Date: Mon, 27 Nov 2017 18:00:24 +0000 (UTC) From: Jan Beich <jbeich@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r454980 - in branches/2017Q4/www/firefox: . files Message-ID: <201711271800.vARI0OZ2080545@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jbeich Date: Mon Nov 27 18:00:23 2017 New Revision: 454980 URL: https://svnweb.freebsd.org/changeset/ports/454980 Log: MFH: r454000 r454192 www/firefox: backport FF57+ fixes No time to track down upstream commits for https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384615,1386490,1393840,1403716 PR: 222859 Security: f78eac48-c3d1-4666-8de5-63ceea25a578 Approved by: ports-secteam (feld, swills) Added: branches/2017Q4/www/firefox/files/patch-a-bug1399540 - copied unchanged from r454192, head/www/firefox/files/patch-a-bug1399540 branches/2017Q4/www/firefox/files/patch-bug1261175 - copied unchanged from r454000, head/www/firefox/files/patch-bug1261175 branches/2017Q4/www/firefox/files/patch-bug1325923 - copied unchanged from r454192, head/www/firefox/files/patch-bug1325923 branches/2017Q4/www/firefox/files/patch-bug1343147 - copied unchanged from r454000, head/www/firefox/files/patch-bug1343147 branches/2017Q4/www/firefox/files/patch-bug1355576 - copied unchanged from r454000, head/www/firefox/files/patch-bug1355576 branches/2017Q4/www/firefox/files/patch-bug1365894 - copied unchanged from r454192, head/www/firefox/files/patch-bug1365894 branches/2017Q4/www/firefox/files/patch-bug1366420 - copied unchanged from r454192, head/www/firefox/files/patch-bug1366420 branches/2017Q4/www/firefox/files/patch-bug1369561 - copied unchanged from r454000, head/www/firefox/files/patch-bug1369561 branches/2017Q4/www/firefox/files/patch-bug1370497 - copied unchanged from r454192, head/www/firefox/files/patch-bug1370497 branches/2017Q4/www/firefox/files/patch-bug1375146 - copied unchanged from r454000, head/www/firefox/files/patch-bug1375146 branches/2017Q4/www/firefox/files/patch-bug1377587 - copied unchanged from r454192, head/www/firefox/files/patch-bug1377587 branches/2017Q4/www/firefox/files/patch-bug1381761 - copied unchanged from r454192, head/www/firefox/files/patch-bug1381761 branches/2017Q4/www/firefox/files/patch-bug1383019 - copied unchanged from r454192, head/www/firefox/files/patch-bug1383019 branches/2017Q4/www/firefox/files/patch-bug1384121 - copied unchanged from r454192, head/www/firefox/files/patch-bug1384121 branches/2017Q4/www/firefox/files/patch-bug1387799 - copied unchanged from r454000, head/www/firefox/files/patch-bug1387799 branches/2017Q4/www/firefox/files/patch-bug1387811 - copied unchanged from r454192, head/www/firefox/files/patch-bug1387811 branches/2017Q4/www/firefox/files/patch-bug1387845 - copied unchanged from r454192, head/www/firefox/files/patch-bug1387845 branches/2017Q4/www/firefox/files/patch-bug1394031 - copied unchanged from r454192, head/www/firefox/files/patch-bug1394031 branches/2017Q4/www/firefox/files/patch-bug1394265 - copied unchanged from r454000, head/www/firefox/files/patch-bug1394265 branches/2017Q4/www/firefox/files/patch-bug1394530 - copied unchanged from r454000, head/www/firefox/files/patch-bug1394530 branches/2017Q4/www/firefox/files/patch-bug1395138 - copied unchanged from r454000, head/www/firefox/files/patch-bug1395138 branches/2017Q4/www/firefox/files/patch-bug1397811 - copied unchanged from r454000, head/www/firefox/files/patch-bug1397811 branches/2017Q4/www/firefox/files/patch-bug1399922 - copied unchanged from r454192, head/www/firefox/files/patch-bug1399922 branches/2017Q4/www/firefox/files/patch-bug1400003 - copied unchanged from r454000, head/www/firefox/files/patch-bug1400003 branches/2017Q4/www/firefox/files/patch-bug1400554 - copied unchanged from r454000, head/www/firefox/files/patch-bug1400554 branches/2017Q4/www/firefox/files/patch-bug1401339 - copied unchanged from r454192, head/www/firefox/files/patch-bug1401339 branches/2017Q4/www/firefox/files/patch-bug1401804 - copied unchanged from r454000, head/www/firefox/files/patch-bug1401804 branches/2017Q4/www/firefox/files/patch-bug1402363 - copied unchanged from r454192, head/www/firefox/files/patch-bug1402363 branches/2017Q4/www/firefox/files/patch-bug1402442 - copied unchanged from r454000, head/www/firefox/files/patch-bug1402442 branches/2017Q4/www/firefox/files/patch-bug1402876 - copied unchanged from r454192, head/www/firefox/files/patch-bug1402876 branches/2017Q4/www/firefox/files/patch-bug1402896 - copied unchanged from r454192, head/www/firefox/files/patch-bug1402896 branches/2017Q4/www/firefox/files/patch-bug1402966 - copied unchanged from r454192, head/www/firefox/files/patch-bug1402966 branches/2017Q4/www/firefox/files/patch-bug1403646 - copied unchanged from r454192, head/www/firefox/files/patch-bug1403646 branches/2017Q4/www/firefox/files/patch-bug1404324 - copied unchanged from r454000, head/www/firefox/files/patch-bug1404324 branches/2017Q4/www/firefox/files/patch-bug1404636 - copied unchanged from r454000, head/www/firefox/files/patch-bug1404636 branches/2017Q4/www/firefox/files/patch-bug1404910 - copied unchanged from r454000, head/www/firefox/files/patch-bug1404910 branches/2017Q4/www/firefox/files/patch-bug1406154 - copied unchanged from r454192, head/www/firefox/files/patch-bug1406154 branches/2017Q4/www/firefox/files/patch-bug1406398 - copied unchanged from r454000, head/www/firefox/files/patch-bug1406398 branches/2017Q4/www/firefox/files/patch-bug1406750 - copied unchanged from r454000, head/www/firefox/files/patch-bug1406750 