gnu: icecat: Update to 31.6.0-gnu1.
* gnu/packages/patches/icecat-CVE-2015-0801.patch, gnu/packages/patches/icecat-CVE-2015-0807.patch, gnu/packages/patches/icecat-CVE-2015-0815-pt1.patch, gnu/packages/patches/icecat-CVE-2015-0815-pt2.patch, gnu/packages/patches/icecat-CVE-2015-0815-pt3.patch, gnu/packages/patches/icecat-CVE-2015-0816.patch, gnu/packages/patches/icecat-CVE-2015-0817.patch, gnu/packages/patches/icecat-CVE-2015-0818-pt1.patch, gnu/packages/patches/icecat-CVE-2015-0818-pt2.patch, gnu/packages/patches/icecat-bug-1127780.patch, gnu/packages/patches/icecat-bug-1145870.patch: Remove files. * gnu-system.am (dist_patch_DATA): Remove them. * gnu/packages/gnuzilla.scm (icecat): Update to 31.6.0-gnu1. Remove patches.master
parent
2bb9b5de7d
commit
7e84e1994a
|
@ -438,17 +438,6 @@ dist_patch_DATA = \
|
||||||
gnu/packages/patches/guix-test-networking.patch \
|
gnu/packages/patches/guix-test-networking.patch \
|
||||||
gnu/packages/patches/gtkglext-disable-disable-deprecated.patch \
|
gnu/packages/patches/gtkglext-disable-disable-deprecated.patch \
|
||||||
gnu/packages/patches/hop-bigloo-4.0b.patch \
|
gnu/packages/patches/hop-bigloo-4.0b.patch \
|
||||||
gnu/packages/patches/icecat-bug-1127780.patch \
|
|
||||||
gnu/packages/patches/icecat-bug-1145870.patch \
|
|
||||||
gnu/packages/patches/icecat-CVE-2015-0801.patch \
|
|
||||||
gnu/packages/patches/icecat-CVE-2015-0807.patch \
|
|
||||||
gnu/packages/patches/icecat-CVE-2015-0815-pt1.patch \
|
|
||||||
gnu/packages/patches/icecat-CVE-2015-0815-pt2.patch \
|
|
||||||
gnu/packages/patches/icecat-CVE-2015-0815-pt3.patch \
|
|
||||||
gnu/packages/patches/icecat-CVE-2015-0816.patch \
|
|
||||||
gnu/packages/patches/icecat-CVE-2015-0817.patch \
|
|
||||||
gnu/packages/patches/icecat-CVE-2015-0818-pt1.patch \
|
|
||||||
gnu/packages/patches/icecat-CVE-2015-0818-pt2.patch \
|
|
||||||
gnu/packages/patches/irrlicht-mesa-10.patch \
|
gnu/packages/patches/irrlicht-mesa-10.patch \
|
||||||
gnu/packages/patches/jbig2dec-ignore-testtest.patch \
|
gnu/packages/patches/jbig2dec-ignore-testtest.patch \
|
||||||
gnu/packages/patches/kmod-module-directory.patch \
|
gnu/packages/patches/kmod-module-directory.patch \
|
||||||
|
|
|
@ -219,7 +219,7 @@ standards.")
|
||||||
(define-public icecat
|
(define-public icecat
|
||||||
(package
|
(package
|
||||||
(name "icecat")
|
(name "icecat")
|
||||||
(version "31.5.0")
|
(version "31.6.0-gnu1")
|
||||||
(source
|
(source
|
||||||
(origin
|
(origin
|
||||||
(method url-fetch)
|
(method url-fetch)
|
||||||
|
@ -227,18 +227,7 @@ standards.")
|
||||||
version "/" name "-" version ".tar.bz2"))
|
version "/" name "-" version ".tar.bz2"))
|
||||||
(sha256
|
(sha256
|
||||||
(base32
|
(base32
|
||||||
"1rr4axghaypdkrf60i1qp6dz4cd29ya02fs3vyffvp4x9kgcq2dd"))
|
"1a4l23msg4cpc4yp59q2z6xv63r6advlbnjy65v4djv6yhgnqf1i"))))
|
||||||
(patches (map search-patch '("icecat-CVE-2015-0815-pt1.patch"
|
|
||||||
"icecat-CVE-2015-0815-pt2.patch"
|
|
||||||
"icecat-bug-1127780.patch"
|
|
||||||
"icecat-CVE-2015-0807.patch"
|
|
||||||
"icecat-CVE-2015-0815-pt3.patch"
|
|
||||||
"icecat-CVE-2015-0817.patch"
|
|
||||||
"icecat-CVE-2015-0816.patch"
|
|
||||||
"icecat-CVE-2015-0818-pt1.patch"
|
|
||||||
"icecat-bug-1145870.patch"
|
|
||||||
"icecat-CVE-2015-0818-pt2.patch"
|
|
||||||
"icecat-CVE-2015-0801.patch")))))
|
|
||||||
(build-system gnu-build-system)
|
(build-system gnu-build-system)
|
||||||
(inputs
|
(inputs
|
||||||
`(("alsa-lib" ,alsa-lib)
|
`(("alsa-lib" ,alsa-lib)
|
||||||
|
|
|
@ -1,162 +0,0 @@
|
||||||
From 4ca86283a71427f27e810d77c8e75418f6428457 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Olli Pettay <Olli.Pettay@helsinki.fi>
|
|
||||||
Date: Mon, 23 Mar 2015 22:23:53 -0400
|
|
||||||
Subject: [PATCH] Bug 1146339 - Do anchor scrolling right before dispatching
|
|
||||||
popstate/hashchange. r=bz, a=lmandel
|
|
||||||
|
|
||||||
---
|
|
||||||
docshell/base/nsDocShell.cpp | 64 +++++++++++++++++++++-----------------------
|
|
||||||
docshell/base/nsDocShell.h | 1 -
|
|
||||||
2 files changed, 30 insertions(+), 35 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
|
|
||||||
index bdf88a5cf..efb6a6e 100644
|
|
||||||
--- a/docshell/base/nsDocShell.cpp
|
|
||||||
+++ b/docshell/base/nsDocShell.cpp
|
|
||||||
@@ -1322,7 +1322,7 @@ nsDocShell::LoadURI(nsIURI * aURI,
|
|
||||||
|
|
||||||
// Note: we allow loads to get through here even if mFiredUnloadEvent is
|
|
||||||
// true; that case will get handled in LoadInternal or LoadHistoryEntry.
