From owner-svn-ports-all@freebsd.org Tue Feb 20 00:11:13 2018 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8AB1AF0C764; Tue, 20 Feb 2018 00:11:13 +0000 (UTC) (envelope-from jbeich@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3DE5B7443B; Tue, 20 Feb 2018 00:11:13 +0000 (UTC) (envelope-from jbeich@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 202E5218D0; Tue, 20 Feb 2018 00:11:13 +0000 (UTC) (envelope-from jbeich@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w1K0BDxO034695; Tue, 20 Feb 2018 00:11:13 GMT (envelope-from jbeich@FreeBSD.org) Received: (from jbeich@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w1K0BCrg034689; Tue, 20 Feb 2018 00:11:12 GMT (envelope-from jbeich@FreeBSD.org) Message-Id: <201802200011.w1K0BCrg034689@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jbeich set sender to jbeich@FreeBSD.org using -f From: Jan Beich Date: Tue, 20 Feb 2018 00:11:12 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r462361 - in head/www/waterfox: . files X-SVN-Group: ports-head X-SVN-Commit-Author: jbeich X-SVN-Commit-Paths: in head/www/waterfox: . files X-SVN-Commit-Revision: 462361 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Feb 2018 00:11:13 -0000 Author: jbeich Date: Tue Feb 20 00:11:12 2018 New Revision: 462361 URL: https://svnweb.freebsd.org/changeset/ports/462361 Log: www/waterfox: apply more FF59 fixes Added: head/www/waterfox/files/patch-bug1231203 (contents, props changed) head/www/waterfox/files/patch-bug1334465 (contents, props changed) head/www/waterfox/files/patch-bug1426988 (contents, props changed) head/www/waterfox/files/patch-bug1428947 (contents, props changed) head/www/waterfox/files/patch-bug1431336 (contents, props changed) Modified: head/www/waterfox/Makefile (contents, props changed) Modified: head/www/waterfox/Makefile ============================================================================== --- head/www/waterfox/Makefile Tue Feb 20 00:10:28 2018 (r462360) +++ head/www/waterfox/Makefile Tue Feb 20 00:11:12 2018 (r462361) @@ -2,7 +2,7 @@ PORTNAME= waterfox DISTVERSION= 56.0.4 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= www ipv6 MAINTAINER= jbeich@FreeBSD.org Added: head/www/waterfox/files/patch-bug1231203 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1231203 Tue Feb 20 00:11:12 2018 (r462361) @@ -0,0 +1,203 @@ +commit ef357e507dd1 +Author: David Keeler +Date: Thu Feb 8 17:16:03 2018 -0800 + + bug 1231203 - ensure OCSP responses to requests from private contexts aren't cached on disk r=jcj a=ritu + + MozReview-Commit-ID: 374f7hERLee + + --HG-- + extra : source : ee10aee44d26bf6eb3ddc5f54ddbbbb4fdeb4b0d +--- + security/manager/ssl/nsNSSCallbacks.cpp | 12 ++- + security/manager/ssl/tests/unit/head_psm.js | 8 +- + .../ssl/tests/unit/test_ocsp_private_caching.js | 112 +++++++++++++++++++++ + security/manager/ssl/tests/unit/xpcshell.ini | 2 + + 4 files changed, 130 insertions(+), 4 deletions(-) + +diff --git security/manager/ssl/nsNSSCallbacks.cpp security/manager/ssl/nsNSSCallbacks.cpp +index 7288a7f2c725..d3b973362ab1 100644 +--- security/manager/ssl/nsNSSCallbacks.cpp ++++ security/manager/ssl/nsNSSCallbacks.cpp +@@ -119,13 +119,19 @@ nsHTTPDownloadEvent::Run() + chan->SetLoadFlags(nsIRequest::LOAD_ANONYMOUS | + nsIChannel::LOAD_BYPASS_SERVICE_WORKER); + +- // For OCSP requests, only the first party domain aspect of origin attributes +- // is