branches/2017Q4/www/firefox/files/patch-bug1407032 - copied unchanged from r454192, head/www/firefox/files/patch-bug1407032 branches/2017Q4/www/firefox/files/patch-bug1407375 - copied unchanged from r454000, head/www/firefox/files/patch-bug1407375 branches/2017Q4/www/firefox/files/patch-bug1407740 - copied unchanged from r454000, head/www/firefox/files/patch-bug1407740 branches/2017Q4/www/firefox/files/patch-bug1407751 - copied unchanged from r454000, head/www/firefox/files/patch-bug1407751 branches/2017Q4/www/firefox/files/patch-bug1408005 - copied unchanged from r454000, head/www/firefox/files/patch-bug1408005 branches/2017Q4/www/firefox/files/patch-bug1408412 - copied unchanged from r454000, head/www/firefox/files/patch-bug1408412 branches/2017Q4/www/firefox/files/patch-bug1408782 - copied unchanged from r454192, head/www/firefox/files/patch-bug1408782 branches/2017Q4/www/firefox/files/patch-bug1408990 - copied unchanged from r454000, head/www/firefox/files/patch-bug1408990 branches/2017Q4/www/firefox/files/patch-bug1411458 - copied unchanged from r454000, head/www/firefox/files/patch-bug1411458 branches/2017Q4/www/firefox/files/patch-bug1412252 - copied unchanged from r454000, head/www/firefox/files/patch-bug1412252 Modified: branches/2017Q4/www/firefox/Makefile Directory Properties: branches/2017Q4/ (props changed) Modified: branches/2017Q4/www/firefox/Makefile ============================================================================== --- branches/2017Q4/www/firefox/Makefile Mon Nov 27 17:51:55 2017 (r454979) +++ branches/2017Q4/www/firefox/Makefile Mon Nov 27 18:00:23 2017 (r454980) @@ -4,7 +4,7 @@ PORTNAME= firefox DISTVERSION= 56.0.2 DISTVERSIONSUFFIX=.source -PORTREVISION= 6 +PORTREVISION= 10 PORTEPOCH= 1 CATEGORIES= www ipv6 MASTER_SITES= MOZILLA/${PORTNAME}/releases/${DISTVERSION}/source \ Copied: branches/2017Q4/www/firefox/files/patch-a-bug1399540 (from r454192, head/www/firefox/files/patch-a-bug1399540) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2017Q4/www/firefox/files/patch-a-bug1399540 Mon Nov 27 18:00:23 2017 (r454980, copy of r454192, head/www/firefox/files/patch-a-bug1399540) @@ -0,0 +1,148 @@ +commit 99ad73e4743d +Author: Jonathan Kew <jkew@mozilla.com> +Date: Sat Sep 16 11:49:47 2017 +0100 + + Bug 1399540 - patch 1 - Failure to decode an individual label within the IDN should not block decoding of other valid punycode labels. r=valentin +--- + netwerk/dns/nsIDNService.cpp | 25 ++++++++++++++++--------- + 1 file changed, 16 insertions(+), 9 deletions(-) + +diff --git netwerk/dns/nsIDNService.cpp netwerk/dns/nsIDNService.cpp +index 9cc8fdcf6fa1..3adcddf654e1 100644 +--- netwerk/dns/nsIDNService.cpp ++++ netwerk/dns/nsIDNService.cpp +@@ -300,6 +300,10 @@ nsresult nsIDNService::ACEtoUTF8(const nsACString & input, nsACString & _retval, + // RFC 3490 - 4.2 ToUnicode + // ToUnicode never fails. If any step fails, then the original input + // sequence is returned immediately in that step. ++ // ++ // Note that this refers to the decoding of a single label. ++ // ACEtoUTF8 may be called with a sequence of labels separated by dots; ++ // this test applies individually to each label. + + uint32_t len = 0, offset = 0; + nsAutoCString decodedBuf; +@@ -313,13 +317,15 @@ nsresult nsIDNService::ACEtoUTF8(const nsACString & input, nsACString & _retval, + while (start != end) { + len++; + if (*start++ == '.') { +- if (NS_FAILED(decodeACE(Substring(input, offset, len - 1), decodedBuf, +- flag))) { +- _retval.Assign(input); +- return NS_OK; ++ nsDependentCSubstring origLabel(input, offset, len - 1); ++ if (NS_FAILED(decodeACE(origLabel, decodedBuf, flag))) { ++ // If decoding failed, use the original input sequence ++ // for this label. ++ _retval.Append(origLabel); ++ } else { ++ _retval.Append(decodedBuf); + } + +- _retval.Append(decodedBuf); + _retval.Append('.'); + offset += len; + len = 0; +@@ -327,11 +333,12 @@ nsresult nsIDNService::ACEtoUTF8(const nsACString & input, nsACString & _retval, + } + // decode the last node + if (len) { +- if (NS_FAILED(decodeACE(Substring(input, offset, len), decodedBuf, +- flag))) +- _retval.Assign(input); +- else ++ nsDependentCSubstring origLabel(input, offset, len); ++ if (NS_FAILED(decodeACE(origLabel, decodedBuf, flag))) { ++ _retval.Append(origLabel); ++ } else { + _retval.Append(decodedBuf); ++ } + } + + return NS_OK; + +commit eddd7a4f4eae +Author: Jonathan Kew <jkew@mozilla.com> +Date: Sat Sep 16 11:49:56 2017 +0100 + + Bug 1399540 - patch 2 - Handle invalid punycode better in stringPrep to avoid mangling display of fake-punycode labels. r=valentin +--- + netwerk/dns/nsIDNService.cpp | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +diff --git netwerk/dns/nsIDNService.cpp netwerk/dns/nsIDNService.cpp +index 3adcddf654e1..4c45a2d52e45 100644 +--- netwerk/dns/nsIDNService.cpp ++++ netwerk/dns/nsIDNService.cpp +@@ -222,7 +222,15 @@ nsIDNService::IDNA2008StringPrep(const nsAString& input, + } + NS_ENSURE_SUCCESS(rv, rv); + +- // Output the result of nameToUnicode even if there were errors ++ // Output the result of nameToUnicode even if there were errors. ++ // But in the case of invalid punycode, the uidna_labelToUnicode result ++ // appears to get an appended U+FFFD REPLACEMENT CHARACTER, which will ++ // confuse our subsequent processing, so we drop that. ++ // (https://bugzilla.mozilla.org/show_bug.cgi?id=1399540#c9) ++ if ((info.errors & UIDNA_ERROR_PUNYCODE) && ++ outLen > 0 && outputBuffer[outLen - 1] == 0xfffd) { ++ --outLen; ++ } + ICUUtils::AssignUCharArrayToString(outputBuffer, outLen, output); + + if (flag == eStringPrepIgnoreErrors) { + +commit 2a3883ef55d2 +Author: Jonathan Kew <jkew@mozilla.com> +Date: Sat Sep 16 11:50:08 2017 +0100 + + Bug 1399540 - Add some IDN testcases with mixed punycode and non-punycode labels. r=valentin +--- + netwerk/test/unit/test_idn_urls.js | 25 ++++++++++++++++--------- + 1 file changed, 16 insertions(+), 9 deletions(-) + +diff --git netwerk/test/unit/test_idn_urls.js netwerk/test/unit/test_idn_urls.js +index 358854093f65..0d8cf3216293 100644 +--- netwerk/test/unit/test_idn_urls.js ++++ netwerk/test/unit/test_idn_urls.js +@@ -286,10 +286,17 @@ const testcases = [ + // Thai (also tests that node with over 63 UTF-8 octets doesn't fail) + ["เครื่องทําน้ําทําน้ําแข็ง", + "xn--22cdjb2fanb9fyepcbbb9dwh4a3igze4fdcd", +- false, true, true] ++ false, true, true], ++ ++ // Effect of adding valid or invalid subdomains (bug 1399540) ++ ["䕮䕵䕶䕱.ascii", "xn--google.ascii", false, true, true], ++ ["ascii.䕮䕵䕶䕱", "ascii.xn--google", false, true, true], ++ ["中国123.䕮䕵䕶䕱", "xn--123-u68dy61b.xn--google", false, true, true], ++ ["䕮䕵䕶䕱.中国123", "xn--google.xn--123-u68dy61b", false, true, true], ++ ["xn--accountlogin.䕮䕵䕶䕱", "xn--accountlogin.xn--google", false, true, true], ++ ["䕮䕵䕶䕱.xn--accountlogin", "xn--google.xn--accountlogin", false, true, true], + ]; + +- + const profiles = ["ASCII", "high", "moderate"]; + + function run_test() { +@@ -311,13 +318,13 @@ function run_test() { + var expectedUnicode = test[2 + i]; + var isASCII = {}; + +- var result; +- try { +- result = idnService.convertToDisplayIDN(URL, isASCII); +- } catch(e) { +- result = ".com"; +- } +- if (punycodeURL.substr(0, 4) == "xn--") { ++ var result; ++ try { ++ result = idnService.convertToDisplayIDN(URL, isASCII); ++ } catch(e) { ++ result = ".com"; ++ } ++ if (punycodeURL.substr(0, 4) == "xn--" || punycodeURL.indexOf(".xn--") > 0) { + // test convertToDisplayIDN with a Unicode URL and with a + // Punycode URL if we have one + do_check_eq(escape(result), Copied: branches/2017Q4/www/firefox/files/patch-bug1261175 (from r454000, head/www/firefox/files/patch-bug1261175) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2017Q4/www/firefox/files/patch-bug1261175 Mon Nov 27 18:00:23 2017 (r454980, copy of r454000, head/www/firefox/files/patch-bug1261175) @@ -0,0 +1,25 @@ +commit deccfad4c8ba +Author: Matt Woodrow <mwoodrow@mozilla.com> +Date: Thu Oct 12 13:10:27 2017 +1300 + + Bug 1261175. r=tnikkel, a=ritu + + --HG-- + extra : source : 8281ed36bd4946af69af747b199814cc1a51fb52 +--- + view/nsViewManager.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git view/nsViewManager.cpp view/nsViewManager.cpp +index f3540f3478da..230512c0dcc0 100644 +--- view/nsViewManager.cpp ++++ view/nsViewManager.cpp +@@ -100,7 +100,7 @@ nsViewManager::~nsViewManager() + gViewManagers = nullptr; + } + +- mPresShell = nullptr; ++ MOZ_RELEASE_ASSERT(!mPresShell, "Releasing nsViewManager without having called Destroy on the PresShell!"); + } + + // We don't hold a reference to the presentation context because it Copied: branches/2017Q4/www/firefox/files/patch-bug1325923 (from r454192, head/www/firefox/files/patch-bug1325923) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2017Q4/www/firefox/files/patch-bug1325923 Mon Nov 27 18:00:23 2017 (r454980, copy of r454192, head/www/firefox/files/patch-bug1325923) @@ -0,0 +1,121 @@ +commit d9ad239a35bf +Author: Blake Kaplan <mrbkap@gmail.com> +Date: Wed Aug 16 16:39:32 2017 -0700 + + Bug 1325923 - Implement the "cookie averse document" concept. r=Ehsan + + See https://html.spec.whatwg.org/multipage/dom.html#resource-metadata-management:cookie-averse-document-object + + MozReview-Commit-ID: GndxqhU77cS +--- + dom/base/nsIDocument.h | 28 ++++++++++++++++++++++++++++ + 1 file changed, 28 insertions(+) + +diff --git dom/base/nsIDocument.h dom/base/nsIDocument.h +index e834f5785cad..921e03e107d1 100644 +--- dom/base/nsIDocument.h ++++ dom/base/nsIDocument.h +@@ -2073,6 +2073,34 @@ public: + return mMarkedCCGeneration; + } + ++ /** ++ * Returns whether this document is cookie averse. See ++ * https://html.spec.whatwg.org/multipage/dom.html#cookie-averse-document-object ++ */ ++ bool IsCookieAverse() const ++ { ++ // If we are a document that "has no browsing context." ++ if (!GetInnerWindow()) { ++ return true; ++ } ++ ++ // If we are a document "whose URL's scheme is not a network scheme." ++ // NB: Explicitly allow file: URIs to store cookies. ++ nsCOMPtr<nsIURI> codebaseURI; ++ NodePrincipal()->GetURI(getter_AddRefs(codebaseURI)); ++ ++ if (!codebaseURI) { ++ return true; ++ } ++ ++ nsAutoCString scheme; ++ codebaseURI->GetScheme(scheme); ++ return !scheme.EqualsLiteral("http") && ++ !scheme.EqualsLiteral("https") && ++ !scheme.EqualsLiteral("ftp") && ++ !scheme.EqualsLiteral("file"); ++ } ++ + bool IsLoadedAsData() + { + return mLoadedAsData; + +commit 10775852824c +Author: Blake Kaplan <mrbkap@gmail.com> +Date: Wed Aug 16 16:58:19 2017 -0700 + + Bug 1325923 - Use this new API. r=Ehsan + + MozReview-Commit-ID: 6tuaEqQA551 +--- + dom/base/nsContentSink.cpp | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git dom/base/nsContentSink.cpp dom/base/nsContentSink.cpp +index c52761c8521f..c3e9f43846d4 100644 +--- dom/base/nsContentSink.cpp ++++ dom/base/nsContentSink.cpp +@@ -843,6 +843,12 @@ nsContentSink::ProcessMETATag(nsIContent* aContent) + return NS_OK; + } + ++ // Don't allow setting cookies in <meta http-equiv> in cookie averse ++ // documents. ++ if (nsGkAtoms::setcookie->Equals(header) && mDocument->IsCookieAverse()) { ++ return NS_OK; ++ } ++ + nsAutoString result; + aContent->GetAttr(kNameSpaceID_None, nsGkAtoms::content, result); + if (!result.IsEmpty()) { + +commit f48bc2cbf262 +Author: Blake Kaplan <mrbkap@gmail.com> +Date: Wed Aug 16 17:22:31 2017 -0700 + + Bug 1325923 - Use this API where we're supposed to. r=Ehsan + + MozReview-Commit-ID: HGU5YtUzv9U +--- + dom/html/nsHTMLDocument.cpp | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git dom/html/nsHTMLDocument.cpp dom/html/nsHTMLDocument.cpp +index fa3d614854d9..b146698b6494 100644 +--- dom/html/nsHTMLDocument.cpp ++++ dom/html/nsHTMLDocument.cpp +@@ -1347,6 +1347,11 @@ nsHTMLDocument::GetCookie(nsAString& aCookie, ErrorResult& rv) + return; + } + ++ // If the document is a cookie-averse Document... return the empty string. ++ if (IsCookieAverse()) { ++ return; ++ } ++ + // not having a cookie service isn't an error + nsCOMPtr<nsICookieService> service = do_GetService(NS_COOKIESERVICE_CONTRACTID); + if (service) { +@@ -1400,6 +1405,11 @@ nsHTMLDocument::SetCookie(const nsAString& aCookie, ErrorResult& rv) + return; + } + ++ // If the document is a cookie-averse Document... do nothing. ++ if (IsCookieAverse()) { ++ return; ++ } ++ + // not having a cookie service isn't an error + nsCOMPtr<nsICookieService> service = do_GetService(NS_COOKIESERVICE_CONTRACTID); + if (service && mDocumentURI) { Copied: branches/2017Q4/www/firefox/files/patch-bug1343147 (from r454000, head/www/firefox/files/patch-bug1343147) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2017Q4/www/firefox/files/patch-bug1343147 Mon Nov 27 18:00:23 2017 (r454980, copy of r454000, head/www/firefox/files/patch-bug1343147) @@ -0,0 +1,117 @@ +commit e215b167b9b9 +Author: cku <cku@mozilla.com> +Date: Tue Oct 3 11:29:19 2017 +0800 + + Bug 1343147 - Do not double applying transform vector of the root frame in a glyph mask into the target context. r=mstange, a=ritu + + When we generate the glyph mask for a transformed frame in + GenerateAndPushTextMask, the transform vector had been applied into aContext[1], + so we should find a way to prevent applying the vector again when painting the + glyph mask. + + In bug 1299715, I tried to prevent double apply at [2], it caused two problems: + 1. We only skip generating nsDisplayTransform, but we may still create a + nsDisplayPerspactive bellow. Since the parent of a nsDisplayPerspective must be + a nsDisplayTransform, which have been ignored, so we hit this assertion. + 2. We skip all transform for all frames while painting the glyph mask, which is + not correct. We should only skip double applying transform vector of the root + frame. + + This patch fixes both of these issues: + a. We will still create a nsDisplayTransform for the root frame if need. But + the transform matrix we apply into the target context will be an identity + matrix, so we fix #1 above. + b. In #a, we change the transform matrix to an identity matrix only for the root + frame of the glyph mask, so we fix #2. + + [1] + https://hg.mozilla.org/mozilla-central/file/59e5ec5729db/layout/painting/nsDisplayList.cpp#l752 + [2] + https://hg.mozilla.org/mozilla-central/file/ce2c129f0a87/layout/generic/nsFrame.cpp#l2806 + + MozReview-Commit-ID: 973lkQQxLB6 + + --HG-- + extra : source : 84451d723686bc47b81c44ed2ddf6c61f3e35915 +--- + layout/generic/nsFrame.cpp | 13 +++++-------- + layout/painting/nsDisplayList.cpp | 9 ++++++++- + 2 files changed, 13 insertions(+), 9 deletions(-) + +diff --git layout/generic/nsFrame.cpp layout/generic/nsFrame.cpp +index 37f2e2801220..dbfd61b7e142 100644 +--- layout/generic/nsFrame.cpp ++++ layout/generic/nsFrame.cpp +@@ -2803,14 +2803,11 @@ nsIFrame::BuildDisplayListForStackingContext(nsDisplayListBuilder* aBuilder, + buildingDisplayList.SetReferenceFrameAndCurrentOffset(outerReferenceFrame, + GetOffsetToCrossDoc(outerReferenceFrame)); + +- if (!aBuilder->IsForGenerateGlyphMask() && +- !aBuilder->IsForPaintingSelectionBG()) { +- nsDisplayTransform *transformItem = +- new (aBuilder) nsDisplayTransform(aBuilder, this, +- &resultList, dirtyRect, 0, +- allowAsyncAnimation); +- resultList.AppendNewToTop(transformItem); +- } ++ nsDisplayTransform *transformItem = ++ new (aBuilder) nsDisplayTransform(aBuilder, this, ++ &resultList, dirtyRect, 0, ++ allowAsyncAnimation); ++ resultList.AppendNewToTop(transformItem); + + if (hasPerspective) { + if (clipCapturedBy == ContainerItemType::ePerspective) { +diff --git layout/painting/nsDisplayList.cpp layout/painting/nsDisplayList.cpp +index 801e1ea2fb4d..6477bda52f01 100644 +--- layout/painting/nsDisplayList.cpp ++++ layout/painting/nsDisplayList.cpp +@@ -7976,11 +7976,18 @@ already_AddRefed<Layer> nsDisplayTransform::BuildLayer(nsDisplayListBuilder *aBu + LayerManager *aManager, + const ContainerLayerParameters& aContainerParameters) + { ++ // While generating a glyph mask, the transform vector of the root frame had ++ // been applied into the target context, so stop applying it again here. ++ const bool shouldSkipTransform = ++ (aBuilder->RootReferenceFrame() == mFrame) && ++ (aBuilder->IsForGenerateGlyphMask() || aBuilder->IsForPaintingSelectionBG()); ++ + /* For frames without transform, it would not be removed for + * backface hidden here. But, it would be removed by the init + * function of nsDisplayTransform. + */ +- const Matrix4x4& newTransformMatrix = GetTransformForRendering(); ++ const Matrix4x4 newTransformMatrix = ++ shouldSkipTransform ? Matrix4x4(): GetTransformForRendering(); + + uint32_t