|
|
||||||
- if (IsPrintingOrPP() || mBlockNavigation) {
|
|
||||||
+ if (IsPrintingOrPP()) {
|
|
||||||
return NS_OK; // JS may not handle returning of an error code
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -4206,7 +4206,8 @@ bool
|
|
||||||
nsDocShell::IsNavigationAllowed(bool aDisplayPrintErrorDialog)
|
|
||||||
{
|
|
||||||
bool isAllowed = !IsPrintingOrPP(aDisplayPrintErrorDialog) &&
|
|
||||||
- !mFiredUnloadEvent && !mBlockNavigation; if (!isAllowed) {
|
|
||||||
+ !mFiredUnloadEvent;
|
|
||||||
+ if (!isAllowed) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
if (!mContentViewer) {
|
|
||||||
@@ -8901,8 +8902,6 @@ nsDocShell::InternalLoad(nsIURI * aURI,
|
|
||||||
|
|
||||||
NS_ENSURE_TRUE(!mIsBeingDestroyed, NS_ERROR_NOT_AVAILABLE);
|
|
||||||
|
|
||||||
- NS_ENSURE_TRUE(!mBlockNavigation, NS_ERROR_UNEXPECTED);
|
|
||||||
-
|
|
||||||
// wyciwyg urls can only be loaded through history. Any normal load of
|
|
||||||
// wyciwyg through docshell is illegal. Disallow such loads.
|
|
||||||
if (aLoadType & LOAD_CMD_NORMAL) {
|
|
||||||
@@ -9324,19 +9323,6 @@ nsDocShell::InternalLoad(nsIURI * aURI,
|
|
||||||
GetCurScrollPos(ScrollOrientation_X, &cx);
|
|
||||||
GetCurScrollPos(ScrollOrientation_Y, &cy);
|
|
||||||
|
|
||||||
- {
|
|
||||||
- AutoRestore<bool> scrollingToAnchor(mBlockNavigation);
|
|
||||||
- mBlockNavigation = true;
|
|
||||||
-
|
|
||||||
- // ScrollToAnchor doesn't necessarily cause us to scroll the window;
|
|
||||||
- // the function decides whether a scroll is appropriate based on the
|
|
||||||
- // arguments it receives. But even if we don't end up scrolling,
|
|
||||||
- // ScrollToAnchor performs other important tasks, such as informing
|
|
||||||
- // the presShell that we have a new hash. See bug 680257.
|
|
||||||
- rv = ScrollToAnchor(curHash, newHash, aLoadType);
|
|
||||||
- NS_ENSURE_SUCCESS(rv, rv);
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
// Reset mLoadType to its original value once we exit this block,
|
|
||||||
// because this short-circuited load might have started after a
|
|
||||||
// normal, network load, and we don't want to clobber its load type.
|
|
||||||
@@ -9424,16 +9410,6 @@ nsDocShell::InternalLoad(nsIURI * aURI,
|
|
||||||
mOSHE->SetCacheKey(cacheKey);
|
|
||||||
}
|
|
||||||
|
|
||||||
- /* restore previous position of scroller(s), if we're moving
|
|
||||||
- * back in history (bug 59774)
|
|
||||||
- */
|
|
||||||
- if (mOSHE && (aLoadType == LOAD_HISTORY || aLoadType == LOAD_RELOAD_NORMAL))
|
|
||||||
- {
|
|
||||||
- nscoord bx, by;
|
|
||||||
- mOSHE->GetScrollPosition(&bx, &by);
|
|
||||||
- SetCurScrollPosEx(bx, by);
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
/* Restore the original LSHE if we were loading something
|
|
||||||
* while short-circuited load was initiated.
|
|
||||||
*/
|
|
||||||
@@ -9471,12 +9447,36 @@ nsDocShell::InternalLoad(nsIURI * aURI,
|
|
||||||
|
|
||||||
SetDocCurrentStateObj(mOSHE);
|
|
||||||
|
|
||||||
+ // Inform the favicon service that the favicon for oldURI also
|
|
||||||
+ // applies to aURI.
|
|
||||||
+ CopyFavicon(currentURI, aURI, mInPrivateBrowsing);
|
|
||||||
+
|
|
||||||
+ nsRefPtr<nsGlobalWindow> win = mScriptGlobal ?
|
|
||||||
+ mScriptGlobal->GetCurrentInnerWindowInternal() : nullptr;
|
|
||||||
+
|
|
||||||
+ // ScrollToAnchor doesn't necessarily cause us to scroll the window;
|
|
||||||
+ // the function decides whether a scroll is appropriate based on the
|
|
||||||
+ // arguments it receives. But even if we don't end up scrolling,
|
|
||||||
+ // ScrollToAnchor performs other important tasks, such as informing
|
|
||||||
+ // the presShell that we have a new hash. See bug 680257.
