Date: Tue, 30 Jan 2018 00:53:11 +0000 (UTC) From: Jan Beich <jbeich@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r460354 - in head/www/waterfox: . files Message-ID: <201801300053.w0U0rBYq099895@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jbeich Date: Tue Jan 30 00:53:11 2018 New Revision: 460354 URL: https://svnweb.freebsd.org/changeset/ports/460354 Log: www/waterfox: update to 56.0.3.50 - Apply more FF58 fixes except the following https://bugzilla.mozilla.org/buglist.cgi?bug_id=1281965,1379276,1382851,1390882,1396399,1412653,1413857,1415770,1415788,1416879,1418074,1418841,1418966,1420049,1421099,1421324,1426449 Changes: https://github.com/MrAlex94/Waterfox/compare/56.0.3...52216f01e1f3 Security: a891c5b4-3d7a-4de9-9c71-eef3fd698c77 Added: head/www/waterfox/files/patch-bug1398581 (contents, props changed) head/www/waterfox/files/patch-bug1413143 (contents, props changed) head/www/waterfox/files/patch-bug1415291 (contents, props changed) head/www/waterfox/files/patch-bug1415883 (contents, props changed) head/www/waterfox/files/patch-bug1417661 (contents, props changed) head/www/waterfox/files/patch-bug1418894 (contents, props changed) head/www/waterfox/files/patch-bug1423770 (contents, props changed) head/www/waterfox/files/patch-bug1425267 (contents, props changed) head/www/waterfox/files/patch-bug730495 (contents, props changed) Deleted: head/www/waterfox/files/patch-bug1387427 head/www/waterfox/files/patch-bug1389561 head/www/waterfox/files/patch-bug1395508 head/www/waterfox/files/patch-bug1399400 head/www/waterfox/files/patch-bug1401459 head/www/waterfox/files/patch-bug1409449 head/www/waterfox/files/patch-bug1412646 head/www/waterfox/files/patch-bug1418447 head/www/waterfox/files/patch-bug1418966 head/www/waterfox/files/patch-bug1419363 head/www/waterfox/files/patch-bug1420507 head/www/waterfox/files/patch-bug1423086 head/www/waterfox/files/patch-bug1423159 head/www/waterfox/files/patch-bug1425000 Modified: head/www/waterfox/Makefile (contents, props changed) head/www/waterfox/distinfo (contents, props changed) Modified: head/www/waterfox/Makefile ============================================================================== --- head/www/waterfox/Makefile Mon Jan 29 22:51:44 2018 (r460353) +++ head/www/waterfox/Makefile Tue Jan 30 00:53:11 2018 (r460354) @@ -1,15 +1,15 @@ # $FreeBSD$ PORTNAME= waterfox -DISTVERSION= 56.0.3 -PORTREVISION= 4 +DISTVERSION= 56.0.3-63 +DISTVERSIONSUFFIX= -g3c6467364007 CATEGORIES= www ipv6 MAINTAINER= jbeich@FreeBSD.org COMMENT= Distilled fork of Firefox DEPRECATED= Temporary experiment -EXPIRATION_DATE=2018-01-30 +EXPIRATION_DATE=2018-03-20 BUILD_DEPENDS= nspr>=4.16:devel/nspr \ nss>=3.32.1:security/nss \ Modified: head/www/waterfox/distinfo ============================================================================== --- head/www/waterfox/distinfo Mon Jan 29 22:51:44 2018 (r460353) +++ head/www/waterfox/distinfo Tue Jan 30 00:53:11 2018 (r460354) @@ -1,3 +1,3 @@ -TIMESTAMP = 1515710085 -SHA256 (MrAlex94-Waterfox-56.0.3_GH0.tar.gz) = 80d4bba90b2d8aac7223aa81302ea56e0dc226e29d01c206e2cbf375d471a9fa -SIZE (MrAlex94-Waterfox-56.0.3_GH0.tar.gz) = 394227402 +TIMESTAMP = 1517018506 +SHA256 (MrAlex94-Waterfox-56.0.3-63-g3c6467364007_GH0.tar.gz) = b9cfff8a10e7783cf17086b1cd19b1d17e3ad2d5fe89fb5d2b9a4502486e08e5 +SIZE (MrAlex94-Waterfox-56.0.3-63-g3c6467364007_GH0.tar.gz) = 394217223 Added: head/www/waterfox/files/patch-bug1398581 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1398581 Tue Jan 30 00:53:11 2018 (r460354) @@ -0,0 +1,125 @@ +commit 762a3ec064d0 +Author: Emilio Cobos Álvarez <emilio@crisal.io> +Date: Mon Sep 11 09:51:30 2017 +0200 + + Bug 1398581: Ensure a first-letter doesn't incorrectly inherit from a first-line. r=heycam + + This approach kinda sucks, because we woefully throw away the style context + computed in the case it inherited from a first-line, but it's the easiest thing + I could think of without either making it more inefficient, or threading a + parent style ignoring first-line through ResolvePseudoElementStyle and related + functions. + + MozReview-Commit-ID: 3uGuU7dHEnE +--- + layout/base/nsCSSFrameConstructor.cpp | 20 +++++++++++++++++--- + 1 file changed, 17 insertions(+), 3 deletions(-) + +diff --git layout/base/nsCSSFrameConstructor.cpp layout/base/nsCSSFrameConstructor.cpp +index 76d97a32ee4d..b668a837e2f3 100644 +--- layout/base/nsCSSFrameConstructor.cpp ++++ layout/base/nsCSSFrameConstructor.cpp +@@ -11861,10 +11861,11 @@ nsCSSFrameConstructor::CreateLetterFrame(nsContainerFrame* aBlockFrame, + + // Get style context for the first-letter-frame. Keep this in sync with + // nsBlockFrame::UpdatePseudoElementStyles. +- nsStyleContext* parentStyleContext = ++ nsIFrame* parentFrame = + nsFrame::CorrectStyleParentFrame(aParentFrame, +- nsCSSPseudoElements::firstLetter)-> +- StyleContext(); ++ nsCSSPseudoElements::firstLetter); ++ ++ nsStyleContext* parentStyleContext = parentFrame->StyleContext(); + + // Use content from containing block so that we can actually + // find a matching style rule. +@@ -11873,7 +11874,20 @@ nsCSSFrameConstructor::CreateLetterFrame(nsContainerFrame* aBlockFrame, + // Create first-letter style rule + RefPtr<nsStyleContext> sc = + GetFirstLetterStyle(blockContent, parentStyleContext); ++ + if (sc) { ++ if (sc->IsServo() && parentFrame->IsLineFrame()) { ++ ServoStyleContext* parentStyleIgnoringFirstLine = ++ aBlockFrame->StyleContext()->AsServo(); ++ sc = ++ mPresShell->StyleSet()->AsServo()->ReparentStyleContext( ++ sc->AsServo(), ++ parentStyleContext->AsServo(), ++ parentStyleIgnoringFirstLine, ++ parentStyleIgnoringFirstLine, ++ blockContent->AsElement()); ++ } ++ + RefPtr<nsStyleContext> textSC = mPresShell->StyleSet()-> + ResolveStyleForText(aTextContent, sc); + +commit 2a9742d4b68a +Author: Emilio Cobos Álvarez <emilio@crisal.io> +Date: Mon Sep 11 17:19:05 2017 +0200 + + Bug 1398581: Address followup comments. r=me + + MozReview-Commit-ID: CymOOl4VLPj +--- + layout/base/nsCSSFrameConstructor.cpp | 15 +-------------- + 1 file changed, 1 insertion(+), 14 deletions(-) + +diff --git layout/base/nsCSSFrameConstructor.cpp layout/base/nsCSSFrameConstructor.cpp +index b668a837e2f3..bd3d406f664f 100644 +--- layout/base/nsCSSFrameConstructor.cpp ++++ layout/base/nsCSSFrameConstructor.cpp +@@ -11884,7 +11884,7 @@ nsCSSFrameConstructor::CreateLetterFrame(nsContainerFrame* aBlockFrame, + sc->AsServo(), + parentStyleContext->AsServo(), + parentStyleIgnoringFirstLine, +- parentStyleIgnoringFirstLine, ++ parentStyleContext->AsServo(), + blockContent->AsElement()); + } + +commit 9a42394a1f71 +Author: Emilio Cobos Álvarez <emilio@crisal.io> +Date: Mon Sep 11 17:19:30 2017 +0200 + + Bug 1398581: Crashtest. r=me + + MozReview-Commit-ID: 5xy5aeDWU12 +--- + layout/style/crashtests/1398581.html | 17 +++++++++++++++++ + layout/style/crashtests/crashtests.list | 1 + + 2 files changed, 18 insertions(+) + +diff --git layout/style/crashtests/1398581.html layout/style/crashtests/1398581.html +new file mode 100644 +index 000000000000..e056ab44d55c +--- /dev/null ++++ layout/style/crashtests/1398581.html +@@ -0,0 +1,17 @@ ++<script> ++function start() { ++ o3=document.createElement('div'); ++ document.body.appendChild(o3); ++ o14=document.createElement('style'); ++ document.documentElement.appendChild(o14); ++ o18=document.createElement('style'); ++ o14.appendChild(o18); ++ s4=unescape('%u06A10'); ++ o3.appendChild(document.createTextNode(s4)); ++ o59=document.createTextNode("{}:first-letter{ all: inherit;'x'}\n*{ float: left}:first-line{"); ++ o18['before'](o18,-1,o59); ++ document.documentElement.offsetHeight; ++ o3.appendChild(document.createTextNode("x")); ++} ++</script> ++<body onload="start()"></body> +diff --git layout/style/crashtests/crashtests.list layout/style/crashtests/crashtests.list +index a32d48fa3299..719bdaf8328a 100644 +--- layout/style/crashtests/crashtests.list ++++ layout/style/crashtests/crashtests.list +@@ -201,3 +201,4 @@ load 1384824-2.html + load 1387481-1.html + load 1387499.html + load 1391577.html ++load 1398581.html Added: head/www/waterfox/files/patch-bug1413143 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1413143 Tue Jan 30 00:53:11 2018 (r460354) @@ -0,0 +1,306 @@ +commit 51708fb1315d +Author: Emilio Cobos Álvarez <emilio@crisal.io> +Date: Wed Nov 1 11:24:17 2017 +0100 + + Bug 1413143: Make font inflation computation less lazy. r=bz,JanH + + This makes it a bit more straight-forward to change the system font scale, + preserving the sync MediaFeatureChanged event. + + This also avoids notifying media queries when the shell is not initialized. + + In particular, the patch in bug 1404545 allows calling MediaFeatureValuesChanged + on a still-initializing pres-shell. This is nasty, and all this initialization + order is kind of a mess, but I'm not reworking it for now... + + Also, this drops the invalidation of font-inflation when a doctype is added to + the document. GetViewportInfo() already relies on the doctype not changing, as + noted in a comment. + + MozReview-Commit-ID: Knw7dM1B04Y +--- + dom/base/nsDocument.cpp | 2 + + layout/base/PresShell.cpp | 84 ++++++++++++++------------------------- + layout/base/nsIPresShell.h | 36 ++++------------- + layout/base/nsLayoutUtils.cpp | 8 ++-- + layout/base/nsPresContext.cpp | 6 ++- + layout/reftests/bugs/reftest.list | 2 +- + 6 files changed, 48 insertions(+), 90 deletions(-) + +diff --git dom/base/nsDocument.cpp dom/base/nsDocument.cpp +index 03bf17e6a4b9..f3579c9420d6 100644 +--- dom/base/nsDocument.cpp ++++ dom/base/nsDocument.cpp +@@ -8172,6 +8172,8 @@ nsIDocument::AdoptNode(nsINode& aAdoptedNode, ErrorResult& rv) + nsViewportInfo + nsDocument::GetViewportInfo(const ScreenIntSize& aDisplaySize) + { ++ MOZ_ASSERT(mPresShell); ++ + // Compute the CSS-to-LayoutDevice pixel scale as the product of the + // widget scale and the full zoom. + nsPresContext* context = mPresShell->GetPresContext(); +diff --git layout/base/PresShell.cpp layout/base/PresShell.cpp +index 6983d2d3c894..a883791d3695 100644 +--- layout/base/PresShell.cpp ++++ layout/base/PresShell.cpp +@@ -765,7 +765,6 @@ nsIPresShell::nsIPresShell() + , mFontSizeInflationForceEnabled(false) + , mFontSizeInflationDisabledInMasterProcess(false) + , mFontSizeInflationEnabled(false) +- , mFontSizeInflationEnabledIsDirty(false) + , mPaintingIsFrozen(false) + , mIsNeverPainting(false) + , mInFlush(false) +@@ -1010,7 +1009,13 @@ PresShell::Init(nsIDocument* aDocument, + QueryIsActive(); + + // Setup our font inflation preferences. +- SetupFontInflation(); ++ mFontSizeInflationEmPerLine = nsLayoutUtils::FontSizeInflationEmPerLine(); ++ mFontSizeInflationMinTwips = nsLayoutUtils::FontSizeInflationMinTwips(); ++ mFontSizeInflationLineThreshold = nsLayoutUtils::FontSizeInflationLineThreshold(); ++ mFontSizeInflationForceEnabled = nsLayoutUtils::FontSizeInflationForceEnabled(); ++ mFontSizeInflationDisabledInMasterProcess = nsLayoutUtils::FontSizeInflationDisabledInMasterProcess(); ++ // We'll compute the font size inflation state in Initialize(), when we know ++ // the document type. + + mTouchManager.Init(this, mDocument); + +@@ -1700,6 +1705,10 @@ PresShell::Initialize(nscoord aWidth, nscoord aHeight) + NS_ASSERTION(!mDidInitialize, "Why are we being called?"); + + nsCOMPtr<nsIPresShell> kungFuDeathGrip(this); ++ ++ RecomputeFontSizeInflationEnabled(); ++ MOZ_DIAGNOSTIC_ASSERT(!mIsDestroying); ++ + mDidInitialize = true; + + #ifdef DEBUG +@@ -1725,6 +1734,7 @@ PresShell::Initialize(nscoord aWidth, nscoord aHeight) + // time we do this! + nsIFrame* rootFrame = mFrameConstructor->GetRootFrame(); + NS_ASSERTION(!rootFrame, "How did that happen, exactly?"); ++ + if (!rootFrame) { + nsAutoScriptBlocker scriptBlocker; + mFrameConstructor->BeginUpdate(); +@@ -4456,11 +4466,6 @@ PresShell::ContentInserted(nsIDocument* aDocument, + nullptr, + nsCSSFrameConstructor::InsertionKind::Async); + +- if (aChild->NodeType() == nsIDOMNode::DOCUMENT_TYPE_NODE) { +- MOZ_ASSERT(container == aDocument); +- NotifyFontSizeInflationEnabledIsDirty(); +- } +- + VERIFY_STYLE_TREE; + } + +@@ -4505,11 +4510,6 @@ PresShell::ContentRemoved(nsIDocument *aDocument, + mFrameConstructor->ContentRemoved(aMaybeContainer, aChild, oldNextSibling, + nsCSSFrameConstructor::REMOVE_CONTENT); + +- if (aChild->NodeType() == nsIDOMNode::DOCUMENT_TYPE_NODE) { +- MOZ_ASSERT(container == aDocument); +- NotifyFontSizeInflationEnabledIsDirty(); +- } +- + VERIFY_STYLE_TREE; + } + +@@ -10701,33 +10701,34 @@ nsIPresShell::SetScrollPositionClampingScrollPortSize(nscoord aWidth, nscoord aH + } + } + +-void +-PresShell::SetupFontInflation() +-{ +- mFontSizeInflationEmPerLine = nsLayoutUtils::FontSizeInflationEmPerLine(); +- mFontSizeInflationMinTwips = nsLayoutUtils::FontSizeInflationMinTwips(); +- mFontSizeInflationLineThreshold = nsLayoutUtils::FontSizeInflationLineThreshold(); +- mFontSizeInflationForceEnabled = nsLayoutUtils::FontSizeInflationForceEnabled(); +- mFontSizeInflationDisabledInMasterProcess = nsLayoutUtils::FontSizeInflationDisabledInMasterProcess(); +- +- NotifyFontSizeInflationEnabledIsDirty(); +-} +- + void + nsIPresShell::RecomputeFontSizeInflationEnabled() + { +- mFontSizeInflationEnabledIsDirty = false; + mFontSizeInflationEnabled = DetermineFontSizeInflationState(); + +- HandleSystemFontScale(); ++ float fontScale = nsLayoutUtils::SystemFontScale(); ++ if (fontScale == 0.0f) { ++ return; ++ } ++ ++ MOZ_ASSERT(mDocument); ++ MOZ_ASSERT(mPresContext); ++ if (mFontSizeInflationEnabled || mDocument->IsSyntheticDocument()) { ++ mPresContext->SetSystemFontScale(1.0f); ++ } else { ++ mPresContext->SetSystemFontScale(fontScale); ++ } + } + + bool + nsIPresShell::DetermineFontSizeInflationState() + { + MOZ_ASSERT(mPresContext, "our pres context should not be null"); +- if ((FontSizeInflationEmPerLine() == 0 && +- FontSizeInflationMinTwips() == 0) || mPresContext->IsChrome()) { ++ if (mPresContext->IsChrome()) { ++ return false; ++ } ++ ++ if (FontSizeInflationEmPerLine() == 0 && FontSizeInflationMinTwips() == 