flags = FrameLayerBuilder::CONTAINER_ALLOW_PULL_BACKGROUND_COLOR; + RefPtr<ContainerLayer> container = aManager->GetLayerBuilder()-> +diff --git dom/svg/crashtests/1343147.svg dom/svg/crashtests/1343147.svg +new file mode 100644 +index 000000000000..d9c2611ca822 +--- /dev/null ++++ dom/svg/crashtests/1343147.svg +@@ -0,0 +1,13 @@ ++<svg xmlns="http://www.w3.org/2000/svg">; ++<style> ++<![CDATA[ ++ svg { ++ background-image: linear-gradient(lime, lime); ++ background-clip: text; ++ } ++ text { transform: skewy(30grad); } ++ g { perspective: 0; } ++]]> ++</style> ++ <g><text>hello</text></g> ++</svg> +diff --git dom/svg/crashtests/crashtests.list dom/svg/crashtests/crashtests.list +index 1727a206ec4f..57ab320161e2 100644 +--- dom/svg/crashtests/crashtests.list ++++ dom/svg/crashtests/crashtests.list +@@ -90,4 +90,5 @@ load 1329849-5.svg + load 1329849-6.svg + load 1329093-1.html + load 1329093-2.html ++load 1343147.svg + load 1402798.html Copied: branches/2017Q4/www/firefox/files/patch-bug1355576 (from r454000, head/www/firefox/files/patch-bug1355576) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2017Q4/www/firefox/files/patch-bug1355576 Mon Nov 27 18:00:23 2017 (r454980, copy of r454000, head/www/firefox/files/patch-bug1355576) @@ -0,0 +1,262 @@ +commit e530ba4d4394 +Author: Thomas Wisniewski <wisniewskit@gmail.com> +Date: Tue Jul 4 20:59:26 2017 -0400 + + Bug 1355576 - Add ability to clear all localStorage with the browsingData API; r=bsilverberg,janv + + MozReview-Commit-ID: 4UUqg62yIo9 + + --HG-- + extra : rebase_source : 9c6154bbe878fc3921d22027fdc90dbdaed05be9 +--- + browser/components/extensions/ext-browsingData.js | 10 +++ + .../extensions/schemas/browsing_data.json | 1 - + .../extensions/test/browser/browser-common.ini | 1 + + .../browser_ext_browsingData_localStorage.js | 93 ++++++++++++++++++++++ + .../test/xpcshell/test_ext_browsingData.js | 4 +- + dom/storage/LocalStorageManager.cpp | 3 +- + dom/storage/StorageObserver.cpp | 12 +++ + .../extensions/schemas/browsing_data.json | 1 - + 8 files changed, 120 insertions(+), 5 deletions(-) + +diff --git browser/components/extensions/ext-browsingData.js browser/components/extensions/ext-browsingData.js +index fd59141dd15d..109ec9601487 100644 +--- browser/components/extensions/ext-browsingData.js ++++ browser/components/extensions/ext-browsingData.js +@@ -83,6 +83,10 @@ const clearHistory = options => { + return sanitizer.items.history.clear(makeRange(options)); + }; + ++const clearLocalStorage = async function(options) { ++ Services.obs.notifyObservers(null, "extension:purge-localStorage"); ++}; ++ + const clearPasswords = async function(options) { + let loginManager = Services.logins; + let yieldCounter = 0; +@@ -152,6 +156,9 @@ const doRemoval = (options, dataToRemove, extension) => { + case "history": + removalPromises.push(clearHistory(options)); + break; ++ case "localStorage": ++ removalPromises.push(clearLocalStorage(options)); ++ break; + case "passwords": + removalPromises.push(clearPasswords(options)); + break; +@@ -225,6 +232,9 @@ this.browsingData = class extends ExtensionAPI { + removeHistory(options) { + return doRemoval(options, {history: true}); + }, ++ removeLocalStorage(options) { ++ return doRemoval(options, {localStorage: true}); ++ }, + removePasswords(options) { + return doRemoval(options, {passwords: true}); + }, +diff --git browser/components/extensions/schemas/browsing_data.json browser/components/extensions/schemas/browsing_data.json +index a780f5640c8f..7755714eb898 100644 +--- browser/components/extensions/schemas/browsing_data.json ++++ browser/components/extensions/schemas/browsing_data.json +@@ -341,7 +341,6 @@ + "description": "Clears websites' local storage data.", + "type": "function", + "async": "callback", +- "unsupported": true, + "parameters": [ + { + "$ref": "RemovalOptions", +diff --git browser/components/extensions/test/browser/browser-common.ini browser/components/extensions/test/browser/browser-common.ini +index 464b8ba18f37..e3f7700f3939 100644 +--- browser/components/extensions/test/browser/browser-common.ini ++++ browser/components/extensions/test/browser/browser-common.ini +@@ -46,6 +46,7 @@ skip-if = (os == 'win' && !debug) # bug 1352668 + [browser_ext_browserAction_theme_icons.js] + [browser_ext_browsingData_formData.js] + [browser_ext_browsingData_history.js] ++[browser_ext_browsingData_localStorage.js] + [browser_ext_browsingData_pluginData.js] + [browser_ext_browsingData_serviceWorkers.js] + [browser_ext_commands_execute_browser_action.js] +diff --git browser/components/extensions/test/browser/browser_ext_browsingData_localStorage.js browser/components/extensions/test/browser/browser_ext_browsingData_localStorage.js +new file mode 100644 +index 000000000000..215f26d1fcb6 +--- /dev/null ++++ browser/components/extensions/test/browser/browser_ext_browsingData_localStorage.js +@@ -0,0 +1,93 @@ ++/* -*- Mode: indent-tabs-mode: nil; js-indent-level: 2 -*- */ ++/* vim: set sts=2 sw=2 et tw=80: */ ++"use strict"; ++ ++add_task(async function testLocalStorage() { ++ async function background() { ++ function openTabs() { ++ let promise = new Promise(resolve => { ++ let tabURLs = [ ++ "http://example.com/", ++ "http://example.net/", ++ ]; ++ ++ let tabs; ++ let waitingCount = tabURLs.length; ++ ++ let listener = async msg => { ++ if (msg !