|
|
||||||
+ rv = ScrollToAnchor(curHash, newHash, aLoadType);
|
|
||||||
+ NS_ENSURE_SUCCESS(rv, rv);
|
|
||||||
+
|
|
||||||
+ /* restore previous position of scroller(s), if we're moving
|
|
||||||
+ * back in history (bug 59774)
|
|
||||||
+ */
|
|
||||||
+ if (mOSHE && (aLoadType == LOAD_HISTORY ||
|
|
||||||
+ aLoadType == LOAD_RELOAD_NORMAL)) {
|
|
||||||
+ nscoord bx, by;
|
|
||||||
+ mOSHE->GetScrollPosition(&bx, &by);
|
|
||||||
+ SetCurScrollPosEx(bx, by);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
// Dispatch the popstate and hashchange events, as appropriate.
|
|
||||||
//
|
|
||||||
// The event dispatch below can cause us to re-enter script and
|
|
||||||
// destroy the docshell, nulling out mScriptGlobal. Hold a stack
|
|
||||||
// reference to avoid null derefs. See bug 914521.
|
|
||||||
- nsRefPtr<nsGlobalWindow> win = mScriptGlobal;
|
|
||||||
if (win) {
|
|
||||||
// Fire a hashchange event URIs differ, and only in their hashes.
|
|
||||||
bool doHashchange = sameExceptHashes && !curHash.Equals(newHash);
|
|
||||||
@@ -9492,10 +9492,6 @@ nsDocShell::InternalLoad(nsIURI * aURI,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
- // Inform the favicon service that the favicon for oldURI also
|
|
||||||
- // applies to aURI.
|
|
||||||
- CopyFavicon(currentURI, aURI, mInPrivateBrowsing);
|
|
||||||
-
|
|
||||||
return NS_OK;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -12573,7 +12569,7 @@ nsDocShell::OnLinkClick(nsIContent* aContent,
|
|
||||||
{
|
|
||||||
NS_ASSERTION(NS_IsMainThread(), "wrong thread");
|
|
||||||
|
|
||||||
- if (!IsOKToLoadURI(aURI) || mBlockNavigation) {
|
|
||||||
+ if (!IsOKToLoadURI(aURI)) {
|
|
||||||
return NS_OK;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -12629,7 +12625,7 @@ nsDocShell::OnLinkClickSync(nsIContent *aContent,
|
|
||||||
*aRequest = nullptr;
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (!IsOKToLoadURI(aURI) || mBlockNavigation) {
|
|
||||||
+ if (!IsOKToLoadURI(aURI)) {
|
|
||||||
return NS_OK;
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git a/docshell/base/nsDocShell.h b/docshell/base/nsDocShell.h
|
|
||||||
index be353ee..c191777 100644
|
|
||||||
--- a/docshell/base/nsDocShell.h
|
|
||||||
+++ b/docshell/base/nsDocShell.h
|
|
||||||
@@ -835,7 +835,6 @@ protected:
|
|
||||||
bool mInPrivateBrowsing;
|
|
||||||
bool mUseRemoteTabs;
|
|
||||||
bool mDeviceSizeIsPageSize;
|
|
||||||
- bool mBlockNavigation;
|
|
||||||
|
|
||||||
// Because scriptability depends on the mAllowJavascript values of our
|
|
||||||
// ancestors, we cache the effective scriptability and recompute it when
|
|
||||||
--
|
|
||||||
2.2.1
|
|
||||||
|
|
|
@ -1,30 +0,0 @@
|
||||||
From 1b97832a8ae9983e4f15befe142f5ea0626707f1 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Christoph Kerschbaumer <mozilla@christophkerschbaumer.com>
|
|
||||||
Date: Thu, 19 Feb 2015 13:43:40 -0800
|
|
||||||
Subject: [PATCH] Bug 1111834 - CORS request after preflight should not follow
|
|
||||||
30x redirect. r=sicking, a=lmandel
|
|
||||||
|
|
||||||
---
|
|
||||||
dom/base/Navigator.cpp | 6 ++++++
|
|
||||||
1 file changed, 6 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/dom/base/Navigator.cpp b/dom/base/Navigator.cpp
|
|
||||||
index 020e370..727b7cb7 100644
|
|
||||||
--- a/dom/base/Navigator.cpp
|
|
||||||
+++ b/dom/base/Navigator.cpp
|
|
||||||
@@ -1278,6 +1278,12 @@ Navigator::SendBeacon(const nsAString& aUrl,
|
|
||||||
!contentType.Equals(APPLICATION_WWW_FORM_URLENCODED) &&
|
|
||||||
!contentType.Equals(MULTIPART_FORM_DATA) &&
|
|
||||||
!contentType.Equals(TEXT_PLAIN)) {
|
|
||||||
+
|
|
||||||
+ // we need to set the sameOriginChecker as a notificationCallback
|
|
||||||
+ // so we can tell the channel not to follow redirects
|
|
||||||
+ nsCOMPtr<nsIInterfaceRequestor> soc = nsContentUtils::GetSameOriginChecker();
|
|
||||||
+ channel->SetNotificationCallbacks(soc);
|
|
||||||
+
|
|
||||||
nsCOMPtr<nsIChannel> preflightChannel;
|
|
||||||
nsTArray<nsCString> unsafeHeaders;
|
|
||||||
unsafeHeaders.AppendElement(NS_LITERAL_CSTRING("Content-Type"));
|
|
||||||
--
|
|
||||||
2.2.1
|
|
||||||
|
|
|
@ -1,63 +0,0 @@
|
||||||
From 6fb9d1d2bee806abb2f67cee05a8573450a017df Mon Sep 17 00:00:00 2001
|
|
||||||
From: Steve Fink <sfink@mozilla.com>
|
|
||||||
Date: Mon, 12 Jan 2015 14:19:27 -0800
|
|
||||||
Subject: [PATCH] Bug 1137326 - Fix out of bounds error in
|
|
||||||
JS_iterateCompartments. r=terrence, a=abillings
|
|
||||||
|
|
||||||
---
|
|
||||||
js/src/gc/Zone.h | 11 ++++++-----
|
|
||||||
js/src/jsapi.h | 5 +++--
|
|
||||||
2 files changed, 9 insertions(+), 7 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/js/src/gc/Zone.h b/js/src/gc/Zone.h
|
|
||||||
index cbbde6b..612defe 100644
|
|
||||||
--- a/js/src/gc/Zone.h
|
|
||||||
+++ b/js/src/gc/Zone.h
|
|
||||||
@@ -389,21 +389,22 @@ struct CompartmentsInZoneIter
|
|
||||||
// This is for the benefit of CompartmentsIterT::comp.
