018 +0100
+
+ Bug 1435566: Make sure to drop frames for manual NAC from display: contents nodes. r=bz a=RyanVM
+
+ MozReview-Commit-ID: 9CQIueSPwCV
+
+ --HG--
+ extra : source : 3219cd61e87b4f3003079154c437efa87080a917
+---
+ layout/base/nsCSSFrameConstructor.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git layout/base/nsCSSFrameConstructor.cpp layout/base/nsCSSFrameConstructor.cpp
+index 4a45072cbca5..7b6be5f222e8 100644
+--- layout/base/nsCSSFrameConstructor.cpp
++++ layout/base/nsCSSFrameConstructor.cpp
+@@ -8533,7 +8533,7 @@ nsCSSFrameConstructor::ContentRemoved(nsIContent* aContainer,
+ return true;
+ }
+
+- FlattenedChildIterator iter(aChild);
++ StyleChildrenIterator iter(aChild);
+ for (nsIContent* c = iter.GetNextChild(); c; c = iter.GetNextChild()) {
+ if (c->GetPrimaryFrame() || GetDisplayContentsStyleFor(c)) {
+ LAYOUT_PHASE_TEMP_EXIT();
Added: head/www/waterfox/files/patch-bug1436768
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/www/waterfox/files/patch-bug1436768 Thu Feb 22 00:59:42 2018 (r462554)
@@ -0,0 +1,106 @@
+commit 885fcfb6c9fe
+Author: Eric Rahm <erahm at mozilla.com>
+Date: Thu Feb 8 16:25:07 2018 -0800
+
+ Bug 1436768 - Avoid initializing LogModuleManager more than once. r=froydnj a=RyanVM
+
+ This adds some assertions to make the intended usage of LogModuleManager::Init
+ more clear.
+
+ --HG--
+ extra : source : ec9f62910277ae252c3fb32166358419afb96b34
+---
+ xpcom/base/Logging.cpp | 27 +++++++++++++++++++++++----
+ 1 file changed, 23 insertions(+), 4 deletions(-)
+
+diff --git xpcom/base/Logging.cpp xpcom/base/Logging.cpp
+index 9d6a6d9ea861..eca3e97ee61e 100644
+--- xpcom/base/Logging.cpp
++++ xpcom/base/Logging.cpp
+@@ -16,6 +16,7 @@
+ #include "mozilla/Atomics.h"
+ #include "mozilla/Sprintf.h"
+ #include "mozilla/UniquePtrExtensions.h"
++#include "MainThreadUtils.h"
+ #include "nsClassHashtable.h"
+ #include "nsDebug.h"
+ #include "NSPRLogModulesParser.h"
+@@ -179,6 +180,7 @@ public:
+ , mAddTimestamp(false)
+ , mIsSync(false)
+ , mRotate(0)
++ , mInitialized(false)
+ {
+ }
+
+@@ -190,9 +192,17 @@ public:
+
+ /**
+ * Loads config from env vars if present.
++ *
++ * Notes:
++ *
++ * 1) This function is only intended to be called once per session.
++ * 2) None of the functions used in Init should rely on logging.
+ */
+ void Init()
+ {
++ MOZ_DIAGNOSTIC_ASSERT(!mInitialized);
++ mInitialized = true;
++
+ bool shouldAppend = false;
+ bool addTimestamp = false;
+ bool isSync = false;
+@@ -213,8 +223,10 @@ public:
+ }
+ }
+
++ // Need to capture `this` since `sLogModuleManager` is not set until after
++ // initialization is complete.