== "content-script-ready" || --waitingCount) { ++ return; ++ } ++ browser.runtime.onMessage.removeListener(listener); ++ resolve(Promise.all(tabs)); ++ }; ++ ++ browser.runtime.onMessage.addListener(listener); ++ ++ tabs = tabURLs.map(url => { ++ return browser.tabs.create({url: url}); ++ }); ++ }); ++ ++ return promise; ++ } ++ ++ function sendMessageToTabs(tabs, message) { ++ return Promise.all( ++ tabs.map(tab => { return browser.tabs.sendMessage(tab.id, message); })); ++ } ++ ++ let tabs = await openTabs(); ++ ++ await sendMessageToTabs(tabs, "resetLocalStorage"); ++ await sendMessageToTabs(tabs, "checkLocalStorageSet"); ++ await browser.browsingData.removeLocalStorage({}); ++ await sendMessageToTabs(tabs, "checkLocalStorageCleared"); ++ ++ await sendMessageToTabs(tabs, "resetLocalStorage"); ++ await sendMessageToTabs(tabs, "checkLocalStorageSet"); ++ await browser.browsingData.remove({}, {localStorage: true}); ++ await sendMessageToTabs(tabs, "checkLocalStorageCleared"); ++ ++ browser.tabs.remove(tabs.map(tab => tab.id)); ++ ++ browser.test.notifyPass("done"); ++ } ++ ++ function contentScript() { ++ browser.runtime.onMessage.addListener(msg => { ++ if (msg === "resetLocalStorage") { ++ localStorage.clear(); ++ localStorage.setItem("test", "test"); ++ } else if (msg === "checkLocalStorageSet") { ++ browser.test.assertEq("test", localStorage.getItem("test")); ++ } else if (msg === "checkLocalStorageCleared") { ++ browser.test.assertEq(null, localStorage.getItem("test")); ++ } ++ }); ++ browser.runtime.sendMessage("content-script-ready"); ++ } ++ ++ let extension = ExtensionTestUtils.loadExtension({ ++ background, ++ manifest: { ++ "permissions": ["browsingData"], ++ "content_scripts": [{ ++ "matches": [ ++ "http://example.com/", ++ "http://example.net/", ++ ], ++ "js": ["content-script.js"], ++ "run_at": "document_start", ++ }], ++ }, ++ files: { ++ "content-script.js": contentScript, ++ }, ++ }); ++ ++ await extension.startup(); ++ await extension.awaitFinish("done"); ++ await extension.unload(); ++}); ++ +diff --git browser/components/extensions/test/xpcshell/test_ext_browsingData.js browser/components/extensions/test/xpcshell/test_ext_browsingData.js +index 0c1c4874ca44..0b8972058e64 100644 +--- browser/components/extensions/test/xpcshell/test_ext_browsingData.js ++++ browser/components/extensions/test/xpcshell/test_ext_browsingData.js +@@ -44,7 +44,7 @@ add_task(async function testInvalidArguments() { + + add_task(async function testUnimplementedDataType() { + function background() { +- browser.browsingData.remove({}, {localStorage: true}); ++ browser.browsingData.remove({}, {indexedDB: true}); + browser.test.sendMessage("finished"); + } + +@@ -61,6 +61,6 @@ add_task(async function testUnimplementedDataType() { + await extension.unload(); + }); + +- let warningObserved = messages.find(line => /Firefox does not support dataTypes: localStorage/.test(line)); ++ let warningObserved = messages.find(line => /Firefox does not support dataTypes: indexedDB/.test(line)); + ok(warningObserved, "Warning issued when calling remove with an unimplemented dataType."); + }); +diff --git dom/storage/LocalStorageManager.cpp dom/storage/LocalStorageManager.cpp +index a161de2bc596..f366e7874a90 100644 +--- dom/storage/LocalStorageManager.cpp ++++ dom/storage/LocalStorageManager.cpp +@@ -386,7 +386,8 @@ LocalStorageManager::Observe(const char* aTopic, + } + + // Clear everything, caches + database +- if (!strcmp(aTopic, "cookie-cleared")) { ++ if (!strcmp(aTopic, "cookie-cleared") || ++ !strcmp(aTopic, "extension:purge-localStorage-caches")) { + ClearCaches(LocalStorageCache::kUnloadComplete, pattern, EmptyCString()); + return NS_OK; + } +diff --git dom/storage/StorageObserver.cpp dom/storage/StorageObserver.cpp +index e5b010f88c7b..48d484748209 100644 +--- dom/storage/StorageObserver.cpp ++++ dom/storage/StorageObserver.cpp +@@ -66,6 +66,7 @@ StorageObserver::Init() + obs->AddObserver(sSelf, "browser:purge-domain-data", true); + obs->AddObserver(sSelf, "last-pb-context-exited", true); + obs->AddObserver(sSelf, "clear-origin-attributes-data", true); ++ obs->AddObserver(sSelf, "extension:purge-localStorage", true); + + // Shutdown + obs->AddObserver(sSelf, "profile-after-change", true); +@@ -270,6 +271,23 @@ StorageObserver::Observe(nsISupports* aSubject, + + Notify("session-only-cleared", NS_ConvertUTF8toUTF16(originSuffix), + originScope); ++ ++ return NS_OK; ++ } ++ ++ if (!strcmp(aTopic, "extension:purge-localStorage")) { ++ StorageDBChild* storageChild = StorageDBChild::GetOrCreate(); ++ if (NS_WARN_IF(!storageChild)) { ++ return NS_ERROR_FAILURE; ++ } ++ ++ storageChild->AsyncClearAll(); ++ ++ if (XRE_IsParentProcess()) { ++ storageChild->SendClearAll(); ++ } ++ ++ Notify("extension:purge-localStorage-caches"); + + return NS_OK; + } +diff --git mobile/android/components/extensions/schemas/browsing_data.json mobile/android/components/extensions/schemas/browsing_data.json +index 483a462d422c..1019c1a23953 100644 +--- mobile/android/components/extensions/schemas/browsing_data.json ++++ mobile/android/components/extensions/schemas/browsing_data.json +@@ -345,7 +345,6 @@ + "description": "Clears websites' local storage data.", + "type": "function", + "async": "callback", +- "unsupported": true, + "parameters": [ + { + "$ref": "RemovalOptions", Copied: branches/2017Q4/www/firefox/files/patch-bug1365894 (from r454192, head/www/firefox/files/patch-bug1365894) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2017Q4/www/firefox/files/patch-bug1365894 Mon Nov 27 18:00:23 2017 (r454980, copy of r454192, head/www/firefox/files/patch-bug1365894) @@ -0,0 +1,60 @@ +commit 97515a9302ed +Author: James Cheng <jacheng@mozilla.com> +Date: Mon Oct 9 13:40:12 2017 -0400 + + Bug 1365894 - Make SystemGroupImpl be a normal ref-counted object. r=ehsan, a=ritu + + MozReview-Commit-ID: LUcoBhNx2M5 + + --HG-- + extra : source : 3959033a31666770047dd460979032464a48ba66 +--- + xpcom/threads/SystemGroup.cpp | 18 +++++------------- + 1 file changed, 5 insertions(+), 13 deletions(-) + +diff --git xpcom/threads/SystemGroup.cpp xpcom/threads/SystemGroup.cpp +index a95ecc6cdd77..04bf3bd248ef 100644 +--- xpcom/threads/SystemGroup.cpp ++++ xpcom/threads/SystemGroup.cpp +@@ -16,7 +16,7 @@ class SystemGroupImpl final : public SchedulerGroup + { + public: + SystemGroupImpl(); +- ~SystemGroupImpl() {} ++ NS_INLINE_DECL_THREADSAFE_REFCOUNTING(SystemGroupImpl) + + static void InitStatic(); + static void ShutdownStatic(); +@@ -24,20 +24,12 @@ public: + + static bool Initialized() { return !!sSingleton; } + +- NS_METHOD_(MozExternalRefCountType) AddRef(void) +- { +- return 2; +- } +- NS_METHOD_(MozExternalRefCountType) Release(void) +- { +- return 1; +- } +- + private: +- static UniquePtr<SystemGroupImpl> sSingleton; ++ ~SystemGroupImpl() = default; ++ static StaticRefPtr<SystemGroupImpl> sSingleton; + }; + +-UniquePtr<SystemGroupImpl> SystemGroupImpl::sSingleton; ++StaticRefPtr<SystemGroupImpl> SystemGroupImpl::sSingleton; + + SystemGroupImpl::SystemGroupImpl() + { +@@ -49,7 +41,7 @@ SystemGroupImpl::InitStatic() + { + MOZ_ASSERT(!sSingleton); + MOZ_ASSERT(NS_IsMainThread()); +- sSingleton = MakeUnique<SystemGroupImpl>(); ++ sSingleton = new SystemGroupImpl(); + } + + /* static */ void Copied: branches/2017Q4/www/firefox/files/patch-bug1366420 (from r454192, head/www/firefox/files/patch-bug1366420) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2017Q4/www/firefox/files/patch-bug1366420 Mon Nov 27 18:00:23 2017 (r454980, copy of r454192, head/www/firefox/files/patch-bug1366420) @@ -0,0 +1,128 @@ +commit dfe9efffb57b +Author: Marco Bonardo <mbonardo@mozilla.com> +Date: Wed Oct 4 11:13:19 2017 +0200 + + Bug 1366420. r=standard8, a=ritu + + MozReview-Commit-ID: FOIqr5RdRjz + + --HG-- + extra : source : 08312cdfb2304264e6871357fe2e6e7831272d21 +--- + toolkit/components/places/BookmarkHTMLUtils.jsm | 2 +- + .../unit/test_bookmarks_html_escape_entities.js | 81 ++++++++++++++++++++++ + toolkit/components/places/tests/unit/xpcshell.ini | 1 + + 3 files changed, 83 insertions(+), 1 deletion(-) + +diff --git toolkit/components/places/BookmarkHTMLUtils.jsm toolkit/components/places/BookmarkHTMLUtils.jsm +index 653e29fc5875..f4c1e7495d32 100644 +--- toolkit/components/places/BookmarkHTMLUtils.jsm ++++ toolkit/components/places/BookmarkHTMLUtils.jsm +@@ -1143,7 +1143,7 @@ BookmarkExporter.prototype = { + if (aItem.charset) + this._writeAttribute("LAST_CHARSET", escapeHtmlEntities(aItem.charset)); + if (aItem.tags) +- this._writeAttribute("TAGS", aItem.tags); ++ this._writeAttribute("TAGS", escapeHtmlEntities(aItem.tags)); + this._writeLine(">" + escapeHtmlEntities(aItem.title) + "</A>"); + this._writeDescription(aItem, aIndent); + }, +diff --git toolkit/components/places/tests/unit/test_bookmarks_html_escape_entities.js toolkit/components/places/tests/unit/test_bookmarks_html_escape_entities.js +new file mode 100644 +index 000000000000..73c5e0e0744d +--- /dev/null ++++ toolkit/components/places/tests/unit/test_bookmarks_html_escape_entities.js +@@ -0,0 +1,81 @@ ++/* Any copyright is dedicated to the Public Domain. ++ * http://creativecommons.org/publicdomain/zero/1.0/ */ ++ ++"use strict"; ++ ++// Checks that html entities are escaped in bookmarks.html files. ++ ++const DESCRIPTION_ANNO = "bookmarkProperties/description"; ++ ++add_task(async function() { ++ // Removes bookmarks.html if the file already exists. ++ let HTMLFile = OS.Path.join(OS.Constants.Path.profileDir, "bookmarks.html"); ++ if ((await OS.File.exists(HTMLFile))) { ++ await OS.File.remove(HTMLFile); ++ } ++ ++ let unescaped = '<unescaped="test">'; ++ // Adds bookmarks and tags to the database. ++ const url = 'http://www.google.it/"/'; ++ let bm = await PlacesUtils.bookmarks.insert({ ++ parentGuid: PlacesUtils.bookmarks.unfiledGuid, ++ url, ++ title: unescaped ++ }); ++ await PlacesUtils.keywords.insert({ url, keyword: unescaped, postData: unescaped }) ++ let uri = Services.io.newURI(url); ++ PlacesUtils.tagging.tagURI(uri, [unescaped]); ++ await PlacesUtils.setCharsetForURI(uri, unescaped); ++ PlacesUtils.annotations.setItemAnnotation( ++ await PlacesUtils.promiseItemId(bm.guid), ++ DESCRIPTION_ANNO, unescaped, 0, PlacesUtils.annotations.EXPIRE_NEVER); ++ ++ // Exports the bookmarks as a HTML file. ++ await BookmarkHTMLUtils.exportToFile(HTMLFile); ++ await PlacesUtils.bookmarks.remove(bm); ++ ++ // Check there are no unescaped entities in the html file. ++ let xml = await new Promise((resolve, reject) => { ++ let xhr = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"] ++ .createInstance(Ci.nsIXMLHttpRequest); ++ xhr.onload = () => { ++ try { ++ resolve(xhr.responseXML); ++ } catch (e) { ++ reject(e); ++ } ++ }; ++ xhr.onabort = xhr.onerror = xhr.ontimeout = () => { ++ reject(new Error("xmlhttprequest failed")); ++ }; ++ xhr.open("GET", OS.Path.toFileURI(HTMLFile)); ++ xhr.responseType = "document"; ++ xhr.overrideMimeType("text/html"); ++ xhr.send(); ++ }); ++ ++ let checksCount = 6; ++ for (let current = xml; current; ++ current = current.firstChild || current.nextSibling || current.parentNode.nextSibling) { ++ switch (current.nodeType) { ++ case Ci.nsIDOMNode.ELEMENT_NODE: ++ for (let {name, value} of