Date: Thu, 22 Feb 2018 01:01:03 +0000 (UTC) From: Jan Beich <jbeich@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r462556 - in branches/2018Q1/www/waterfox: . files Message-ID: <201802220101.w1M113Kq023706@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jbeich Date: Thu Feb 22 01:01:03 2018 New Revision: 462556 URL: https://svnweb.freebsd.org/changeset/ports/462556 Log: MFH: r462554 www/waterfox: apply some FF59 fixes Approved by: ports-secteam blanket Added: branches/2018Q1/www/waterfox/files/patch-bug1388020 - copied unchanged from r462554, head/www/waterfox/files/patch-bug1388020 branches/2018Q1/www/waterfox/files/patch-bug1435566 - copied unchanged from r462554, head/www/waterfox/files/patch-bug1435566 branches/2018Q1/www/waterfox/files/patch-bug1436768 - copied unchanged from r462554, head/www/waterfox/files/patch-bug1436768 branches/2018Q1/www/waterfox/files/patch-bug1437214 - copied unchanged from r462554, head/www/waterfox/files/patch-bug1437214 branches/2018Q1/www/waterfox/files/patch-bug1438645 - copied unchanged from r462554, head/www/waterfox/files/patch-bug1438645 Modified: branches/2018Q1/www/waterfox/Makefile Directory Properties: branches/2018Q1/ (props changed) Modified: branches/2018Q1/www/waterfox/Makefile ============================================================================== --- branches/2018Q1/www/waterfox/Makefile Thu Feb 22 01:00:22 2018 (r462555) +++ branches/2018Q1/www/waterfox/Makefile Thu Feb 22 01:01:03 2018 (r462556) @@ -2,7 +2,7 @@ PORTNAME= waterfox DISTVERSION= 56.0.4 -PORTREVISION= 5 +PORTREVISION= 6 CATEGORIES= www ipv6 MAINTAINER= jbeich@FreeBSD.org Copied: branches/2018Q1/www/waterfox/files/patch-bug1388020 (from r462554, head/www/waterfox/files/patch-bug1388020) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q1/www/waterfox/files/patch-bug1388020 Thu Feb 22 01:01:03 2018 (r462556, copy of r462554, head/www/waterfox/files/patch-bug1388020) @@ -0,0 +1,439 @@ +commit 56cb3a82e6f1 +Author: Andrew Osmond <aosmond@mozilla.com> +Date: Wed Feb 7 09:33:12 2018 -0500 + + Bug 1388020. r=nical a=RyanVM + + --HG-- + extra : source : fd15c14e5efb1874591f4e113c1ae1c49154804f +--- + gfx/layers/client/TextureClient.h | 2 +- + gfx/layers/composite/TextureHost.cpp | 65 +++++++++++++++++++----- + gfx/layers/composite/X11TextureHost.cpp | 13 +++-- + gfx/layers/d3d11/TextureD3D11.cpp | 6 +-- + gfx/layers/opengl/MacIOSurfaceTextureHostOGL.cpp | 8 +++ + gfx/layers/opengl/TextureHostOGL.cpp | 25 ++------- + gfx/tests/gtest/TestLayers.h | 16 ++++++ + gfx/tests/gtest/TestTextureCompatibility.cpp | 12 +++-- + gfx/tests/gtest/TestTextures.cpp | 7 ++- + gfx/tests/gtest/TextureHelper.h | 3 +- + 10 files changed, 108 insertions(+), 49 deletions(-) + +diff --git gfx/layers/client/TextureClient.h gfx/layers/client/TextureClient.h +index e56ea21841ad..81be2867ca7a 100644 +--- gfx/layers/client/TextureClient.h ++++ gfx/layers/client/TextureClient.h +@@ -761,7 +761,7 @@ protected: + friend void TestTextureClientSurface(TextureClient*, gfxImageSurface*); + friend void TestTextureClientYCbCr(TextureClient*, PlanarYCbCrData&); + friend already_AddRefed<TextureHost> CreateTextureHostWithBackend( +- TextureClient*, LayersBackend&); ++ TextureClient*, ISurfaceAllocator*, LayersBackend&); + + #ifdef GFX_DEBUG_TRACK_CLIENTS_IN_POOL + public: +diff --git gfx/layers/composite/TextureHost.cpp gfx/layers/composite/TextureHost.cpp +index a48a9081e155..e0a74920fbe5 100644 +--- gfx/layers/composite/TextureHost.cpp ++++ gfx/layers/composite/TextureHost.cpp +@@ -116,15 +116,9 @@ TextureHost::CreateIPDLActor(HostIPCAllocator* aAllocator, + uint64_t aSerial, + const wr::MaybeExternalImageId& aExternalImageId) + { +- if (aSharedData.type() == SurfaceDescriptor::TSurfaceDescriptorBuffer && +- aSharedData.get_SurfaceDescriptorBuffer().data().type() == MemoryOrShmem::Tuintptr_t && +- !aAllocator->IsSameProcess()) +- { +- NS_ERROR("A client process is trying to peek at our address space using a MemoryTexture!"); +- return nullptr; +- } + TextureParent* actor = new TextureParent(aAllocator, aSerial, aExternalImageId); + if (!actor->Init(aSharedData, aLayersBackend, aFlags)) { ++ actor->ActorDestroy(ipc::IProtocol::ActorDestroyReason::FailedConstructor); + delete actor; + return nullptr; + } +@@ -232,6 +226,11 @@ TextureHost::Create(const SurfaceDescriptor& aDesc, + + #ifdef MOZ_X11 + case SurfaceDescriptor::TSurfaceDescriptorX11: { ++ if (!aDeallocator->IsSameProcess()) { ++ NS_ERROR("A client process is trying to peek at our address space using a X11Texture!"); ++ return nullptr; ++ } ++ + const SurfaceDescriptorX11& desc = aDesc.get_SurfaceDescriptorX11(); + result = MakeAndAddRef<X11TextureHost>(aFlags, desc); + break; +@@ -248,7 +247,7 @@ TextureHost::Create(const SurfaceDescriptor& aDesc, + MOZ_CRASH("GFX: Unsupported Surface type host"); + } + +- if (WrapWithWebRenderTextureHost(aDeallocator, aBackend, aFlags)) { ++ if (result && WrapWithWebRenderTextureHost(aDeallocator, aBackend, aFlags)) { + MOZ_ASSERT(aExternalImageId.isSome()); + result = new WebRenderTextureHost(aDesc, aFlags, result, aExternalImageId.ref()); + } +@@ -269,13 +268,50 @@ CreateBackendIndependentTextureHost(const SurfaceDescriptor& aDesc, + const MemoryOrShmem& data = bufferDesc.data(); + switch (data.type()) { + case MemoryOrShmem::TShmem: { +- result = new ShmemTextureHost(data.get_Shmem(), +- bufferDesc.desc(), +- aDeallocator, +- aFlags); ++ const ipc::Shmem& shmem = data.get_Shmem(); ++ const BufferDescriptor& desc = bufferDesc.desc(); ++ if (!shmem.IsReadable()) { ++ // We failed to map the shmem so we can't verify its size. This ++ // should not be a fatal error, so just create the texture with ++ // nothing backing it. ++ result = new ShmemTextureHost(shmem, desc, aDeallocator, aFlags); ++ break; ++ } ++ ++ size_t bufSize = shmem.Size<char>(); ++ size_t reqSize = SIZE_MAX; ++ switch (desc.type()) { ++ case BufferDescriptor::TYCbCrDescriptor: { ++ const YCbCrDescriptor& ycbcr = desc.get_YCbCrDescriptor(); ++ reqSize = ++ ImageDataSerializer::ComputeYCbCrBufferSize(ycbcr.ySize(), ycbcr.yStride(), ++ ycbcr.cbCrSize(), ycbcr.cbCrStride()); ++ break; ++ } ++ case BufferDescriptor::TRGBDescriptor: { ++ const RGBDescriptor& rgb = desc.get_RGBDescriptor(); ++ reqSize = ImageDataSerializer::ComputeRGBBufferSize(rgb.size(), rgb.format()); ++ break; ++ } ++ default: ++ gfxCriticalError() << "Bad buffer host descriptor " << (int)desc.type(); ++ MOZ_CRASH("GFX: Bad descriptor"); ++ } ++ ++ if (bufSize < reqSize) { ++ NS_ERROR("A client process gave a shmem too small to fit for its descriptor!"); ++ return nullptr; ++ } ++ ++ result = new ShmemTextureHost(shmem, desc, aDeallocator, aFlags); + break; + } + case MemoryOrShmem::Tuintptr_t: { ++ if (!aDeallocator->IsSameProcess()) { ++ NS_ERROR("A client process is trying to peek at our address space using a MemoryTexture!"); ++ return nullptr; ++ } ++ + result = new MemoryTextureHost(reinterpret_cast<uint8_t*>(data.get_uintptr_t()), + bufferDesc.desc(), + aFlags); +@@ -293,6 +329,11 @@ CreateBackendIndependentTextureHost(const SurfaceDescriptor& aDesc, + } + #ifdef XP_WIN + case SurfaceDescriptor::TSurfaceDescriptorDIB: { ++ if (!aDeallocator->IsSameProcess()) { ++ NS_ERROR("A client process is trying to peek at our address space using a DIBTexture!"); ++ return nullptr; ++ } ++ + result = new DIBTextureHost(aFlags, aDesc); + break; + } +diff --git gfx/layers/composite/X11TextureHost.cpp gfx/layers/composite/X11TextureHost.cpp +index e2251f0c531a..94cb3f2f9594 100644 +--- gfx/layers/composite/X11TextureHost.cpp ++++ gfx/layers/composite/X11TextureHost.cpp +@@ -23,10 +23,9 @@ X11TextureHost::X11TextureHost(TextureFlags aFlags, + const SurfaceDescriptorX11& aDescriptor) + : TextureHost(aFlags) + { +- RefPtr<gfxXlibSurface> surface = aDescriptor.OpenForeign(); +- mSurface = surface.get(); ++ mSurface = aDescriptor.OpenForeign(); + +- if (!(aFlags & TextureFlags::DEALLOCATE_CLIENT)) { ++ if (mSurface && !(aFlags & TextureFlags::DEALLOCATE_CLIENT)) { + mSurface->TakePixmap(); + } + } +@@ -34,7 +33,7 @@ X11TextureHost::X11TextureHost(TextureFlags aFlags, + bool + X11TextureHost::Lock() + { +- if (!mCompositor) { ++ if (!mCompositor || !mSurface) { + return false; + } + +@@ -75,6 +74,9 @@ X11TextureHost::SetTextureSourceProvider(TextureSourceProvider* aProvider) + SurfaceFormat + X11TextureHost::GetFormat() const + { ++ if (!mSurface) { ++ return SurfaceFormat::UNKNOWN; ++ } + gfxContentType type = mSurface->GetContentType(); + #ifdef GL_PROVIDER_GLX + if (mCompositor->GetBackendType() == LayersBackend::LAYERS_OPENGL) { +@@ -87,6 +89,9 @@ X11TextureHost::GetFormat() const + IntSize + X11TextureHost::GetSize() const + { ++ if (!mSurface) { ++ return IntSize(); ++ } + return mSurface->GetSize(); + } + +diff --git gfx/layers/d3d11/TextureD3D11.cpp gfx/layers/d3d11/TextureD3D11.cpp +index 379686418ef0..4ad758849b93 100644 +--- gfx/layers/d3d11/TextureD3D11.cpp ++++ gfx/layers/d3d11/TextureD3D11.cpp +@@ -763,10 +763,6 @@ CreateTextureHostD3D11(const SurfaceDescriptor& aDesc, + { + RefPtr<TextureHost> result; + switch (aDesc.type()) { +- case SurfaceDescriptor::TSurfaceDescriptorBuffer: { +- result = CreateBackendIndependentTextureHost(aDesc, aDeallocator, aBackend, aFlags); +- break; +- } + case SurfaceDescriptor::TSurfaceDescriptorD3D10: { + result = new DXGITextureHostD3D11(aFlags, + aDesc.get_SurfaceDescriptorD3D10()); +@@ -778,7 +774,7 @@ CreateTextureHostD3D11(const SurfaceDescriptor& aDesc, + break; + } + default: { +- NS_WARNING("Unsupported