used. This means that OCSP requests are shared across different +- // containers. ++ // For OCSP requests, only the first party domain and private browsing id ++ // aspects of origin attributes are used. This means that: ++ // a) if first party isolation is enabled, OCSP requests will be isolated ++ // according to the first party domain of the original https request ++ // b) OCSP requests are shared across different containers as long as first ++ // party isolation is not enabled and none of the containers are in private ++ // browsing mode. + if (mRequestSession->mOriginAttributes != OriginAttributes()) { + OriginAttributes attrs; + attrs.mFirstPartyDomain = + mRequestSession->mOriginAttributes.mFirstPartyDomain; ++ attrs.mPrivateBrowsingId = ++ mRequestSession->mOriginAttributes.mPrivateBrowsingId; + + nsCOMPtr loadInfo = chan->GetLoadInfo(); + if (loadInfo) { +diff --git security/manager/ssl/tests/unit/head_psm.js security/manager/ssl/tests/unit/head_psm.js +index 6e0d41125549..51e2beb7ce1d 100644 +--- security/manager/ssl/tests/unit/head_psm.js ++++ security/manager/ssl/tests/unit/head_psm.js +@@ -609,9 +609,12 @@ function getFailingHttpServer(serverPort, serverIdentities) { + // by which HTTP method the server is expected to be queried. + // expectedResponseTypes is an optional array of OCSP response types to use (see + // GenerateOCSPResponse.cpp). ++// responseHeaderPairs is an optional array of HTTP header (name, value) pairs ++// to set in each response. + function startOCSPResponder(serverPort, identity, nssDBLocation, + expectedCertNames, expectedBasePaths, +- expectedMethods, expectedResponseTypes) { ++ expectedMethods, expectedResponseTypes, ++ responseHeaderPairs = []) { + let ocspResponseGenerationArgs = expectedCertNames.map( + function(expectedNick) { + let responseType = "good"; +@@ -640,6 +643,9 @@ function startOCSPResponder(serverPort, identity, nssDBLocation, + } + aResponse.setStatusLine(aRequest.httpVersion, 200, "OK"); + aResponse.setHeader("Content-Type", "application/ocsp-response"); ++ for (let headerPair of responseHeaderPairs) { ++ aResponse.setHeader(headerPair[0], headerPair[1]); ++ } + aResponse.write(ocspResponses.shift()); + }); + httpServer.identity.setPrimary("http", identity, serverPort); +diff --git security/manager/ssl/tests/unit/test_ocsp_private_caching.js security/manager/ssl/tests/unit/test_ocsp_private_caching.js +new file mode 100644 +index 000000000000..b61252eb6e6f +--- /dev/null ++++ security/manager/ssl/tests/unit/test_ocsp_private_caching.js +@@ -0,0 +1,112 @@ ++// -*- indent-tabs-mode: nil; js-indent-level: 2 -*- ++// This Source Code Form is subject to the terms of the Mozilla Public ++// License, v. 2.0. If a copy of the MPL was not distributed with this ++// file, You can obtain one at http://mozilla.org/MPL/2.0/. ++ ++"use strict"; ++ ++// In which we connect to a host and encounter OCSP responses with the ++// Cache-Control header set, which Necko will normally cache. We need to ensure ++// that these responses aren't cached to disk when the original https request ++// was in a private context. ++ ++do_get_profile(); // must be called before getting nsIX509CertDB ++const certdb = Cc["@mozilla.org/security/x509certdb;1"] ++ .getService(Ci.nsIX509CertDB); ++ ++const SERVER_PORT = 8888; ++ ++function start_ocsp_responder(expectedCertNames, expectedPaths, ++ expectedMethods) { ++ return startOCSPResponder(SERVER_PORT, "www.example.com", ++ "test_ocsp_fetch_method", expectedCertNames, ++ expectedPaths, expectedMethods); ++} ++ ++function check_cert_err(cert_name, expected_error) { ++ let cert = constructCertFromFile("test_ocsp_fetch_method/" + cert_name + ".pem"); ++ return checkCertErrorGeneric(certdb, cert, expected_error, ++ certificateUsageSSLServer); ++} ++ ++function add_flush_cache() { ++ add_test(() => { ++ // This appears to either fire multiple times or fire once for every ++ // observer that has ever been passed to flush. To prevent multiple calls to ++ // run_next_test, keep track of if this observer has already called it. ++ let observed = false; ++ let observer = { observe: () => { ++ if (!observed) { ++ observed = true; ++ run_next_test(); ++ } ++ } ++ }; ++ Services.cache2.QueryInterface(Ci.nsICacheTesting).flush(observer); ++ }); ++} ++ ++function add_ocsp_necko_cache_test(loadContext, shouldFindEntry) { ++ // Pre-testcase cleanup/setup. ++ add_test(() => { ++ Services.cache2.clear(); ++ run_next_test(); ++ }); ++ add_flush_cache(); ++ ++ let responder; ++ add_test(() => { ++ clearOCSPCache(); ++ clearSessionCache(); ++ responder = startOCSPResponder(SERVER_PORT, "localhost", "ocsp_certs", ++ ["default-ee"], [], [], [], ++ [["Cache-Control", "max-age: 1000"]]); ++ run_next_test(); ++ }); ++ ++ // Prepare a connection that will cause an OCSP request. ++ add_connection_test("ocsp-stapling-none.example.com", PRErrorCodeSuccess, ++ null, null, null, loadContext.originAttributes); ++ ++ add_flush_cache(); ++ ++ // Traverse the cache and ensure the response made it into the cache with the ++ // appropriate properties (private or not private). ++ add_test(() => { ++ let foundEntry = false; ++ let visitor = { ++ onCacheStorageInfo() {}, ++ onCacheEntryInfo(aURI, aIdEnhance, aDataSize, aFetchCount, ++ aLastModifiedTime, aExpirationTime, aPinned, aInfo) { ++ Assert.equal(aURI.spec, "http://localhost:8888/", ++ "expected OCSP request URI should match"); ++ foundEntry = true; ++ }, ++ onCacheEntryVisitCompleted() { ++ Assert.equal(foundEntry, shouldFindEntry, ++ "should only find a cached entry if we're expecting one"); ++ run_next_test(); ++ }, ++ QueryInterface(iid) { ++ if (iid.equals(Ci.nsICacheStorageVisitor)) { ++ return this; ++ } ++ throw Cr.NS_ERROR_NO_INTERFACE; ++ }, ++ }; ++ Services.cache2.asyncVisitAllStorages(visitor, true); ++ }); ++ ++ // Clean up (stop the responder). ++ add_test(() => { ++ responder.stop(run_next_test); ++ }); ++} ++ ++function run_test() { ++ Services.prefs.setIntPref("security.OCSP.enabled", 1); ++ add_tls_server_setup("OCSPStaplingServer", "ocsp_certs"); ++ add_ocsp_necko_cache_test(Services.loadContextInfo.private, false); ++ add_ocsp_necko_cache_test(Services.loadContextInfo.default, true); ++ run_next_test(); ++} +diff --git security/manager/ssl/tests/unit/xpcshell.ini security/manager/ssl/tests/unit/xpcshell.ini +index b85c775514eb..4dbe59ac5e73 100644 +--- security/manager/ssl/tests/unit/xpcshell.ini ++++ security/manager/ssl/tests/unit/xpcshell.ini +@@ -121,6 +121,8 @@ run-sequentially = hardcoded ports + run-sequentially = hardcoded ports + [test_ocsp_must_staple.js] + run-sequentially = hardcoded ports ++[test_ocsp_private_caching.js] ++run-sequentially = hardcoded ports + [test_ocsp_no_hsts_upgrade.js] + run-sequentially = hardcoded ports + [test_ocsp_required.js] Added: head/www/waterfox/files/patch-bug1334465 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1334465 Tue Feb 20 00:11:12 2018 (r462361) @@ -0,0 +1,62 @@ +commit 646f99465e4f +Author: Valentin Gosu +Date: Fri Feb 9 13:20:04 2018 +0100 + + Bug 1334465 - Make HttpChannelParent::mIPCClosed atomic r=bagder a=ritu + + MozReview-Commit-ID: 6irCJMAjzjW + + --HG-- + extra : source : bd315ae86709c3459a3dbf0778022ff3b1908723 +--- + netwerk/protocol/http/HttpChannelParent.