current.attributes) { ++ do_print("Found attribute: " + name); ++ // Check tags, keyword, postData and charSet. ++ if (["tags", "last_charset", "shortcuturl", "post_data"].includes(name)) { ++ Assert.equal(value, unescaped, `Attribute ${name} should be complete`); ++ checksCount--; ++ } ++ } ++ break; ++ case Ci.nsIDOMNode.TEXT_NODE: ++ // Check Title and description. ++ if (!current.data.startsWith("\n") && !current.data.includes("Bookmarks")) { ++ Assert.equal(current.data.trim(), unescaped, "Text node should be complete"); ++ checksCount--; ++ } ++ break; ++ } ++ } ++ Assert.equal(checksCount, 0, "All the checks ran") ++}); +diff --git toolkit/components/places/tests/unit/xpcshell.ini toolkit/components/places/tests/unit/xpcshell.ini +index 6952e4158753..776e7e548f92 100644 +--- toolkit/components/places/tests/unit/xpcshell.ini ++++ toolkit/components/places/tests/unit/xpcshell.ini +@@ -67,6 +67,7 @@ skip-if = (os == "win" && os_version == "5.1") # Bug 1158887 + [test_bookmarks_json.js] + [test_bookmarks_html.js] + [test_bookmarks_html_corrupt.js] ++[test_bookmarks_html_escape_entities.js] + [test_bookmarks_html_import_tags.js] + [test_bookmarks_html_singleframe.js] + [test_bookmarks_restore_notification.js] Copied: branches/2017Q4/www/firefox/files/patch-bug1369561 (from r454000, head/www/firefox/files/patch-bug1369561) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2017Q4/www/firefox/files/patch-bug1369561 Mon Nov 27 18:00:23 2017 (r454980, copy of r454000, head/www/firefox/files/patch-bug1369561) @@ -0,0 +1,66 @@ +commit 4a1737e0c456 +Author: David Keeler <dkeeler@mozilla.com> +Date: Fri Sep 15 14:47:54 2017 -0700 + + Bug 1369561 - Address misc. SnprintfLiteral correctness nits. r=jld, r=froydnj, a=ritu + + --HG-- + extra : source : f5533b6cd09c35eef381e311940b5bd5231d3553 +--- + security/sandbox/linux/SandboxUtil.cpp | 17 ++++++++++------- + xpcom/base/nsSystemInfo.cpp | 2 +- + 2 files changed, 11 insertions(+), 8 deletions(-) + +diff --git security/sandbox/linux/SandboxUtil.cpp security/sandbox/linux/SandboxUtil.cpp +index ad6003ecaad5..999329882364 100644 +--- security/sandbox/linux/SandboxUtil.cpp ++++ security/sandbox/linux/SandboxUtil.cpp +@@ -62,7 +62,6 @@ UnshareUserNamespace() + uid_t uid = getuid(); + gid_t gid = getgid(); + char buf[80]; +- size_t len; + + if (syscall(__NR_unshare, CLONE_NEWUSER) != 0) { + return false; +@@ -84,17 +83,21 @@ UnshareUserNamespace() + // current thread. However, CLONE_NEWUSER can be unshared only in a + // single-threaded process, so those are equivalent if we reach this + // point. +- len = size_t(SprintfLiteral(buf, "%u %u 1\n", uid, uid)); +- MOZ_ASSERT(len < sizeof(buf)); +- if (!WriteStringToFile("/proc/self/uid_map", buf, len)) { ++ int len = SprintfLiteral(buf, "%u %u 1\n", uid, uid); ++ if (len >= int(sizeof(buf)) || len < 0) { ++ return false; ++ } ++ if (!WriteStringToFile("/proc/self/uid_map", buf, size_t(len))) { + MOZ_CRASH("Failed to write /proc/self/uid_map"); + } + + Unused << WriteStringToFile("/proc/self/setgroups", "deny", 4); + +- len = size_t(SprintfLiteral(buf, "%u %u 1\n", gid, gid)); +- MOZ_ASSERT(len < sizeof(buf)); +- if (!WriteStringToFile("/proc/self/gid_map", buf, len)) { ++ len = SprintfLiteral(buf, "%u %u 1\n", gid, gid); ++ if (len >= int(sizeof(buf)) || len < 0) { ++ return false; ++ } ++ if (!WriteStringToFile("/proc/self/gid_map", buf, size_t(len))) { + MOZ_CRASH("Failed to write /proc/self/gid_map"); + } + return true; +diff --git xpcom/base/nsSystemInfo.cpp xpcom/base/nsSystemInfo.cpp +index e5a7fe97be03..782dc9abf37d 100644 +--- xpcom/base/nsSystemInfo.cpp ++++ xpcom/base/nsSystemInfo.cpp +@@ -706,7 +706,7 @@ nsSystemInfo::Init() + } + + nsAutoCString secondaryLibrary; +- if (gtkver_len > 0) { ++ if (gtkver_len > 0 && gtkver_len < int(sizeof(gtkver))) { + secondaryLibrary.Append(nsDependentCSubstring(gtkver, gtkver_len)); + } + Copied: branches/2017Q4/www/firefox/files/patch-bug1370497 (from r454192, head/www/firefox/files/patch-bug1370497) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2017Q4/www/firefox/files/patch-bug1370497 Mon Nov 27 18:00:23 2017 (r454980, copy of r454192, head/www/firefox/files/patch-bug1370497) @@ -0,0 +1,100 @@ +commit c79086d4c25c +Author: Jonathan Kew <jkew@mozilla.com> +Date: Wed Sep 27 11:16:35 2017 +0100 + + Bug 1370497 - Check ScriptExtensions property of combining marks when available. r=valentin, a=ritu + + --HG-- + extra : source : 6bd2d96c0c3d952b205e1bb2f6915cbc820a61a1 + extra : amend_source : b0c6b6fbea0bf77c8d1527e131d3773b4d959ea0 +--- + netwerk/dns/nsIDNService.cpp | 45 ++++++++++++++++++++++++++++++++------ + netwerk/test/unit/test_idn_urls.js | 5 +++++ + 2 files changed, 43 insertions(+), 7 deletions(-) + +diff --git netwerk/dns/nsIDNService.cpp netwerk/dns/nsIDNService.cpp +index 4c45a2d52e45..e07910a7e70d 100644 +--- netwerk/dns/nsIDNService.cpp ++++ netwerk/dns/nsIDNService.cpp +@@ -26,6 +26,7 @@ + const bool kIDNA2008_TransitionalProcessing = false; + + #include "ICUUtils.h" ++#include "unicode/uscript.h" + #endif + + using namespace mozilla::unicode; +@@ -900,8 +901,8 @@ bool nsIDNService::isLabelSafe(const nsAString &label) + } + + // Check for mixed numbering systems +- if (GetGeneralCategory(ch) == +- HB_UNICODE_GENERAL_CATEGORY_DECIMAL_NUMBER) { ++ auto genCat = GetGeneralCategory(ch); ++ if (genCat == HB_UNICODE_GENERAL_CATEGORY_DECIMAL_NUMBER) { + uint32_t zeroCharacter = ch - GetNumericValue(ch); *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201711271800.vARI0OZ2080545>