|
|
||||||
friend class mozilla::Maybe<CompartmentsInZoneIter>;
|
|
||||||
private:
|
|
||||||
- JSCompartment **it, **end;
|
|
||||||
+ JS::Zone *zone;
|
|
||||||
+ JSCompartment **it;
|
|
||||||
|
|
||||||
CompartmentsInZoneIter()
|
|
||||||
- : it(nullptr), end(nullptr)
|
|
||||||
+ : zone(nullptr), it(nullptr)
|
|
||||||
{}
|
|
||||||
|
|
||||||
public:
|
|
||||||
- explicit CompartmentsInZoneIter(JS::Zone *zone) {
|
|
||||||
+ explicit CompartmentsInZoneIter(JS::Zone *zone) : zone(zone) {
|
|
||||||
it = zone->compartments.begin();
|
|
||||||
- end = zone->compartments.end();
|
|
||||||
}
|
|
||||||
|
|
||||||
bool done() const {
|
|
||||||
JS_ASSERT(it);
|
|
||||||
- return it == end;
|
|
||||||
+ return it < zone->compartments.begin() ||
|
|
||||||
+ it >= zone->compartments.end();
|
|
||||||
}
|
|
||||||
void next() {
|
|
||||||
JS_ASSERT(!done());
|
|
||||||
diff --git a/js/src/jsapi.h b/js/src/jsapi.h
|
|
||||||
index 5ae1f86..40fdb37 100644
|
|
||||||
--- a/js/src/jsapi.h
|
|
||||||
+++ b/js/src/jsapi.h
|
|
||||||
@@ -1780,9 +1780,10 @@ JS_LeaveCompartment(JSContext *cx, JSCompartment *oldCompartment);
|
|
||||||
typedef void (*JSIterateCompartmentCallback)(JSRuntime *rt, void *data, JSCompartment *compartment);
|
|
||||||
|
|
||||||
/*
|
|
||||||
- * This function calls |compartmentCallback| on every compartment. Beware that
|
|
||||||
+ * This function calls |compartmentCallback| on every compartment. Beware that
|
|
||||||
* there is no guarantee that the compartment will survive after the callback
|
|
||||||
- * returns.
|
|
||||||
+ * returns. Also, if the callback can GC, there is no guarantee that every
|
|
||||||
+ * compartment will be visited.
|
|
||||||
*/
|
|
||||||
extern JS_PUBLIC_API(void)
|
|
||||||
JS_IterateCompartments(JSRuntime *rt, void *data,
|
|
||||||
--
|
|
||||||
2.2.1
|
|
||||||
|
|
|
@ -1,89 +0,0 @@
|
||||||
From f6d39ec03896eaf5d30d79d8165263c98e957749 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Nathan Froyd <froydnj@mozilla.com>
|
|
||||||
Date: Fri, 6 Feb 2015 16:19:36 -0500
|
|
||||||
Subject: [PATCH] Bug 1036515 - Narrow the scope of unlocking mMonitor in
|
|
||||||
nsTimerImpl::PostTimerEvents. r=bsmedberg, a=abillings
|
|
||||||
|
|
||||||
---
|
|
||||||
xpcom/threads/TimerThread.cpp | 55 ++++++++++++++++++++++---------------------
|
|
||||||
1 file changed, 28 insertions(+), 27 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/xpcom/threads/TimerThread.cpp b/xpcom/threads/TimerThread.cpp
|
|
||||||
index bd586c9..b95846f 100644
|
|
||||||
--- a/xpcom/threads/TimerThread.cpp
|
|
||||||
+++ b/xpcom/threads/TimerThread.cpp
|
|
||||||
@@ -239,43 +239,44 @@ NS_IMETHODIMP TimerThread::Run()
|
|
||||||
RemoveTimerInternal(timer);
|
|
||||||
timer = nullptr;
|
|
||||||
|
|
||||||
+#ifdef DEBUG_TIMERS
|
|
||||||
+ if (PR_LOG_TEST(GetTimerLog(), PR_LOG_DEBUG)) {
|
|
||||||
+ PR_LOG(GetTimerLog(), PR_LOG_DEBUG,
|
|
||||||
+ ("Timer thread woke up %fms from when it was supposed to\n",
|
|
||||||
+ fabs((now - timerRef->mTimeout).ToMilliseconds())));
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
{
|
|
||||||
// We release mMonitor around the Fire call to avoid deadlock.
|
|
||||||
MonitorAutoUnlock unlock(mMonitor);
|
|
||||||
|
|
||||||
-#ifdef DEBUG_TIMERS
|
|
||||||
- if (PR_LOG_TEST(GetTimerLog(), PR_LOG_DEBUG)) {
|
|
||||||
- PR_LOG(GetTimerLog(), PR_LOG_DEBUG,
|
|
||||||
- ("Timer thread woke up %fms from when it was supposed to\n",
|
|
||||||
- fabs((now - timerRef->mTimeout).ToMilliseconds())));
|
|
||||||
- }
|
|
||||||
-#endif
|
|
||||||
|
|
||||||
// We are going to let the call to PostTimerEvent here handle the
|
|
||||||
// release of the timer so that we don't end up releasing the timer
|
|
||||||
// on the TimerThread instead of on the thread it targets.