0) { + return false; + } + +@@ -10788,33 +10789,6 @@ nsIPresShell::DetermineFontSizeInflationState() + return true; + } + +-bool +-nsIPresShell::FontSizeInflationEnabled() +-{ +- if (mFontSizeInflationEnabledIsDirty) { +- RecomputeFontSizeInflationEnabled(); +- } +- +- return mFontSizeInflationEnabled; +-} +- +-void +-nsIPresShell::HandleSystemFontScale() +-{ +- float fontScale = nsLayoutUtils::SystemFontScale(); +- if (fontScale == 0.0f) { +- return; +- } +- +- MOZ_ASSERT(mDocument && mPresContext, "our document and pres context should not be null"); +- +- if (!mFontSizeInflationEnabled && !mDocument->IsSyntheticDocument()) { +- mPresContext->SetSystemFontScale(fontScale); +- } else { +- mPresContext->SetSystemFontScale(1.0f); +- } +-} +- + void + PresShell::PausePainting() + { +diff --git layout/base/nsIPresShell.h layout/base/nsIPresShell.h +index 32f4855347d5..3f6be216a60c 100644 +--- layout/base/nsIPresShell.h ++++ layout/base/nsIPresShell.h +@@ -1507,24 +1507,14 @@ public: + return mFontSizeInflationDisabledInMasterProcess; + } + +- /** +- * Determine if font size inflation is enabled. This value is cached until +- * it becomes dirty. +- * +- * @returns true, if font size inflation is enabled; false otherwise. +- */ +- bool FontSizeInflationEnabled(); ++ bool FontSizeInflationEnabled() const { ++ return mFontSizeInflationEnabled; ++ } + + /** +- * Notify the pres shell that an event occurred making the current value of +- * mFontSizeInflationEnabled invalid. This will schedule a recomputation of +- * whether font size inflation is enabled on the next call to +- * FontSizeInflationEnabled(). ++ * Recomputes whether font-size inflation is enabled. + */ +- void NotifyFontSizeInflationEnabledIsDirty() +- { +- mFontSizeInflationEnabledIsDirty = true; +- } ++ void RecomputeFontSizeInflationEnabled(); + + /** + * Return true if the most recent interruptible reflow was interrupted. +@@ -1590,23 +1580,11 @@ protected: + void DoObserveLayoutFlushes(); + + /** +- * Do computations necessary to determine if font size inflation is enabled. +- * This value is cached after computation, as the computation is somewhat +- * expensive. +- */ +- void RecomputeFontSizeInflationEnabled(); +- +- /** +- * Does the actual work of figuring out the current state of font size inflation. ++ * Does the actual work of figuring out the current state of font size ++ * inflation. + */ + bool DetermineFontSizeInflationState(); + +- /** +- * Apply the system font scale from the corresponding pref to the PresContext, +- * taking into account the current state of font size inflation. +- */ +- void HandleSystemFontScale(); +- + void RecordAlloc(void* aPtr) { + #ifdef DEBUG + MOZ_ASSERT(!mAllocatedPointers.Contains(aPtr)); +diff --git layout/base/nsLayoutUtils.cpp layout/base/nsLayoutUtils.cpp +index e1289fd4a6a6..e165588e9c6c 100644 +--- layout/base/nsLayoutUtils.cpp ++++ layout/base/nsLayoutUtils.cpp +@@ -9130,16 +9130,16 @@ MaybeReflowForInflationScreenSizeChange(nsPresContext *aPresContext) + { + if (aPresContext) { + nsIPresShell* presShell = aPresContext->GetPresShell(); +- bool fontInflationWasEnabled = presShell->FontSizeInflationEnabled(); +- presShell->NotifyFontSizeInflationEnabledIsDirty(); ++ const bool fontInflationWasEnabled = presShell->FontSizeInflationEnabled(); ++ presShell->RecomputeFontSizeInflationEnabled(); + bool changed = false; +- if (presShell && presShell->FontSizeInflationEnabled() && ++ if (presShell->FontSizeInflationEnabled() && + presShell->FontSizeInflationMinTwips() != 0) { + aPresContext->ScreenSizeInchesForFontInflation(&changed); + } + + changed = changed || +- (fontInflationWasEnabled != presShell->FontSizeInflationEnabled()); ++ fontInflationWasEnabled != presShell->FontSizeInflationEnabled(); + if (changed) { + nsCOMPtr<nsIDocShell> docShell = aPresContext->GetDocShell(); + if (docShell) { +diff --git layout/base/nsPresContext.cpp layout/base/nsPresContext.cpp +index 2fadaf78a29f..1ce0b492673d 100644 +--- layout/base/nsPresContext.cpp ++++ layout/base/nsPresContext.cpp +@@ -2123,6 +2123,10 @@ nsPresContext::MediaFeatureValuesChanged(nsRestyleHint aRestyleHint, + + mPendingViewportChange = false; + ++ if (!mShell || !mShell->DidInitialize()) { ++ return; ++ } ++ + if (mDocument->IsBeingUsedAsImage()) { + MOZ_ASSERT(mDocument->MediaQueryLists().isEmpty()); + return; +@@ -2130,7 +2134,7 @@ nsPresContext::MediaFeatureValuesChanged(nsRestyleHint aRestyleHint, + + mDocument->NotifyMediaFeatureValuesChanged(); + +- MOZ_ASSERT(nsContentUtils::IsSafeToRunScript()); ++ MOZ_DIAGNOSTIC_ASSERT(nsContentUtils::IsSafeToRunScript()); + + // Media query list listeners should be notified