SurfaceDescriptor type"); ++ MOZ_ASSERT_UNREACHABLE("Unsupported SurfaceDescriptor type"); + } + } + return result.forget(); +diff --git gfx/layers/opengl/MacIOSurfaceTextureHostOGL.cpp gfx/layers/opengl/MacIOSurfaceTextureHostOGL.cpp +index 291b0eb3d0dc..f363bb5a7cf7 100644 +--- gfx/layers/opengl/MacIOSurfaceTextureHostOGL.cpp ++++ gfx/layers/opengl/MacIOSurfaceTextureHostOGL.cpp +@@ -32,6 +32,8 @@ MacIOSurfaceTextureHostOGL::~MacIOSurfaceTextureHostOGL() + GLTextureSource* + MacIOSurfaceTextureHostOGL::CreateTextureSourceForPlane(size_t aPlane) + { ++ MOZ_ASSERT(mSurface); ++ + GLuint textureHandle; + gl::GLContext* gl = mProvider->GetGLContext(); + gl->fGenTextures(1, &textureHandle); +@@ -94,11 +96,17 @@ MacIOSurfaceTextureHostOGL::SetTextureSourceProvider(TextureSourceProvider* aPro + + gfx::SurfaceFormat + MacIOSurfaceTextureHostOGL::GetFormat() const { ++ if (!mSurface) { ++ return gfx::SurfaceFormat::UNKNOWN; ++ } + return mSurface->GetFormat(); + } + + gfx::SurfaceFormat + MacIOSurfaceTextureHostOGL::GetReadFormat() const { ++ if (!mSurface) { ++ return gfx::SurfaceFormat::UNKNOWN; ++ } + return mSurface->GetReadFormat(); + } + +diff --git gfx/layers/opengl/TextureHostOGL.cpp gfx/layers/opengl/TextureHostOGL.cpp +index bdcd8778c10d..2b28c19a126d 100644 +--- gfx/layers/opengl/TextureHostOGL.cpp ++++ gfx/layers/opengl/TextureHostOGL.cpp +@@ -26,10 +26,6 @@ + #include "mozilla/layers/MacIOSurfaceTextureHostOGL.h" + #endif + +-#ifdef GL_PROVIDER_GLX +-#include "mozilla/layers/X11TextureHost.h" +-#endif +- + using namespace mozilla::gl; + using namespace mozilla::gfx; + +@@ -46,14 +42,6 @@ CreateTextureHostOGL(const SurfaceDescriptor& aDesc, + { + RefPtr<TextureHost> result; + switch (aDesc.type()) { +- case SurfaceDescriptor::TSurfaceDescriptorBuffer: { +- result = CreateBackendIndependentTextureHost(aDesc, +- aDeallocator, +- aBackend, +- aFlags); +- break; +- } +- + #ifdef MOZ_WIDGET_ANDROID + case SurfaceDescriptor::TSurfaceTextureDescriptor: { + const SurfaceTextureDescriptor& desc = aDesc.get_SurfaceTextureDescriptor(); +@@ -88,14 +76,6 @@ CreateTextureHostOGL(const SurfaceDescriptor& aDesc, + } + #endif + +-#ifdef GL_PROVIDER_GLX +- case SurfaceDescriptor::TSurfaceDescriptorX11: { +- const auto& desc = aDesc.get_SurfaceDescriptorX11(); +- result = new X11TextureHost(aFlags, desc); +- break; +- } +-#endif +- + case SurfaceDescriptor::TSurfaceDescriptorSharedGLTexture: { + const auto& desc = aDesc.get_SurfaceDescriptorSharedGLTexture(); + result = new GLTextureHost(aFlags, desc.texture(), +@@ -105,7 +85,10 @@ CreateTextureHostOGL(const SurfaceDescriptor& aDesc, + desc.hasAlpha()); + break; + } +- default: return nullptr; ++ default: { ++ MOZ_ASSERT_UNREACHABLE("Unsupported SurfaceDescriptor type"); ++ break; ++ } + } + return result.forget(); + } +diff --git gfx/tests/gtest/TestLayers.h gfx/tests/gtest/TestLayers.h +index 18e351f7718c..fc6b750f1c62 100644 +--- gfx/tests/gtest/TestLayers.h ++++ gfx/tests/gtest/TestLayers.h +@@ -8,6 +8,22 @@ + + #include "Layers.h" + #include "nsTArray.h" ++#include "mozilla/layers/ISurfaceAllocator.h" ++ ++namespace mozilla { ++namespace layers { ++ ++class