+ NSPRLogModulesParser(modules,
+- [&shouldAppend, &addTimestamp, &isSync, &rotate]
++ [this, &shouldAppend, &addTimestamp, &isSync, &rotate]
+ (const char* aName, LogLevel aLevel, int32_t aValue) mutable {
+ if (strcmp(aName, "append") == 0) {
+ shouldAppend = true;
+@@ -225,7 +237,7 @@ public:
+ } else if (strcmp(aName, "rotate") == 0) {
+ rotate = (aValue << 20) / kRotateFilesNumber;
+ } else {
+- LogModule::Get(aName)->SetLevel(aLevel);
++ this->CreateOrGetModule(aName)->SetLevel(aLevel);
+ }
+ });
+
+@@ -513,6 +525,7 @@ private:
+ Atomic<bool, Relaxed> mAddTimestamp;
+ Atomic<bool, Relaxed> mIsSync;
+ int32_t mRotate;
++ bool mInitialized;
+ };
+
+ StaticAutoPtr<LogModuleManager> sLogModuleManager;
+@@ -557,6 +570,8 @@ LogModule::Init()
+ {
+ // NB: This method is not threadsafe; it is expected to be called very early
+ // in startup prior to any other threads being run.
++ MOZ_DIAGNOSTIC_ASSERT(NS_IsMainThread());
++
+ if (sLogModuleManager) {
+ // Already initialized.
+ return;
+@@ -565,8 +580,12 @@ LogModule::Init()
+ // NB: We intentionally do not register for ClearOnShutdown as that happens
+ // before all logging is complete. And, yes, that means we leak, but
+ // we're doing that intentionally.
+- sLogModuleManager = new LogModuleManager();
+- sLogModuleManager->Init();
++
++ // Don't assign the pointer until after Init is called. This should help us
++ // detect if any of the functions called by Init somehow rely on logging.
++ auto mgr = new LogModuleManager();
++ mgr->Init();
++ sLogModuleManager = mgr;
+ }
+
+ void
Added: head/www/waterfox/files/patch-bug1437214
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/www/waterfox/files/patch-bug1437214 Thu Feb 22 00:59:42 2018 (r462554)
@@ -0,0 +1,217 @@
+commit 8fdc2449bfe2
+Author: David Keeler <dkeeler at mozilla.com>
+Date: Fri Feb 9 16:35:54 2018 -0800
+
+ bug 1437214 - if PathBuildingStep::Check fails due to a problem with the subject certificate rather than the potential issuer, set keepGoing to false r=jcj a=RyanVM
+
+ MozReview-Commit-ID: DEr4YgXfkOL
+
+ --HG--
+ extra : source : f2669a2b5934ac8e5637c3b96ab1f1dcdf502c00
+---
+ security/pkix/lib/pkixbuild.cpp | 13 ++-
+ security/pkix/test/gtest/pkixbuild_tests.cpp | 163 +++++++++++++++++++++++++++
+ 2 files changed, 174 insertions(+), 2 deletions(-)
+
+diff --git security/pkix/lib/pkixbuild.cpp security/pkix/lib/pkixbuild.cpp
+index fd6a9d5115d4..0b33e3d5ae71 100644
+--- security/pkix/lib/pkixbuild.cpp
++++ security/pkix/lib/pkixbuild.cpp
+@@ -241,7 +241,12 @@ PathBuildingStep::Check(Input potentialIssuerDER,
+ validityDuration, stapledOCSPResponse,
+ subject.GetAuthorityInfoAccess());
+ if (rv != Success) {
+- return RecordResult(rv, keepGoing);
++ // Since this is actually a problem with the current subject certificate
++ // (rather than the issuer), it doesn't make sense to keep going; all
++ // paths through this certificate will fail.
++ Result savedRv = RecordResult(rv, keepGoing);
++ keepGoing = false;
++ return savedRv;
+ }
+
+ if (subject.endEntityOrCA == EndEntityOrCA::MustBeEndEntity) {
+@@ -251,7 +256,11 @@ PathBuildingStep::Check(Input potentialIssuerDER,
+ rv = ExtractSignedCertificateTimestampListFromExtension(*sctExtension,
+ sctList);
+ if (rv != Success) {
+- return RecordResult(rv, keepGoing);
++ // Again, the problem is with this certificate, and all paths through
++ // it will fail.