|
|
||||||
timerRef = nsTimerImpl::PostTimerEvent(timerRef.forget());
|
|
||||||
+ }
|
|
||||||
|
|
||||||
- if (timerRef) {
|
|
||||||
- // We got our reference back due to an error.
|
|
||||||
- // Unhook the nsRefPtr, and release manually so we can get the
|
|
||||||
- // refcount.
|
|
||||||
- nsrefcnt rc = timerRef.forget().take()->Release();
|
|
||||||
- (void)rc;
|
|
||||||
-
|
|
||||||
- // The nsITimer interface requires that its users keep a reference
|
|
||||||
- // to the timers they use while those timers are initialized but
|
|
||||||
- // have not yet fired. If this ever happens, it is a bug in the
|
|
||||||
- // code that created and used the timer.
|
|
||||||
- //
|
|
||||||
- // Further, note that this should never happen even with a
|
|
||||||
- // misbehaving user, because nsTimerImpl::Release checks for a
|
|
||||||
- // refcount of 1 with an armed timer (a timer whose only reference
|
|
||||||
- // is from the timer thread) and when it hits this will remove the
|
|
||||||
- // timer from the timer thread and thus destroy the last reference,
|
|
||||||
- // preventing this situation from occurring.
|
|
||||||
- MOZ_ASSERT(rc != 0, "destroyed timer off its target thread!");
|
|
||||||
- }
|
|
||||||
+ if (timerRef) {
|
|
||||||
+ // We got our reference back due to an error.
|
|
||||||
+ // Unhook the nsRefPtr, and release manually so we can get the
|
|
||||||
+ // refcount.
|
|
||||||
+ nsrefcnt rc = timerRef.forget().take()->Release();
|
|
||||||
+ (void)rc;
|
|
||||||
+
|
|
||||||
+ // The nsITimer interface requires that its users keep a reference
|
|
||||||
+ // to the timers they use while those timers are initialized but
|
|
||||||
+ // have not yet fired. If this ever happens, it is a bug in the
|
|
||||||
+ // code that created and used the timer.
|
|
||||||
+ //
|
|
||||||
+ // Further, note that this should never happen even with a
|
|
||||||
+ // misbehaving user, because nsTimerImpl::Release checks for a
|
|
||||||
+ // refcount of 1 with an armed timer (a timer whose only reference
|
|
||||||
+ // is from the timer thread) and when it hits this will remove the
|
|
||||||
+ // timer from the timer thread and thus destroy the last reference,
|
|
||||||
+ // preventing this situation from occurring.
|
|
||||||
+ MOZ_ASSERT(rc != 0, "destroyed timer off its target thread!");
|
|
||||||
}
|
|
||||||
|
|
||||||
if (mShutdown)
|
|
||||||
--
|
|
||||||
2.2.1
|
|
||||||
|
|
|
@ -1,37 +0,0 @@
|
||||||
From e7fc74f6a281c12a4a406f2dd20ff2c27a61484d Mon Sep 17 00:00:00 2001
|
|
||||||
From: Brian Hackett <bhackett1024@gmail.com>
|
|
||||||
Date: Sun, 8 Mar 2015 22:10:01 -0400
|
|
||||||
Subject: [PATCH] Bug 1138199. r=billm, a=lmandel
|
|
||||||
|
|
||||||
---
|
|
||||||
js/src/ds/LifoAlloc.h | 12 ++++++------
|
|
||||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/js/src/ds/LifoAlloc.h b/js/src/ds/LifoAlloc.h
|
|
||||||
index 7617cf5..b112353 100644
|
|
||||||
--- a/js/src/ds/LifoAlloc.h
|
|
||||||
+++ b/js/src/ds/LifoAlloc.h
|
|
||||||
@@ -193,14 +193,14 @@ class LifoAlloc
|
|
||||||
|
|
||||||
// Append used chunks to the end of this LifoAlloc. We act as if all the
|
|
||||||
// chunks in |this| are used, even if they're not, so memory may be wasted.
|
|
||||||
- void appendUsed(BumpChunk *start, BumpChunk *latest, BumpChunk *end) {
|
|
||||||
- JS_ASSERT(start && latest && end);
|
|
||||||
+ void appendUsed(BumpChunk *otherFirst, BumpChunk *otherLatest, BumpChunk *otherLast) {
|
|
||||||
+ JS_ASSERT(otherFirst && otherLatest && otherLast);
|
|
||||||
if (last)
|
|
||||||
- last->setNext(start);
|
|
||||||
+ last->setNext(otherFirst);
|
|
||||||
else
|
|
||||||
- first = latest = start;
|
|
||||||
- last = end;
|
|
||||||
- this->latest = latest;
|
|
||||||
+ first = otherFirst;
|
|
||||||
+ latest = otherLatest;
|
|
||||||
+ last = otherLast;
|
|
||||||
}
|
|
||||||
|
|
||||||
void incrementCurSize(size_t size) {
|
|
||||||
--
|
|
||||||
2.2.1
|
|
||||||
|
|
|
@ -1,76 +0,0 @@
|
||||||
From ae49ed04f54c2f78d6ba7e545e0099602a3270fa Mon Sep 17 00:00:00 2001
|
|
||||||
From: Boris Zbarsky <bzbarsky@mit.edu>
|
|
||||||
Date: Thu, 19 Mar 2015 18:58:44 -0400
|
|
||||||
Subject: [PATCH] Bug 1144991 - Be a bit more restrictive about when a
|
|
||||||
URI_IS_UI_RESOURCE source is allowed to link to a URI_IS_UI_RESOURCE URI that
|
|
||||||
doesn't have the same scheme. r=bholley, a=abillings
|
|
||||||
|
|
||||||
---
|
|
||||||
caps/src/nsScriptSecurityManager.cpp | 38 +++++++++++++++++++++++++-----------
|
|
||||||
1 file changed, 27 insertions(+), 11 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/caps/src/nsScriptSecurityManager.cpp b/caps/src/nsScriptSecurityManager.cpp
|
|
||||||
index 3587358..6577b95 100644
|
|
||||||
--- a/caps/src/nsScriptSecurityManager.cpp
|
|
||||||
+++ b/caps/src/nsScriptSecurityManager.cpp
|
|
||||||
@@ -770,12 +770,31 @@ nsScriptSecurityManager::CheckLoadURIWithPrincipal(nsIPrincipal* aPrincipal,
|
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
|
||||||
if (hasFlags) {
|
|
||||||
if (aFlags & nsIScriptSecurityManager::ALLOW_CHROME) {
|
|
||||||
+
|
|
||||||
+ // For now, don't change behavior for resource:// or moz-icon:// and
|
|
||||||
+ // just allow them.
