* gnu/packages/patches/icecat-CVE-2015-4495.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/gnuzilla.scm (icecat)[source]: Add patch. Move the 'patches' field above the snippet.
		
			
				
	
	
		
			28 lines
		
	
	
	
		
			1.2 KiB
		
	
	
	
		
			Diff
		
	
	
	
	
	
			
		
		
	
	
			28 lines
		
	
	
	
		
			1.2 KiB
		
	
	
	
		
			Diff
		
	
	
	
	
	
| Backported from upstream commits labelled "Bug 1178058" from the esr38 branch
 | |
| by Boris Zbarsky <bzbarsky@mit.edu> and Bobby Holley <bobbyholley@gmail.com>.
 | |
| 
 | |
| --- icecat-31.8.0/docshell/base/nsDocShell.cpp
 | |
| +++ icecat-31.8.0/docshell/base/nsDocShell.cpp
 | |
| @@ -1546,12 +1546,21 @@
 | |
|  
 | |
|      if (owner && mItemType != typeChrome) {
 | |
|          nsCOMPtr<nsIPrincipal> ownerPrincipal = do_QueryInterface(owner);
 | |
| -        if (nsContentUtils::IsSystemOrExpandedPrincipal(ownerPrincipal)) {
 | |
| +        if (nsContentUtils::IsSystemPrincipal(ownerPrincipal)) {
 | |
|              if (ownerIsExplicit) {
 | |
|                  return NS_ERROR_DOM_SECURITY_ERR;
 | |
|              }
 | |
|              owner = nullptr;
 | |
|              inheritOwner = true;
 | |
| +        } else if (nsContentUtils::IsExpandedPrincipal(ownerPrincipal)) {
 | |
| +            if (ownerIsExplicit) {
 | |
| +                return NS_ERROR_DOM_SECURITY_ERR;
 | |
| +            }
 | |
| +            // Don't inherit from the current page.  Just do the safe thing
 | |
| +            // and pretend that we were loaded by a nullprincipal.
 | |
| +            owner = do_CreateInstance("@mozilla.org/nullprincipal;1");
 | |
| +            NS_ENSURE_TRUE(owner, NS_ERROR_FAILURE);
 | |
| +            inheritOwner = false;
 | |
|          }
 | |
|      }
 | |
|      if (!owner && !inheritOwner && !ownerIsExplicit) {
 |