++ Result savedRv = RecordResult(rv, keepGoing);
++ keepGoing = false;
++ return savedRv;
+ }
+ trustDomain.NoteAuxiliaryExtension(AuxiliaryExtension::EmbeddedSCTList,
+ sctList);
+diff --git security/pkix/test/gtest/pkixbuild_tests.cpp security/pkix/test/gtest/pkixbuild_tests.cpp
+index 64fa4c307c76..5948df7037a8 100644
+--- security/pkix/test/gtest/pkixbuild_tests.cpp
++++ security/pkix/test/gtest/pkixbuild_tests.cpp
+@@ -582,3 +582,166 @@ TEST_F(pkixbuild, CertificateTransparencyExtension)
+ ASSERT_EQ(BytesToByteString(dummySctList),
+ extTrustDomain.signedCertificateTimestamps);
+ }
++
++// This TrustDomain implements a hierarchy like so:
++//
++// A B
++// | |
++// C D
++// \ /
++// E
++//
++// where A is a trust anchor, B is not a trust anchor and has no known issuer, C
++// and D are intermediates with the same subject and subject public key, and E
++// is an end-entity (in practice, the end-entity will be generated by the test
++// functions using this trust domain).
++class MultiplePathTrustDomain: public DefaultCryptoTrustDomain
++{
++public:
++ void SetUpCerts()
++ {
++ ASSERT_FALSE(ENCODING_FAILED(CreateCert("UntrustedRoot", "UntrustedRoot",
++ EndEntityOrCA::MustBeCA,
++ &subjectDERToCertDER)));
++ // The subject DER -> cert DER mapping would be overwritten for subject
++ // "Intermediate" when we create the second "Intermediate" certificate, so
++ // we keep a copy of this "Intermediate".
++ intermediateSignedByUntrustedRootCertDER =
++ CreateCert("UntrustedRoot", "Intermediate", EndEntityOrCA::MustBeCA);
++ ASSERT_FALSE(ENCODING_FAILED(intermediateSignedByUntrustedRootCertDER));
++ rootCACertDER = CreateCert("TrustedRoot", "TrustedRoot",
++ EndEntityOrCA::MustBeCA, &subjectDERToCertDER);
++ ASSERT_FALSE(ENCODING_FAILED(rootCACertDER));
++ ASSERT_FALSE(ENCODING_FAILED(CreateCert("TrustedRoot", "Intermediate",
++ EndEntityOrCA::MustBeCA,
++ &subjectDERToCertDER)));
++ }
++
++private:
++ Result GetCertTrust(EndEntityOrCA, const CertPolicyId&, Input candidateCert,
++ /*out*/ TrustLevel& trustLevel) override
++ {
++ trustLevel = InputEqualsByteString(candidateCert, rootCACertDER)
++ ? TrustLevel::TrustAnchor
++ : TrustLevel::InheritsTrust;
++ return Success;
++ }
++
++ Result CheckCert(ByteString& certDER, IssuerChecker& checker, bool& keepGoing)
++ {
++ Input derCert;
++ Result rv = derCert.Init(certDER.data(), certDER.length());
++ if (rv != Success) {
++ return rv;
++ }
++ return checker.Check(derCert, nullptr/*additionalNameConstraints*/,
++ keepGoing);
++ }
++
++ Result FindIssuer(Input encodedIssuerName, IssuerChecker& checker, Time)
++ override
++ {
++ ByteString subjectDER(InputToByteString(encodedIssuerName));
++ ByteString certDER(subjectDERToCertDER[subjectDER]);
++ assert(!ENCODING_FAILED(certDER));
++ bool keepGoing;
++ Result rv = CheckCert(certDER, checker, keepGoing);
++ if (rv != Success) {
++ return rv;
++ }
++ // Also try the other intermediate.