|
|
||||||
if (!targetScheme.EqualsLiteral("chrome")) {
|
|
||||||
- // for now don't change behavior for resource: or moz-icon:
|
|
||||||
return NS_OK;
|
|
||||||
}
|
|
||||||
|
|
||||||
- // allow load only if chrome package is whitelisted
|
|
||||||
+ // Allow a URI_IS_UI_RESOURCE source to link to a URI_IS_UI_RESOURCE
|
|
||||||
+ // target if ALLOW_CHROME is set.
|
|
||||||
+ //
|
|
||||||
+ // ALLOW_CHROME is a flag that we pass on all loads _except_ docshell
|
|
||||||
+ // loads (since docshell loads run the loaded content with its origin
|
|
||||||
+ // principal). So we're effectively allowing resource://, chrome://,
|
|
||||||
+ // and moz-icon:// source URIs to load resource://, chrome://, and
|
|
||||||
+ // moz-icon:// files, so long as they're not loading it as a document.
|
|
||||||
+ bool sourceIsUIResource;
|
|
||||||
+ rv = NS_URIChainHasFlags(sourceBaseURI,
|
|
||||||
+ nsIProtocolHandler::URI_IS_UI_RESOURCE,
|
|
||||||
+ &sourceIsUIResource);
|
|
||||||
+ NS_ENSURE_SUCCESS(rv, rv);
|
|
||||||
+ if (sourceIsUIResource) {
|
|
||||||
+ return NS_OK;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ // Allow the load only if the chrome package is whitelisted.
|
|
||||||
nsCOMPtr<nsIXULChromeRegistry> reg(do_GetService(
|
|
||||||
NS_CHROMEREGISTRY_CONTRACTID));
|
|
||||||
if (reg) {
|
|
||||||
@@ -787,17 +806,14 @@ nsScriptSecurityManager::CheckLoadURIWithPrincipal(nsIPrincipal* aPrincipal,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
- // resource: and chrome: are equivalent, securitywise
|
|
||||||
- // That's bogus!! Fix this. But watch out for
|
|
||||||
- // the view-source stylesheet?
|
|
||||||
- bool sourceIsChrome;
|
|
||||||
- rv = NS_URIChainHasFlags(sourceBaseURI,
|
|
||||||
- nsIProtocolHandler::URI_IS_UI_RESOURCE,
|
|
||||||
- &sourceIsChrome);
|
|
||||||
- NS_ENSURE_SUCCESS(rv, rv);
|
|
||||||
- if (sourceIsChrome) {
|
|
||||||
+ // Special-case the hidden window: it's allowed to load
|
|
||||||
+ // URI_IS_UI_RESOURCE no matter what. Bug 1145470 tracks removing this.
|
|
||||||
+ nsAutoCString sourceSpec;
|
|
||||||
+ if (NS_SUCCEEDED(sourceBaseURI->GetSpec(sourceSpec)) &&
|
|
||||||
+ sourceSpec.EqualsLiteral("resource://gre-resources/hiddenWindow.html")) {
|
|
||||||
return NS_OK;
|
|
||||||
}
|
|
||||||
+
|
|
||||||
if (reportErrors) {
|
|
||||||
ReportError(nullptr, errorTag, sourceURI, aTargetURI);
|
|
||||||
}
|
|
||||||
--
|
|
||||||
2.2.1
|
|
||||||
|
|
|
@ -1,44 +0,0 @@
|
||||||
From cedbdf8290018fbef65458e9e438c72adf2c2775 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Steve Fink <sfink@mozilla.com>
|
|
||||||
Date: Thu, 19 Mar 2015 15:46:24 -0700
|
|
||||||
Subject: [PATCH] Bug 1145255. r=luke, a=lmandel
|
|
||||||
|
|
||||||
---
|
|
||||||
js/src/jit/AsmJS.cpp | 13 +++++++++++--
|
|
||||||
1 file changed, 11 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/js/src/jit/AsmJS.cpp b/js/src/jit/AsmJS.cpp
|
|
||||||
index 302b5ab..1b8eed6 100644
|
|
||||||
--- a/js/src/jit/AsmJS.cpp
|
|
||||||
+++ b/js/src/jit/AsmJS.cpp
|
|
||||||
@@ -14,6 +14,7 @@
|
|
||||||
|
|
||||||
#include "jsmath.h"
|
|
||||||
#include "jsprf.h"
|
|
||||||
+#include "jsutil.h"
|
|
||||||
#include "jsworkers.h"
|
|
||||||
#include "prmjtime.h"
|
|
||||||
|
|
||||||
@@ -3432,9 +3433,17 @@ FoldMaskedArrayIndex(FunctionCompiler &f, ParseNode **indexExpr, int32_t *mask,
|
|
||||||
if (IsLiteralOrConstInt(f, maskNode, &mask2)) {
|
|
||||||
// Flag the access to skip the bounds check if the mask ensures that an 'out of
|
|
||||||
// bounds' access can not occur based on the current heap length constraint.