from a queued task + // (in HTML5 terms), although we also want to notify them on certain Added: head/www/waterfox/files/patch-bug1415291 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1415291 Tue Jan 30 00:53:11 2018 (r460354) @@ -0,0 +1,52 @@ +commit 3055196eb5f1 (HEAD) +Author: Luke Wagner <luke@mozilla.com> +Date: Sat Dec 2 12:33:29 2017 -0500 + + Bug 1415291 - Baldr: factor out ToTableIndex(). r=bbouvier, a=gchang +--- + js/src/wasm/WasmJS.cpp | 18 ++++++++++++++++-- + 1 file changed, 16 insertions(+), 2 deletions(-) + +diff --git js/src/wasm/WasmJS.cpp js/src/wasm/WasmJS.cpp +index 1d07b0d065fe..482de9788221 100644 +--- js/src/wasm/WasmJS.cpp ++++ js/src/wasm/WasmJS.cpp +@@ -1694,6 +1694,20 @@ const JSPropertySpec WasmTableObject::properties[] = + JS_PS_END + }; + ++static bool ++ToTableIndex(JSContext* cx, HandleValue v, const Table& table, const char* noun, uint32_t* index) ++{ ++ if (!ToNonWrappingUint32(cx, v, UINT32_MAX, "Table", noun, index)) ++ return false; ++ ++ if (*index >= table.length()) { ++ JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_WASM_BAD_UINT32, "Table", noun); ++ return false; ++ } ++ ++ return true; ++} ++ + /* static */ bool + WasmTableObject::getImpl(JSContext* cx, const CallArgs& args) + { +@@ -1701,7 +1715,7 @@ WasmTableObject::getImpl(JSContext* cx, const CallArgs& args) + const Table& table = tableObj->table(); + + uint32_t index; +- if (!ToNonWrappingUint32(cx, args.get(0), table.length() - 1, "Table", "get index", &index)) ++ if (!ToTableIndex(cx, args.get(0), table, "get index", &index)) + return false; + + ExternalTableElem& elem = table.externalArray()[index]; +@@ -1740,7 +1754,7 @@ WasmTableObject::setImpl(JSContext* cx, const CallArgs& args) + return false; + + uint32_t index; +- if (!ToNonWrappingUint32(cx, args.get(0), table.length() - 1, "Table", "set index", &index)) ++ if (!ToTableIndex(cx, args.get(0), table, "set index", &index)) + return false; + + RootedFunction value(cx); Added: head/www/waterfox/files/patch-bug1415883 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1415883 Tue Jan 30 00:53:11 2018 (r460354) @@ -0,0 +1,44 @@ +commit a4d70f676839 +Author: Jan de Mooij <jdemooij@mozilla.com> +Date: Wed Nov 29 16:03:12 2017 +0100 + + Bug 1415883 - Fix some issues in ShiftFromList. r=arai, a=abillings + + --HG-- + extra : source : 2467d71d0e0de20103ce61cdd221461a48e4591b +--- + js/src/vm/List-inl.h | 4 ++-- + js/src/vm/NativeObject.cpp | 2 ++ + 2 files changed, 4 insertions(+), 2 deletions(-) + +diff --git js/src/builtin/Stream.cpp js/src/builtin/Stream.cpp +index e53f811a02e1..28cafd6c06d6 100644 +--- js/src/builtin/Stream.cpp ++++ js/src/builtin/Stream.cpp +@@ -357,11 +357,11 @@ ShiftFromList(JSContext* cx, HandleNativeObject list) + Rooted<T*> entry(cx, &list->getDenseElement(0).toObject().as<T>()); + if (!list->tryShiftDenseElements(1)) { + list->moveDenseElements(0, 1, length - 1); ++ list->setDenseInitializedLength(length - 1); + list->shrinkElements(cx, length - 1); + } + +- list->setDenseInitializedLength(length - 1); +- ++ MOZ_ASSERT(list->getDenseInitializedLength() == length - 1); + return entry; + } + +diff --git js/src/vm/NativeObject.cpp js/src/vm/NativeObject.cpp +index 780bc74192dc..deab37154af2 100644 +--- js/src/vm/NativeObject.cpp ++++ js/src/vm/NativeObject.cpp +@@ -1000,6 +1000,8 @@ void + NativeObject::shrinkElements(JSContext* cx, uint32_t reqCapacity) + { + MOZ_ASSERT(canHaveNonEmptyElements()); ++ MOZ_ASSERT(reqCapacity >= getDenseInitializedLength()); ++ + if (denseElementsAreCopyOnWrite()) + MOZ_CRASH(); + Added: head/www/waterfox/files/patch-bug1417661 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1417661 Tue Jan 30 00:53:11 2018 (r460354) @@ -0,0 +1,37 @@ +commit ad9b162b2a97 +Author: Emilio Cobos Álvarez <emilio@crisal.io> +Date: Tue Nov 28 19:27:49 2017 +0100 + + Bug 1417661 - Use the correct parent style for inheriting from first-letter if the container is an anonymous box. r=bz, a=gchang + + MozReview-Commit-ID: 1B7DrAVa274 + + --HG-- + extra : source : 2be23298d4872b9d1677b6014683f554d857966f +--- + layout/base/nsCSSFrameConstructor.cpp | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git layout/base/nsCSSFrameConstructor.cpp layout/base/nsCSSFrameConstructor.cpp +index f9994b31e649..0da45cc33544 100644 +--- layout/base/nsCSSFrameConstructor.cpp ++++ layout/base/nsCSSFrameConstructor.cpp +@@ -11666,13 +11666,15 @@ nsCSSFrameConstructor::CreateLetterFrame(nsContainerFrame* aBlockFrame, + + if (sc) { + if (sc->IsServo() && parentFrame->IsLineFrame()) { +- ServoStyleContext* parentStyleIgnoringFirstLine = +- aBlockFrame->StyleContext()->AsServo(); ++ nsIFrame* parentIgnoringFirstLine = ++ nsFrame::CorrectStyleParentFrame(aBlockFrame, ++ nsCSSPseudoElements::firstLetter); ++ + sc = + mPresShell->StyleSet()->AsServo()->ReparentStyleContext( + sc->AsServo(), + parentStyleContext->AsServo(), +- parentStyleIgnoringFirstLine, ++ parentIgnoringFirstLine->StyleContext()->AsServo(), + parentStyleContext->AsServo(), + blockContent->AsElement()); + } Added: head/www/waterfox/files/patch-bug1418894 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1418894 Tue Jan 30 00:53:11 2018 (r460354) @@ -0,0 +1,244 @@ +commit 408a8eddca66 +Author: Ted Campbell <tcampbell@mozilla.com> +Date: Tue Nov 28 22:52:34 2017 -0500 + + Bug 1418894 - Use marker values in XDR data to detect corruption. r=nbp a=gchang + + MozReview-Commit-ID: D6PxPBdgtPP + + --HG-- + extra : source : 3c5cc7786d922c70b937d1dbe57f0ce700c39551 +--- + js/src/jsfun.cpp | 4 ++++ + js/src/jsscript.cpp | 10 ++++++++++ + js/src/vm/Xdr.h | 12 ++++++++++++ + 3 files changed, 26 insertions(+) + +diff --git js/src/jsfun.cpp js/src/jsfun.cpp +index 234d0cc3438c..5a461c9230eb 100644 +--- js/src/jsfun.cpp ++++ js/src/jsfun.cpp +@@ -682,6 +682,10 @@ js::XDRInterpretedFunction(XDRState<mode>* xdr, HandleScope enclosingScope, + objp.set(fun); + } + ++ // Verify marker at end of function to detect buffer trunction. ++ if (!xdr->codeMarker(0x9E35CA1F)) ++ return false; ++ + return true; + } + +diff --git js/src/jsscript.cpp js/src/jsscript.cpp +index 1b31a0639644..88d6c7bc75b6 100644 +--- js/src/jsscript.cpp ++++ js/src/jsscript.cpp +@@ -808,6 +808,11 @@ js::XDRScript(XDRState<mode>* xdr, HandleScope scriptEnclosingScope, + if (mode == XDR_DECODE) + vector[i].init(scope); + } ++ ++ // Verify marker to detect data corruption after decoding scope data. A ++ // mismatch here indicates we will almost certainly crash in release. ++ if (!xdr->codeMarker(0x48922BAB)) ++ return false; + } + + /* +@@ -900,6 +905,11 @@ js::XDRScript(XDRState<mode>* xdr, HandleScope scriptEnclosingScope, + } + } + ++ // Verify marker to detect data corruption after decoding object data. A ++ // mismatch here indicates we will almost certainly crash in release. ++ if (!xdr->codeMarker(0xF83B989A)) ++ return false; ++ + if (ntrynotes != 0) { + JSTryNote* tnfirst = script->trynotes()->vector; + MOZ_ASSERT(script->trynotes()->length == ntrynotes); +diff --git js/src/vm/Xdr.h js/src/vm/Xdr.h +index 18fa1af8ab5b..0a6cbf01b50f 100644 +--- js/src/vm/Xdr.h ++++ js/src/vm/Xdr.h +@@ -307,6 +307,18 @@ class XDRState : public XDRCoderBase + return true; + } + ++ bool codeMarker(uint32_t magic) { ++ uint32_t actual = magic; ++ if (!codeUint32(&actual)) ++ return false; ++ if (actual != magic) { ++ // Fail in debug, but only soft-fail in release ++ MOZ_ASSERT(false, "Bad XDR marker"); ++ return fail(JS::TranscodeResult_Failure_BadDecode); ++ } ++ return true; ++ } ++ + bool codeBytes(void* bytes, size_t len) { + if (len == 0) + return true; + +commit 885c19e8e675 +Author: Ted Campbell <tcampbell@mozilla.com> +Date: Tue Nov 28 23:01:49 2017 -0500 + + Bug 1418894 - Harden XDR data decoding. r=nbp a=gchang + + This patch adds better error detection to XDR decoding to reduce memory + corruption in the event that XDR data is corrupt (which is not + *supposed* to happen). + + Add missing default cases. Make out-of-range values fail the decode by + asserting in debug, and returning a TranscodeError in release. Mix a + magic value into enum value before transcoding to buffer (to reduce + chance of garbage data being decoded). + + MozReview-Commit-ID: 1wPkho9dm8c + + --HG-- + extra : source : 484499ffcbbad636a904832cc90c56c016ad4582 +--- + js/src/jsapi.h | 2 +- + js/src/jsscript.cpp | 40 ++++++++++++++++++++++------------------ + js/src/shell/js.cpp | 4 ++-- + js/src/vm/Xdr.h | 8 ++++++-- + 4 files changed, 31 insertions(+), 23 deletions(-) + +diff --git js/src/jsapi.h js/src/jsapi.h +index 323396025b7a..c43a4c693778 100644 +--- js/src/jsapi.h ++++ js/src/jsapi.h +@@ -6420,7 +6420,7 @@ enum TranscodeResult + TranscodeResult_Failure_BadBuildId = TranscodeResult_Failure | 0x1, + TranscodeResult_Failure_RunOnceNotSupported = TranscodeResult_Failure | 0x2, + TranscodeResult_Failure_AsmJSNotSupported = TranscodeResult_Failure | 0x3, +- TranscodeResult_Failure_UnknownClassKind = TranscodeResult_Failure | 0x4, ++ TranscodeResult_Failure_BadDecode = TranscodeResult_Failure | 0x4, + TranscodeResult_Failure_WrongCompileOption = TranscodeResult_Failure | 0x5, + TranscodeResult_Failure_NotInterpretedFun = TranscodeResult_Failure | 0x6, + +diff --git js/src/jsscript.cpp js/src/jsscript.cpp +index eff03d909353..1b31a0639644 100644 +--- js/src/jsscript.cpp ++++ js/src/jsscript.cpp +@@ -92,24 +92,19 @@ js::XDRScriptConst(XDRState<mode>* xdr, MutableHandleValue vp) + { + JSContext* cx = xdr->cx(); + +- /* +- * A script constant can be an arbitrary primitive value as they are used +- * to implement JSOP_LOOKUPSWITCH. But they cannot be objects, see +- * bug 407186. +- */ + enum ConstTag { +- SCRIPT_INT = 0, +- SCRIPT_DOUBLE = 1, +- SCRIPT_ATOM = 2, +- SCRIPT_TRUE = 3, +- SCRIPT_FALSE = 4, +- SCRIPT_NULL = 5, +- SCRIPT_OBJECT = 6, +- SCRIPT_VOID = 7, +- SCRIPT_HOLE = 8 ++ SCRIPT_INT, ++ SCRIPT_DOUBLE, ++ SCRIPT_ATOM, ++ SCRIPT_TRUE, ++ SCRIPT_FALSE, ++ SCRIPT_NULL, ++ SCRIPT_OBJECT, ++ SCRIPT_VOID, ++ SCRIPT_HOLE + }; + +- uint32_t tag; ++ ConstTag tag; + if (mode == XDR_ENCODE) { + if (vp.isInt32()) { + tag = SCRIPT_INT; +@@ -133,7 +128,7 @@ js::XDRScriptConst(XDRState<mode>* xdr, MutableHandleValue vp) + } + } + +- if (!xdr->codeUint32(&tag)) ++ if (!xdr->codeEnum32(&tag)) + return false; + + switch (tag) { +@@ -199,6 +194,10 @@ js::XDRScriptConst(XDRState<mode>* xdr, MutableHandleValue vp) + if (mode == XDR_DECODE) + vp.setMagic(JS_ELEMENTS_HOLE); + break; ++ default: ++ // Fail in debug, but only soft-fail in release ++ MOZ_ASSERT(false, "Bad XDR value kind"); ++ return xdr->fail(JS::TranscodeResult_Failure_BadDecode); + } + return true; + } +@@ -800,6 +799,10 @@ js::XDRScript(XDRState<mode>* xdr, HandleScope scriptEnclosingScope, + case ScopeKind::WasmFunction: + MOZ_CRASH("wasm functions cannot be nested in JSScripts"); + break; ++ default: ++ // Fail in debug, but only soft-fail in release ++ MOZ_ASSERT(false, "Bad XDR scope kind"); ++ return xdr->fail(JS::TranscodeResult_Failure_BadDecode); + } + + if (mode == XDR_DECODE) +@@ -890,8 +893,9 @@ js::XDRScript(XDRState<mode>* xdr, HandleScope scriptEnclosingScope, + } + + default: { +- MOZ_ASSERT(false, "Unknown class kind."); +- return xdr->fail(JS::TranscodeResult_Failure_UnknownClassKind); ++ // Fail in debug, but only soft-fail in release ++ MOZ_ASSERT(false, "Bad XDR class kind"); ++ return xdr->fail(JS::TranscodeResult_Failure_BadDecode); + } + } + } +diff --git js/src/shell/js.cpp js/src/shell/js.cpp +index 16ee93bc66a8..1f5afb04e1f8 100644 +--- js/src/shell/js.cpp ++++ js/src/shell/js.cpp +@@ -1519,9 +1519,9 @@ ConvertTranscodeResultToJSException(JSContext* cx, JS::TranscodeResult rv) + MOZ_ASSERT(!cx->isExceptionPending()); + JS_ReportErrorASCII(cx, "Asm.js is not supported by XDR"); + return false; +- case JS::TranscodeResult_Failure_UnknownClassKind: ++ case JS::TranscodeResult_Failure_BadDecode: + MOZ_ASSERT(!cx->isExceptionPending()); +- JS_ReportErrorASCII(cx, "Unknown class kind, go fix it."); ++ JS_ReportErrorASCII(cx, "XDR data corruption"); + return false; + case JS::TranscodeResult_Failure_WrongCompileOption: + MOZ_ASSERT(!cx->isExceptionPending()); +diff --git js/src/vm/Xdr.h js/src/vm/Xdr.h +index e88968b9a4c0..18fa1af8ab5b 100644 +--- js/src/vm/Xdr.h ++++ js/src/vm/Xdr.h +@@ -279,13 +279,17 @@ class XDRState : public XDRCoderBase + template <typename T> + bool codeEnum32(T* val, typename mozilla::EnableIf<mozilla::IsEnum<T>::value, T>::Type * = NULL) + { ++ // Mix the enumeration value with a random magic number, such that a ++ // corruption with a low-ranged value (like 0) is less likely to cause a ++ // miss-interpretation of the XDR content and instead cause a failure. ++ const uint32_t MAGIC = 0x21AB218C; + uint32_t tmp; + if (mode == XDR_ENCODE) +- tmp = uint32_t(*val); ++ tmp = uint32_t(*val) ^ MAGIC; + if (!codeUint32(&tmp)) + return false; + if (mode == XDR_DECODE) +- *val = T(tmp); ++ *val = T(tmp ^ MAGIC); + return true; + } + Added: head/www/waterfox/files/patch-bug1423770 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1423770 Tue Jan 30 00:53:11 2018 (r460354) @@ -0,0 +1,44 @@ +commit 2506c20ded5b +Author: Alex Chronopoulos <achronop@gmail.com> +Date: Wed Dec 20 09:21:40 2017 -0500 + + Bug 1423770. r=padenot, a=jcristau + + --HG-- + extra : rebase_source : 6c9ad483fe1ef89966e1a2a1fac8a9bdb8bf43c8 +--- + media/webrtc/signaling/src/mediapipeline/MediaPipeline.cpp | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git media/webrtc/signaling/src/mediapipeline/MediaPipeline.cpp media/webrtc/signaling/src/mediapipeline/MediaPipeline.cpp +index 5c2bcd16d017..2bb7203f85bd 100644 +--- media/webrtc/signaling/src/mediapipeline/MediaPipeline.cpp ++++ media/webrtc/signaling/src/mediapipeline/MediaPipeline.cpp +@@ -518,6 +518,7 @@ public: + packetizer_->Channels() != outputChannels) { + // It's ok to drop the audio still in the packetizer here. + packetizer_ = new AudioPacketizer<int16_t, int16_t>(audio_10ms, outputChannels); ++ packet_ = MakeUnique<int16_t[]>(audio_10ms * outputChannels); + } + + packetizer_->Input(samples, chunk.mDuration); +@@ -525,8 +526,8 @@ public: + while (packetizer_->PacketsAvailable()) { + uint32_t samplesPerPacket = packetizer_->PacketSize() * + packetizer_->Channels(); +- packetizer_->Output(packet_); +- mConduit->SendAudioFrame(packet_, samplesPerPacket, rate, 0); ++ packetizer_->Output(packet_.get()); ++ mConduit->SendAudioFrame(packet_.get(), samplesPerPacket, rate, 0); + } + } + +@@ -555,7 +556,7 @@ protected: + // Only accessed on mThread + nsAutoPtr<AudioPacketizer<int16_t, int16_t>> packetizer_; + // A buffer to hold a single packet of audio. +- int16_t packet_[AUDIO_SAMPLE_BUFFER_MAX_BYTES / sizeof(int16_t)]; ++ UniquePtr<int16_t[]> packet_; + }; + + static char kDTLSExporterLabel[] = "EXTRACTOR-dtls_srtp"; Added: head/www/waterfox/files/patch-bug1425267 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1425267 Tue Jan 30 00:53:11 2018 (r460354) @@ -0,0 +1,55 @@ +commit d60383c31a25 +Author: Shane Caraveo <scaraveo@mozilla.com> +Date: Thu Dec 21 15:18:26 2017 -0800 + + Bug 1425267 fix url param schema for launchWebAuthFlow, r=rpl a=gchang + + --HG-- + extra : source : 0c4f3b8d311e4751dafc00d689c3bf07f17c15dd +--- + toolkit/components/extensions/schemas/identity.json | 4 ++-- + .../components/extensions/test/mochitest/test_ext_identity.html | 9 +++++++-- + 2 files changed, 9 insertions(+), 4 deletions(-) + +diff --git toolkit/components/extensions/schemas/identity.json toolkit/components/extensions/schemas/identity.json +index 308687ce8c83..97b8a57f379c 100644 +--- toolkit/components/extensions/schemas/identity.json ++++ toolkit/components/extensions/schemas/identity.json +@@ -162,7 +162,7 @@ + "name": "details", + "type": "object", + "properties": { +- "url": {"type": "string"}, ++ "url": {"$ref": "manifest.HttpURL"}, + "interactive": {"type": "boolean", "optional": true} + } + }, +@@ -185,7 +185,7 @@ + "description": "Generates a redirect URL to be used in |launchWebAuthFlow|.", + "parameters": [ + { +- "name": " path", ++ "name": "path", + "type": "string", + "default": "", + "optional": true, +diff --git toolkit/components/extensions/test/mochitest/test_chrome_ext_identity.html toolkit/components/extensions/test/mochitest/test_chrome_ext_identity.html +index adf67b6ffe59..278223896749 100644 +--- toolkit/components/extensions/test/mochitest/test_chrome_ext_identity.html ++++ toolkit/components/extensions/test/mochitest/test_chrome_ext_identity.html +@@ -78,8 +78,13 @@ add_task(async function test_badAuthURI() { + ], + }, + async background() { +- await browser.test.assertRejects(browser.identity.launchWebAuthFlow({interactive: true, url: "foobar"}), +- "details.url is invalid", "invalid param url"); ++ for (let url of ["foobar", "about:addons", "about:blank", "ftp://example.com/test"]) { ++ await browser.test.assertThrows( ++ () => { browser.identity.launchWebAuthFlow({interactive: true, url}); }, ++ /Type error for parameter details/, ++ "details.url is invalid"); ++ } ++ + browser.test.sendMessage("done"); + }, + }); Added: head/www/waterfox/files/patch-bug730495 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug730495 Tue Jan 30 00:53:11 2018 (r460354) @@ -0,0 +1,545 @@ +commit 47d3b3ac0b24 +Author: Kai Engert <kaie@kuix.de> +Date: Fri Sep 29 13:25:06 2017 +0200 + + Bug 730495, guarantee that sqlite3_config is called before any other SQLite function, r=asuth, r=froydnj, r=mak +--- + security/manager/ssl/nsNSSComponent.cpp | 9 -- + storage/TelemetryVFS.cpp | 7 +- + storage/mozStorageConnection.cpp | 8 +- + storage/mozStorageService.cpp | 149 +--------------------------- + toolkit/xre/AutoSQLiteLifetime.cpp | 167 ++++++++++++++++++++++++++++++++ + toolkit/xre/AutoSQLiteLifetime.h | 24 +++++ + toolkit/xre/Bootstrap.cpp | 4 + + toolkit/xre/moz.build | 3 +- + 8 files changed, 212 insertions(+), 159 deletions(-) + +diff --git security/manager/ssl/nsNSSComponent.cpp security/manager/ssl/nsNSSComponent.cpp +index 8c250e15eed1..a5749a0c69c5 100644 +--- security/manager/ssl/nsNSSComponent.cpp ++++ security/manager/ssl/nsNSSComponent.cpp +@@ -13,7 +13,6 @@ + #include "SharedSSLState.h" + #include "cert.h" + #include "certdb.h" +-#include "mozStorageCID.h" + #include "mozilla/ArrayUtils.h" + #include "mozilla/Assertions.h" + #include "mozilla/Casting.h" +@@ -2263,14 +2262,6 @@ nsNSSComponent::Init() + return NS_ERROR_NOT_AVAILABLE; + } + +- // To avoid a sqlite3_config race in NSS init, as a workaround for +- // bug 730495, we require the storage service to get initialized first. +- nsCOMPtr<nsISupports> storageService = +- do_GetService(MOZ_STORAGE_SERVICE_CONTRACTID); *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201801300053.w0U0rBYq099895>