++ if (keepGoing) {
++ rv = CheckCert(intermediateSignedByUntrustedRootCertDER, checker,
++ keepGoing);
++ if (rv != Success) {
++ return rv;
++ }
++ }
++ return Success;
++ }
++
++ Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration,
++ /*optional*/ const Input*,
++ /*optional*/ const Input*) override
++ {
++ return Success;
++ }
++
++ Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override
++ {
++ return Success;
++ }
++
++ std::map<ByteString, ByteString> subjectDERToCertDER;
++ ByteString rootCACertDER;
++ ByteString intermediateSignedByUntrustedRootCertDER;
++};
++
++TEST_F(pkixbuild, BadEmbeddedSCTWithMultiplePaths)
++{
++ MultiplePathTrustDomain trustDomain;
++ trustDomain.SetUpCerts();
++
++ // python security/pkix/tools/DottedOIDToCode.py --tlv
++ // id-embeddedSctList 1.3.6.1.4.1.11129.2.4.2
++ static const uint8_t tlv_id_embeddedSctList[] = {
++ 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79, 0x02, 0x04, 0x02
++ };
++ static const uint8_t dummySctList[] = {
++ 0x01, 0x02, 0x03, 0x04, 0x05
++ };
++ ByteString ctExtension = TLV(der::SEQUENCE,
++ BytesToByteString(tlv_id_embeddedSctList) +
++ Boolean(false) +
++ // The contents of the OCTET STRING are supposed to consist of an OCTET
++ // STRING of useful data. We're testing what happens if it isn't, so shove
++ // some bogus (non-OCTET STRING) data in there.
++ TLV(der::OCTET_STRING, BytesToByteString(dummySctList)));
++ ByteString certDER(CreateCert("Intermediate", "Cert with bogus SCT list",
++ EndEntityOrCA::MustBeEndEntity,
++ nullptr, /*subjectDERToCertDER*/
++ &ctExtension));
++ ASSERT_FALSE(ENCODING_FAILED(certDER));
++ Input certDERInput;
++ ASSERT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length()));
++ ASSERT_EQ(Result::ERROR_BAD_DER,
++ BuildCertChain(trustDomain, certDERInput, Now(),
++ EndEntityOrCA::MustBeEndEntity,
++ KeyUsage::noParticularKeyUsageRequired,
++ KeyPurposeId::id_kp_serverAuth,
++ CertPolicyId::anyPolicy,
++ nullptr/*stapledOCSPResponse*/));
++}
++
++// Same as a MultiplePathTrustDomain, but the end-entity is revoked.
++class RevokedEndEntityTrustDomain final : public MultiplePathTrustDomain
++{
++public:
++ Result CheckRevocation(EndEntityOrCA endEntityOrCA, const CertID&, Time,
++ Duration, /*optional*/ const Input*,
++ /*optional*/ const Input*) override
++ {
++ if (endEntityOrCA == EndEntityOrCA::MustBeEndEntity) {
++ return Result::ERROR_REVOKED_CERTIFICATE;
++ }
++ return Success;
++ }
++};
++
++TEST_F(pkixbuild, RevokedEndEntityWithMultiplePaths)
++{
++ RevokedEndEntityTrustDomain trustDomain;
++ trustDomain.SetUpCerts();
++ ByteString certDER(CreateCert("Intermediate", "RevokedEndEntity",
++ EndEntityOrCA::MustBeEndEntity));
++ ASSERT_FALSE(ENCODING_FAILED(certDER));
++ Input certDERInput;
++ ASSERT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length()));
++ ASSERT_EQ(Result::ERROR_REVOKED_CERTIFICATE,
++ BuildCertChain(trustDomain, certDERInput, Now(),
++ EndEntityOrCA::MustBeEndEntity,
++ KeyUsage::noParticularKeyUsageRequired,
++ KeyPurposeId::id_kp_serverAuth,
++ CertPolicyId::anyPolicy,
++ nullptr/*stapledOCSPResponse*/));
++}
Added: head/www/waterfox/files/patch-bug1438645
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/www/waterfox/files/patch-bug1438645 Thu Feb 22 00:59:42 2018 (r462554)
@@ -0,0 +1,210 @@
+commit dc9f32108582
+Author: Ted Campbell <tcampbell at mozilla.com>
+Date: Thu Feb 15 14:58:00 2018 +0200
+
+ Bug 1438645 - Prevent XDR from reading past its buffer. r=nbp a=lizzard
+ While XDR data is supposed to be trusted, we currently run into a
+ corruption for some users/use-cases and so make more XDR operations
+ fallible instead of crashing.