|
|
||||||
- if (mask2 == 0 ||
|
|
||||||
- CountLeadingZeroes32(f.m().minHeapLength() - 1) <= CountLeadingZeroes32(mask2)) {
|
|
||||||
+ if (mask2 == 0) {
|
|
||||||
*needsBoundsCheck = NO_BOUNDS_CHECK;
|
|
||||||
+ } else {
|
|
||||||
+ uint32_t minHeap = f.m().minHeapLength();
|
|
||||||
+ uint32_t minHeapZeroes = CountLeadingZeroes32(minHeap - 1);
|
|
||||||
+ uint32_t maskZeroes = CountLeadingZeroes32(mask2);
|
|
||||||
+ if ((minHeapZeroes < maskZeroes) ||
|
|
||||||
+ (IsPowerOfTwo(minHeap) && minHeapZeroes == maskZeroes))
|
|
||||||
+ {
|
|
||||||
+ *needsBoundsCheck = NO_BOUNDS_CHECK;
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
*mask &= mask2;
|
|
||||||
*indexExpr = indexNode;
|
|
||||||
--
|
|
||||||
2.2.1
|
|
||||||
|
|
|
@ -1,67 +0,0 @@
|
||||||
From 79dddb16aaa58f5b5cef49dac6d234f500af3baf Mon Sep 17 00:00:00 2001
|
|
||||||
From: Olli Pettay <Olli.Pettay@helsinki.fi>
|
|
||||||
Date: Thu, 19 Mar 2015 21:53:32 -0400
|
|
||||||
Subject: [PATCH] Bug 1144988 - Don't let other pages to load while doing
|
|
||||||
scroll-to-anchor. r=bz, a=lmandel
|
|
||||||
|
|
||||||
---
|
|
||||||
docshell/base/nsDocShell.cpp | 23 ++++++++++++++---------
|
|
||||||
docshell/base/nsDocShell.h | 1 +
|
|
||||||
2 files changed, 15 insertions(+), 9 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
|
|
||||||
index 887c910..14ff3f2 100644
|
|
||||||
--- a/docshell/base/nsDocShell.cpp
|
|
||||||
+++ b/docshell/base/nsDocShell.cpp
|
|
||||||
@@ -4204,8 +4204,8 @@ nsDocShell::IsPrintingOrPP(bool aDisplayErrorDialog)
|
|
||||||
bool
|
|
||||||
nsDocShell::IsNavigationAllowed(bool aDisplayPrintErrorDialog)
|
|
||||||
{
|
|
||||||
- bool isAllowed = !IsPrintingOrPP(aDisplayPrintErrorDialog) && !mFiredUnloadEvent;
|
|
||||||
- if (!isAllowed) {
|
|
||||||
+ bool isAllowed = !IsPrintingOrPP(aDisplayPrintErrorDialog) &&
|
|
||||||
+ !mFiredUnloadEvent && !mBlockNavigation; if (!isAllowed) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
if (!mContentViewer) {
|
|
||||||
@@ -9321,13 +9321,18 @@ nsDocShell::InternalLoad(nsIURI * aURI,
|
|
||||||
GetCurScrollPos(ScrollOrientation_X, &cx);
|
|
||||||
GetCurScrollPos(ScrollOrientation_Y, &cy);
|
|
||||||
|
|
||||||
- // ScrollToAnchor doesn't necessarily cause us to scroll the window;
|
|
||||||
- // the function decides whether a scroll is appropriate based on the
|
|
||||||
- // arguments it receives. But even if we don't end up scrolling,
|
|
||||||
- // ScrollToAnchor performs other important tasks, such as informing
|
|
||||||
- // the presShell that we have a new hash. See bug 680257.
|
|
||||||
- rv = ScrollToAnchor(curHash, newHash, aLoadType);
|
|
||||||
- NS_ENSURE_SUCCESS(rv, rv);
|
|
||||||
+ {
|
|
||||||
+ AutoRestore<bool> scrollingToAnchor(mBlockNavigation);
|
|
||||||
+ mBlockNavigation = true;
|
|
||||||
+
|
|
||||||
+ // ScrollToAnchor doesn't necessarily cause us to scroll the window;
|
|
||||||
+ // the function decides whether a scroll is appropriate based on the
|
|
||||||
+ // arguments it receives. But even if we don't end up scrolling,
|
|
||||||
+ // ScrollToAnchor performs other important tasks, such as informing
|
|
||||||
+ // the presShell that we have a new hash. See bug 680257.