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git netwerk/protocol/http/HttpChannelParent.h netwerk/protocol/http/HttpChannelParent.h +index 572d7f177d7a..ef4dbd84f792 100644 +--- netwerk/protocol/http/HttpChannelParent.h ++++ netwerk/protocol/http/HttpChannelParent.h +@@ -264,7 +264,7 @@ private: + RefPtr mChannel; + nsCOMPtr mCacheEntry; + nsCOMPtr mAssociatedContentSecurity; +- bool mIPCClosed; // PHttpChannel actor has been Closed() ++ Atomic mIPCClosed; // PHttpChannel actor has been Closed() + + nsCOMPtr mRedirectChannel; + nsCOMPtr mRedirectCallback; +commit a87603550115 +Author: Valentin Gosu +Date: Sun Feb 11 03:51:09 2018 +0100 + + Bug 1334465 - Set mIPCClosed to true before calling SendDeleteSelf in order to avoid race r=bagder a=ritu + + In the previous code, a race condition could cause us to call SendSetPriority() after calling SendDeleteSelf. + + For example: + T1: SendDeleteSelf() + T2: if (!mIPCClosed) SendSetPriority() + T1: mIPCClosed = true + + MozReview-Commit-ID: 3XOwCaphb2o + + --HG-- + extra : source : 4ebdab0e332892378558817e30d0138c95199ce5 +--- + netwerk/protocol/http/HttpChannelParent.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git netwerk/protocol/http/HttpChannelParent.cpp netwerk/protocol/http/HttpChannelParent.cpp +index 064c5659e9ed..8ee13c2b5fbd 100644 +--- netwerk/protocol/http/HttpChannelParent.cpp ++++ netwerk/protocol/http/HttpChannelParent.cpp +@@ -2262,8 +2262,8 @@ HttpChannelParent::UpdateAndSerializeSecurityInfo(nsACString& aSerializedSecurit + bool + HttpChannelParent::DoSendDeleteSelf() + { +- bool rv = SendDeleteSelf(); + mIPCClosed = true; ++ bool rv = SendDeleteSelf(); + + CleanupBackgroundChannel(); + Added: head/www/waterfox/files/patch-bug1426988 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1426988 Tue Feb 20 00:11:12 2018 (r462361) @@ -0,0 +1,102 @@ +commit 2f7e646ad8fd +Author: Nils Ohlmeier [:drno] +Date: Sat Jan 27 11:20:43 2018 -0800 + + Bug 1426988 - Properly exit encoder init in error cases. r=rillian, a=abillings + + --HG-- + extra : source : f3bc73c747e847db4243cf1167720fd69d62fe51 +--- + media/libvpx/libvpx/vpx/src/vpx_encoder.c | 52 ++++++++++++++++++------------- + 1 file changed, 30 insertions(+), 22 deletions(-) + +diff --git media/libvpx/libvpx/vpx/src/vpx_encoder.c media/libvpx/libvpx/vpx/src/vpx_encoder.c +index 4390cf7c8f1f..1cf2dca695a9 100644 +--- media/libvpx/libvpx/vpx/src/vpx_encoder.c ++++ media/libvpx/libvpx/vpx/src/vpx_encoder.c +@@ -12,8 +12,11 @@ + * \brief Provides the high level interface to wrap encoder algorithms. + * + */ ++#include + #include ++#include + #include ++#include "vp8/common/blockd.h" + #include "vpx_config.h" + #include "vpx/internal/vpx_codec_internal.h" + +@@ -81,6 +84,8 @@ vpx_codec_err_t vpx_codec_enc_init_multi_ver( + int i; + void *mem_loc = NULL; + ++ if (iface->enc.mr_get_mem_loc == NULL) return VPX_CODEC_INCAPABLE; ++ + if (!