+
+ MozReview-Commit-ID: 9FSLNWh9RxG
+
+ --HG--
+ extra : source : fb0c12a38e03ad49c40eb64df23885037d26053d
+---
+ js/src/jsatom.cpp | 18 ++++++++++++----
+ js/src/vm/Xdr.cpp | 2 ++
+ js/src/vm/Xdr.h | 62 ++++++++++++++++++++++++++++++++++++-------------------
+ 3 files changed, 57 insertions(+), 25 deletions(-)
+
+diff --git js/src/jsatom.cpp js/src/jsatom.cpp
+index 5d3ed0040dc1..f1d975f6f03d 100644
+--- js/src/jsatom.cpp
++++ js/src/jsatom.cpp
+@@ -644,15 +644,25 @@ js::XDRAtom(XDRState<mode>* xdr, MutableHandleAtom atomp)
+ JSAtom* atom;
+ if (latin1) {
+ const Latin1Char* chars = nullptr;
+- if (length)
+- chars = reinterpret_cast<const Latin1Char*>(xdr->buf.read(length));
++ if (length) {
++ const uint8_t *ptr;
++ size_t nbyte = length * sizeof(Latin1Char);
++ if (!xdr->peekData(&ptr, nbyte))
++ return false;
++ chars = reinterpret_cast<const Latin1Char*>(ptr);
++ }
+ atom = AtomizeChars(cx, chars, length);
+ } else {
+ #if MOZ_LITTLE_ENDIAN
+ /* Directly access the little endian chars in the XDR buffer. */
+ const char16_t* chars = nullptr;
+- if (length)
+- chars = reinterpret_cast<const char16_t*>(xdr->buf.read(length * sizeof(char16_t)));
++ if (length) {
++ const uint8_t *ptr;
++ size_t nbyte = length * sizeof(char16_t);
++ if (!xdr->peekData(&ptr, nbyte))
++ return false;
++ chars = reinterpret_cast<const char16_t*>(ptr);
++ }
+ atom = AtomizeChars(cx, chars, length);
+ #else
+ /*
+diff --git js/src/vm/Xdr.cpp js/src/vm/Xdr.cpp
+index ec184f31e0c7..5847dbbe3453 100644
+--- js/src/vm/Xdr.cpp
++++ js/src/vm/Xdr.cpp
+@@ -73,6 +73,8 @@ XDRState<mode>::codeChars(char16_t* chars, size_t nchars)
+ mozilla::NativeEndian::copyAndSwapToLittleEndian(ptr, chars, nchars);
+ } else {
+ const uint8_t* ptr = buf.read(nbytes);
++ if (!ptr)
++ return fail(JS::TranscodeResult_Failure_BadDecode);
+ mozilla::NativeEndian::copyAndSwapFromLittleEndian(chars, ptr, nchars);
+ }
+ return true;
+diff --git js/src/vm/Xdr.h js/src/vm/Xdr.h
+index 0a6cbf01b50f..a60f43c6b531 100644
+--- js/src/vm/Xdr.h
++++ js/src/vm/Xdr.h
+@@ -61,11 +61,6 @@ class XDRBuffer<XDR_ENCODE> : public XDRBufferBase
+ return ptr;
+ }
+
+- const char* readCString() {
+- MOZ_CRASH("Should never read in encode mode");
+- return nullptr;
+- }
+-
+ const uint8_t* read(size_t n) {
+ MOZ_CRASH("Should never read in encode mode");
+ return nullptr;
+@@ -87,19 +82,15 @@ class XDRBuffer<XDR_DECODE> : public XDRBufferBase
+ : XDRBufferBase(cx, cursor),
+ buffer_(buffer.begin(), buffer.length()) { }
+
+- const char* readCString() {
+- char* ptr = reinterpret_cast<char*>(&buffer_[cursor_]);
+- uint8_t* end = reinterpret_cast<uint8_t*>(strchr(ptr, '\0')) + 1;