|
|
||||||
+ rv = ScrollToAnchor(curHash, newHash, aLoadType);
|
|
||||||
+ NS_ENSURE_SUCCESS(rv, rv);
|
|
||||||
+ }
|
|
||||||
|
|
||||||
// Reset mLoadType to its original value once we exit this block,
|
|
||||||
// because this short-circuited load might have started after a
|
|
||||||
diff --git a/docshell/base/nsDocShell.h b/docshell/base/nsDocShell.h
|
|
||||||
index c191777..be353ee 100644
|
|
||||||
--- a/docshell/base/nsDocShell.h
|
|
||||||
+++ b/docshell/base/nsDocShell.h
|
|
||||||
@@ -835,6 +835,7 @@ protected:
|
|
||||||
bool mInPrivateBrowsing;
|
|
||||||
bool mUseRemoteTabs;
|
|
||||||
bool mDeviceSizeIsPageSize;
|
|
||||||
+ bool mBlockNavigation;
|
|
||||||
|
|
||||||
// Because scriptability depends on the mAllowJavascript values of our
|
|
||||||
// ancestors, we cache the effective scriptability and recompute it when
|
|
||||||
--
|
|
||||||
2.2.1
|
|
||||||
|
|
|
@ -1,28 +0,0 @@
|
||||||
From 83364c747c421b191f9d4012896a9e5a1d5223ad Mon Sep 17 00:00:00 2001
|
|
||||||
From: Kyle Huey <khuey@kylehuey.com>
|
|
||||||
Date: Fri, 20 Mar 2015 19:15:13 -0700
|
|
||||||
Subject: [PATCH] Bug 1144988. r=bz a=lmandel
|
|
||||||
|
|
||||||
---
|
|
||||||
docshell/base/nsDocShell.cpp | 3 ++-
|
|
||||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
|
|
||||||
index 4cddcef..bdf88a5cf 100644
|
|
||||||
--- a/docshell/base/nsDocShell.cpp
|
|
||||||
+++ b/docshell/base/nsDocShell.cpp
|
|
||||||
@@ -1322,9 +1322,10 @@ nsDocShell::LoadURI(nsIURI * aURI,
|
|
||||||
|
|
||||||
// Note: we allow loads to get through here even if mFiredUnloadEvent is
|
|
||||||
// true; that case will get handled in LoadInternal or LoadHistoryEntry.
|
|
||||||
- if (IsPrintingOrPP()) {
|
|
||||||
+ if (IsPrintingOrPP() || mBlockNavigation) {
|
|
||||||
return NS_OK; // JS may not handle returning of an error code
|
|
||||||
}
|
|
||||||
+
|
|
||||||
nsCOMPtr<nsIURI> referrer;
|
|
||||||
nsCOMPtr<nsIInputStream> postStream;
|
|
||||||
nsCOMPtr<nsIInputStream> headersStream;
|
|
||||||
--
|
|
||||||
2.2.1
|
|
||||||
|
|
|
@ -1,25 +0,0 @@
|
||||||
From cf1de3d04302841aaa05aed8364da3399cbca9b4 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Bobby Holley <bobbyholley@gmail.com>
|
|
||||||
Date: Tue, 17 Feb 2015 17:47:12 -0500
|
|
||||||
Subject: [PATCH] Bug 1127780 - Add null check. r=bz, a=bkerensa
|
|
||||||
|
|
||||||
---
|
|
||||||
js/xpconnect/wrappers/XrayWrapper.h | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/js/xpconnect/wrappers/XrayWrapper.h b/js/xpconnect/wrappers/XrayWrapper.h
|
|
||||||
index ead095f1..cc8c580 100644
|
|
||||||
--- a/js/xpconnect/wrappers/XrayWrapper.h
|
|
||||||
+++ b/js/xpconnect/wrappers/XrayWrapper.h
|
|
||||||
@@ -131,7 +131,7 @@ class XrayWrapper : public Base {
|
|
||||||
{
|
|
||||||
if (!Base::getPrototypeOf(cx, wrapper, protop))
|
|
||||||
return false;
|
|
||||||
- if (WrapperFactory::IsXrayWrapper(protop))
|
|
||||||
+ if (!protop || WrapperFactory::IsXrayWrapper(protop))
|
|
||||||
return true;
|
|
||||||
|
|
||||||
protop.set(JS_GetObjectPrototype(cx, wrapper));
|
|
||||||
--
|
|
||||||
2.2.1
|
|
||||||
|
|
|
@ -1,43 +0,0 @@
|
||||||
From a40e2ebc2ab57dacb539d4e49ed4193764ff7112 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Kyle Huey <khuey@kylehuey.com>
|
|
||||||
Date: Fri, 20 Mar 2015 19:05:56 -0700
|
|
||||||
Subject: [PATCH] Bug 1145870. r=bz a=lmandel
|
|
||||||
|
|
||||||
---
|
|
||||||
docshell/base/nsDocShell.cpp | 6 ++++--
|
|
||||||
1 file changed, 4 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
|
|
||||||
index 14ff3f2..4cddcef 100644
|
|
||||||
--- a/docshell/base/nsDocShell.cpp
|
|
||||||
+++ b/docshell/base/nsDocShell.cpp
|
|
||||||
@@ -8900,6 +8900,8 @@ nsDocShell::InternalLoad(nsIURI * aURI,
|
|
||||||
|
|
||||||
NS_ENSURE_TRUE(!mIsBeingDestroyed, NS_ERROR_NOT_AVAILABLE);
|
|
||||||
|
|
||||||
+ NS_ENSURE_TRUE(!mBlockNavigation, NS_ERROR_UNEXPECTED);
|
|
||||||
+
|
|
||||||
// wyciwyg urls can only be loaded through history. Any normal load of
|
|
||||||
// wyciwyg through docshell is illegal. Disallow such loads.
|
|
||||||
if (aLoadType & LOAD_CMD_NORMAL) {
|
|
||||||
@@ -12570,7 +12572,7 @@ nsDocShell::OnLinkClick(nsIContent* aContent,
|
|
||||||
{
|
|
||||||
NS_ASSERTION(NS_IsMainThread(), "wrong thread");
|
|
||||||
|
|
||||||
- if (!IsOKToLoadURI(aURI)) {
|
|
||||||
+ if (!IsOKToLoadURI(aURI) || mBlockNavigation) {
|
|
||||||
return NS_OK;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -12626,7 +12628,7 @@ nsDocShell::OnLinkClickSync(nsIContent *aContent,
|
|
||||||
*aRequest = nullptr;
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (!IsOKToLoadURI(aURI)) {
|
|
||||||
+ if (!IsOKToLoadURI(aURI) || mBlockNavigation) {
|
|
||||||
return NS_OK;
|
|
||||||
}
|
|
||||||
|
|
||||||
--
|
|
||||||
2.2.1
|
|
||||||
|
|
Reference in New Issue