(res = iface->enc.mr_get_mem_loc(cfg, &mem_loc))) { + for (i = 0; i < num_enc; i++) { + vpx_codec_priv_enc_mr_cfg_t mr_cfg; +@@ -89,28 +94,27 @@ vpx_codec_err_t vpx_codec_enc_init_multi_ver( + if (dsf->num < 1 || dsf->num > 4096 || dsf->den < 1 || + dsf->den > dsf->num) { + res = VPX_CODEC_INVALID_PARAM; +- break; ++ } else { ++ mr_cfg.mr_low_res_mode_info = mem_loc; ++ mr_cfg.mr_total_resolutions = num_enc; ++ mr_cfg.mr_encoder_id = num_enc - 1 - i; ++ mr_cfg.mr_down_sampling_factor.num = dsf->num; ++ mr_cfg.mr_down_sampling_factor.den = dsf->den; ++ ++ /* Force Key-frame synchronization. Namely, encoder at higher ++ * resolution always use the same frame_type chosen by the ++ * lowest-resolution encoder. ++ */ ++ if (mr_cfg.mr_encoder_id) cfg->kf_mode = VPX_KF_DISABLED; ++ ++ ctx->iface = iface; ++ ctx->name = iface->name; ++ ctx->priv = NULL; ++ ctx->init_flags = flags; ++ ctx->config.enc = cfg; ++ res = ctx->iface->init(ctx, &mr_cfg); + } + +- mr_cfg.mr_low_res_mode_info = mem_loc; +- mr_cfg.mr_total_resolutions = num_enc; +- mr_cfg.mr_encoder_id = num_enc - 1 - i; +- mr_cfg.mr_down_sampling_factor.num = dsf->num; +- mr_cfg.mr_down_sampling_factor.den = dsf->den; +- +- /* Force Key-frame synchronization. Namely, encoder at higher +- * resolution always use the same frame_type chosen by the +- * lowest-resolution encoder. +- */ +- if (mr_cfg.mr_encoder_id) cfg->kf_mode = VPX_KF_DISABLED; +- +- ctx->iface = iface; +- ctx->name = iface->name; +- ctx->priv = NULL; +- ctx->init_flags = flags; +- ctx->config.enc = cfg; +- res = ctx->iface->init(ctx, &mr_cfg); +- + if (res) { + const char *error_detail = ctx->priv ? ctx->priv->err_detail : NULL; + /* Destroy current ctx */ +@@ -124,10 +128,14 @@ vpx_codec_err_t vpx_codec_enc_init_multi_ver( + vpx_codec_destroy(ctx); + i--; + } ++#if CONFIG_MULTI_RES_ENCODING ++ assert(mem_loc); ++ free(((LOWER_RES_FRAME_INFO *)mem_loc)->mb_info); ++ free(mem_loc); ++#endif ++ return SAVE_STATUS(ctx, res); + } + +- if (res) break; +- + ctx++; + cfg++; + dsf++; Added: head/www/waterfox/files/patch-bug1428947 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1428947 Tue Feb 20 00:11:12 2018 (r462361) @@ -0,0 +1,90 @@ +commit 1251c93456f6 +Author: Dan Glastonbury +Date: Thu Feb 15 13:06:39 2018 +0200 + + Bug 1428947 - Check plane width & stride constraints. r=mattwoodrow a=ritu + + MozReview-Commit-ID: HEcMG4JoEl3 + + --HG-- + extra : amend_source : af70dc6dacdc867a39c40b0b1b8c05cea49c7586 +--- + dom/media/MediaData.cpp | 2 +- + gfx/layers/ImageContainer.cpp | 23 +++++++++++++---------- + 2 files changed, 14 insertions(+), 11 deletions(-) + +diff --git dom/media/MediaData.cpp dom/media/MediaData.cpp +index 445475163687..9aa2d58e9ded 100644 +--- dom/media/MediaData.cpp ++++ dom/media/MediaData.cpp +@@ -108,7 +108,8 @@ ValidatePlane(const VideoData::YCbCrBuffer::Plane& aPlane) + return aPlane.mWidth <= PlanarYCbCrImage::MAX_DIMENSION + && aPlane.mHeight <= PlanarYCbCrImage::MAX_DIMENSION + && aPlane.mWidth * aPlane.mHeight < MAX_VIDEO_WIDTH * MAX_VIDEO_HEIGHT +- && aPlane.mStride > 0; ++ && aPlane.mStride > 0 ++ && aPlane.mWidth <= aPlane.mStride; + } + + static bool ValidateBufferAndPicture(const VideoData::YCbCrBuffer& aBuffer, +diff --git gfx/layers/ImageContainer.cpp gfx/layers/ImageContainer.cpp +index f00d856754af..3e397def86f7 100644 +--- gfx/layers/ImageContainer.cpp ++++ gfx/layers/ImageContainer.cpp +@@ -539,12 +539,15 @@ static void + CopyPlane(uint8_t *aDst, const uint8_t *aSrc, + const gfx::IntSize &aSize, int32_t aStride, int32_t aSkip) + { ++ int32_t height = aSize.height; ++ int32_t width = aSize.width; ++ ++ MOZ_RELEASE_ASSERT(width <= aStride); ++ + if (!aSkip) { + // Fast path: planar input. +- memcpy(aDst, aSrc, aSize.height * aStride); ++ memcpy(aDst, aSrc, height * aStride); + } else { +- int32_t height = aSize.height; +- int32_t width = aSize.width; + for (int y = 0; y < height; ++y) { + const uint8_t *src = aSrc; + uint8_t *dst = aDst; +@@ -562,13 +565,11 @@ CopyPlane(uint8_t *aDst, const uint8_t *aSrc, + bool + RecyclingPlanarYCbCrImage::CopyData(const Data& aData) + { +- mData = aData; +- + // update buffer size + // Use uint32_t throughout to match AllocateBuffer's param and mBufferSize + const auto checkedSize = +- CheckedInt(mData.mCbCrStride) * mData.mCbCrSize.height * 2 + +- CheckedInt(mData.mYStride) * mData.mYSize.height; ++ CheckedInt(aData.mCbCrStride) * aData.mCbCrSize.height * 2 + ++ CheckedInt(aData.mYStride) * aData.mYSize.height; + + if (!checkedSize.isValid()) + return false; +@@ -583,16 +584,18 @@ RecyclingPlanarYCbCrImage::CopyData(const Data& aData) + // update buffer size + mBufferSize = size; + ++ mData = aData; + mData.mYChannel = mBuffer.get(); + mData.mCbChannel = mData.mYChannel + mData.mYStride * mData.mYSize.height; + mData.mCrChannel = mData.mCbChannel + mData.mCbCrStride * mData.mCbCrSize.height; ++ mData.mYSkip = mData.mCbSkip = mData.mCrSkip = 0; + + CopyPlane(mData.mYChannel, aData.mYChannel, +- mData.mYSize, mData.mYStride, mData.mYSkip); ++ aData.mYSize, aData.mYStride, aData.mYSkip); + CopyPlane(mData.mCbChannel, aData.mCbChannel, +- mData.mCbCrSize, mData.mCbCrStride, mData.mCbSkip); ++ aData.mCbCrSize, aData.mCbCrStride, aData.mCbSkip); + CopyPlane(mData.mCrChannel, aData.mCrChannel, +- mData.mCbCrSize, mData.mCbCrStride, mData.mCrSkip); ++ aData.mCbCrSize, aData.mCbCrStride, aData.mCrSkip); + + mSize = aData.mPicSize; + mOrigin = gfx::IntPoint(aData.mPicX, aData.mPicY); Added: head/www/waterfox/files/patch-bug1431336 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1431336 Tue Feb 20 00:11:12 2018 (r462361) @@ -0,0 +1,34 @@ +commit d606d1200b5a +Author: Makoto Kato +Date: Mon Feb 19 13:12:29 2018 +0900 + + Bug 1431336. r=smaug a=abillings +--- + dom/html/nsTextEditorState.cpp | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git dom/html/nsTextEditorState.cpp dom/html/nsTextEditorState.cpp +index a8247d183732..1430d1005e2a 100644 +--- dom/html/nsTextEditorState.cpp ++++ dom/html/nsTextEditorState.cpp +@@ -936,7 +936,8 @@ nsTextInputListener::NotifySelectionChanged(nsIDOMDocument* aDoc, nsISelection* + + mSelectionWasCollapsed = collapsed; + +- if (!weakFrame.IsAlive() || !nsContentUtils::IsFocusedContent(mFrame->GetContent())) ++ if (!weakFrame.IsAlive() || !mFrame || ++ !nsContentUtils::IsFocusedContent(mFrame->GetContent())) + return NS_OK; + + return UpdateTextInputCommands(NS_LITERAL_STRING("select"), aSel, aReason); +@@ -1792,8 +1793,9 @@ nsTextEditorState::SetSelectionRange(uint32_t aStart, uint32_t aEnd, + props.SetEnd(aEnd); + props.SetDirection(aDirection); + } else { ++ WeakPtr self(this); + aRv = mBoundFrame->SetSelectionRange(aStart, aEnd, aDirection); +- if (aRv.Failed()) { ++ if (aRv.Failed() || !self.get()) { + return; + } + rv = mBoundFrame->ScrollSelectionIntoView();