+- MOZ_ASSERT(buffer_.begin().get() < end);
+- MOZ_ASSERT(end <= buffer_.end().get());
+- cursor_ = end - buffer_.begin().get();
+- return ptr;
+- }
+-
+ const uint8_t* read(size_t n) {
+ MOZ_ASSERT(cursor_ < buffer_.length());
+ uint8_t* ptr = &buffer_[cursor_];
+ cursor_ += n;
++
++ // Don't let buggy code read past our buffer
++ if (cursor_ > buffer_.length())
++ return nullptr;
++
+ return ptr;
+ }
+
+@@ -174,7 +165,7 @@ class XDRCoderBase
+ template <XDRMode mode>
+ class XDRState : public XDRCoderBase
+ {
+- public:
++ protected:
+ XDRBuffer<mode> buf;
+ private:
+ JS::TranscodeResult resultCode_;
+@@ -220,6 +211,14 @@ class XDRState : public XDRCoderBase
+ return false;
+ }
+
++ bool peekData(const uint8_t** pptr, size_t length) {
++ const uint8_t* ptr = buf.read(length);
++ if (!ptr)
++ return fail(JS::TranscodeResult_Failure_BadDecode);
++ *pptr = ptr;
++ return true;
++ }
++
+ bool codeUint8(uint8_t* n) {
+ if (mode == XDR_ENCODE) {
+ uint8_t* ptr = buf.write(sizeof(*n));
+@@ -227,7 +226,10 @@ class XDRState : public XDRCoderBase
+ return fail(JS::TranscodeResult_Throw);
+ *ptr = *n;
+ } else {
+- *n = *buf.read(sizeof(*n));
++ const uint8_t* ptr = buf.read(sizeof(*n));
++ if (!ptr)
++ return fail(JS::TranscodeResult_Failure_BadDecode);
++ *n = *ptr;
+ }
+ return true;
+ }
+@@ -240,6 +242,8 @@ class XDRState : public XDRCoderBase
+ mozilla::LittleEndian::writeUint16(ptr, *n);
+ } else {
+ const uint8_t* ptr = buf.read(sizeof(*n));
++ if (!ptr)
++ return fail(JS::TranscodeResult_Failure_BadDecode);
+ *n = mozilla::LittleEndian::readUint16(ptr);
+ }
+ return true;
+@@ -253,6 +257,8 @@ class XDRState : public XDRCoderBase
+ mozilla::LittleEndian::writeUint32(ptr, *n);
+ } else {
+ const uint8_t* ptr = buf.read(sizeof(*n));
++ if (!ptr)
++ return fail(JS::TranscodeResult_Failure_BadDecode);
+ *n = mozilla::LittleEndian::readUint32(ptr);
+ }
+ return true;
+@@ -266,6 +272,8 @@ class XDRState : public XDRCoderBase
+ mozilla::LittleEndian::writeUint64(ptr, *n);
+ } else {
+ const uint8_t* ptr = buf.read(sizeof(*n));
++ if (!ptr)
++ return fail(JS::TranscodeResult_Failure_BadDecode);
+ *n = mozilla::LittleEndian::readUint64(ptr);
+ }
+ return true;
+@@ -328,7 +336,10 @@ class XDRState : public XDRCoderBase
+ return fail(JS::TranscodeResult_Throw);
+ memcpy(ptr, bytes, len);
+ } else {
+- memcpy(bytes, buf.read(len), len);
++ const uint8_t* ptr = buf.read(len);
++ if (!ptr)
++ return fail(JS::TranscodeResult_Failure_BadDecode);
++ memcpy(bytes, ptr, len);
+ }
+ return true;
+ }
+@@ -340,14 +351,23 @@ class XDRState : public XDRCoderBase
+ * the decoding buffer.
+ */
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-ports-all
mailing list