TestSurfaceAllocator final : public ISurfaceAllocator ++{ ++public: ++ TestSurfaceAllocator() {} ++ ~TestSurfaceAllocator() override {} ++ ++ bool IsSameProcess() const override { return true; } ++}; ++ ++} // layers ++} // mozilla + + /* Create layer tree from a simple layer tree description syntax. + * Each index is either the first letter of the layer type or +diff --git gfx/tests/gtest/TestTextureCompatibility.cpp gfx/tests/gtest/TestTextureCompatibility.cpp +index 45db4943ed1c..0815823b81ce 100644 +--- gfx/tests/gtest/TestTextureCompatibility.cpp ++++ gfx/tests/gtest/TestTextureCompatibility.cpp +@@ -14,6 +14,7 @@ + #include "mozilla/layers/TextureClient.h" + #include "mozilla/layers/TextureHost.h" + #include "mozilla/RefPtr.h" ++#include "TestLayers.h" + #include "TextureHelper.h" + + using mozilla::gfx::Feature; +@@ -22,6 +23,7 @@ using mozilla::layers::BasicCompositor; + using mozilla::layers::Compositor; + using mozilla::layers::CompositorOptions; + using mozilla::layers::LayersBackend; ++using mozilla::layers::TestSurfaceAllocator; + using mozilla::layers::TextureClient; + using mozilla::layers::TextureHost; + using mozilla::widget::CompositorWidget; +@@ -31,8 +33,9 @@ using mozilla::widget::InProcessCompositorWidget; + * This function will create the possible TextureClient and TextureHost pairs + * according to the given backend. + */ +-void ++static void + CreateTextureWithBackend(LayersBackend& aLayersBackend, ++ ISurfaceAllocator* aDeallocator, + nsTArray<RefPtr<TextureClient>>& aTextureClients, + nsTArray<RefPtr<TextureHost>>& aTextureHosts) + { +@@ -43,7 +46,8 @@ CreateTextureWithBackend(LayersBackend& aLayersBackend, + + for (uint32_t i = 0; i < aTextureClients.Length(); i++) { + aTextureHosts.AppendElement( +- CreateTextureHostWithBackend(aTextureClients[i], aLayersBackend)); ++ CreateTextureHostWithBackend(aTextureClients[i], aDeallocator, ++ aLayersBackend)); + } + } + +@@ -115,13 +119,15 @@ CheckCompatibilityWithBasicCompositor(LayersBackend aBackends, + TEST(Gfx, TestTextureCompatibility) + { + nsTArray<LayersBackend> backendHints; ++ RefPtr<TestSurfaceAllocator> deallocator = new TestSurfaceAllocator(); + + GetPlatformBackends(backendHints); + for (uint32_t i = 0; i < backendHints.Length(); i++) { + nsTArray<RefPtr<TextureClient>> textureClients; + nsTArray<RefPtr<TextureHost>> textureHosts; + +- CreateTextureWithBackend(backendHints[i], textureClients, textureHosts); ++ CreateTextureWithBackend(backendHints[i], deallocator, ++ textureClients, textureHosts); + CheckCompatibilityWithBasicCompositor(backendHints[i], textureHosts); + } + } +diff --git gfx/tests/gtest/TestTextures.cpp gfx/tests/gtest/TestTextures.cpp +index 19b94b867117..291eb55ca7e5 100644 +--- gfx/tests/gtest/TestTextures.cpp ++++ gfx/tests/gtest/TestTextures.cpp +@@ -5,6 +5,7 @@ + + #include "gtest/gtest.h" + #include "gmock/gmock.h" ++#include "TestLayers.h" + + #include "mozilla/gfx/2D.h" + #include "mozilla/gfx/Tools.h" +@@ -147,7 +148,8 @@ void TestTextureClientSurface(TextureClient* texture, gfxImageSurface* surface) + ASSERT_NE(descriptor.type(), SurfaceDescriptor::Tnull_t); + + // host deserialization +- RefPtr<TextureHost> host = CreateBackendIndependentTextureHost(descriptor, nullptr, ++ RefPtr<TestSurfaceAllocator> deallocator = new TestSurfaceAllocator(); ++ RefPtr<TextureHost> host = CreateBackendIndependentTextureHost(descriptor, deallocator, + LayersBackend::LAYERS_NONE, + texture->GetFlags()); + +@@ -193,7 +195,8 @@ void TestTextureClientYCbCr(TextureClient* client, PlanarYCbCrData& ycbcrData) { + ASSERT_EQ(ycbcrDesc.stereoMode(), ycbcrData.mStereoMode); + + // host deserialization +- RefPtr<TextureHost> textureHost = CreateBackendIndependentTextureHost(descriptor, nullptr, ++ RefPtr<TestSurfaceAllocator> deallocator = new TestSurfaceAllocator(); ++ RefPtr<TextureHost> textureHost = CreateBackendIndependentTextureHost(descriptor, deallocator, + LayersBackend::LAYERS_NONE, + client->GetFlags()); + +diff --git gfx/tests/gtest/TextureHelper.h gfx/tests/gtest/TextureHelper.h +index 144a237b17d4..770f7464f829 100644 +--- gfx/tests/gtest/TextureHelper.h ++++ gfx/tests/gtest/TextureHelper.h +@@ -140,6 +140,7 @@ CreateTextureClientWithBackend(LayersBackend aLayersBackend) + */ + already_AddRefed<TextureHost> + CreateTextureHostWithBackend(TextureClient* aClient, ++ ISurfaceAllocator* aDeallocator, + LayersBackend& aLayersBackend) + { + if (!aClient) { +@@ -153,7 +154,7 @@ CreateTextureHostWithBackend(TextureClient* aClient, + aClient->ToSurfaceDescriptor(descriptor); + + wr::MaybeExternalImageId id = Nothing(); +- return TextureHost::Create(descriptor, nullptr, aLayersBackend, ++ return TextureHost::Create(descriptor, aDeallocator, aLayersBackend, + aClient->GetFlags(), id); + } + Copied: branches/2018Q1/www/waterfox/files/patch-bug1435566 (from r462554, head/www/waterfox/files/patch-bug1435566) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q1/www/waterfox/files/patch-bug1435566 Thu Feb 22 01:01:03 2018 (r462556, copy of r462554, head/www/waterfox/files/patch-bug1435566) @@ -0,0 +1,27 @@ +commit 2d6648d9388d +Author: Emilio Cobos Álvarez <emilio@crisal.io> +Date: Thu Feb 15 11:21:55 2018 +0100 + + Bug 1435566: Make sure to drop frames for manual NAC from display: contents nodes. r=bz a=RyanVM + + MozReview-Commit-ID: 9CQIueSPwCV + + --HG-- + extra : source : 3219cd61e87b4f3003079154c437efa87080a917 +--- + layout/base/nsCSSFrameConstructor.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git layout/base/nsCSSFrameConstructor.cpp layout/base/nsCSSFrameConstructor.cpp +index 4a45072cbca5..7b6be5f222e8 100644 +--- layout/base/nsCSSFrameConstructor.cpp ++++ layout/base/nsCSSFrameConstructor.cpp +@@ -8533,7 +8533,7 @@ nsCSSFrameConstructor::ContentRemoved(nsIContent* aContainer, + return true; + } + +- FlattenedChildIterator iter(aChild); ++ StyleChildrenIterator iter(aChild); + for (nsIContent* c = iter.GetNextChild(); c; c = iter.GetNextChild()) { + if (c->GetPrimaryFrame() || GetDisplayContentsStyleFor(c)) { + LAYOUT_PHASE_TEMP_EXIT(); Copied: branches/2018Q1/www/waterfox/files/patch-bug1436768 (from r462554, head/www/waterfox/files/patch-bug1436768) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q1/www/waterfox/files/patch-bug1436768 Thu Feb 22 01:01:03 2018 (r462556, copy of r462554, head/www/waterfox/files/patch-bug1436768) @@ -0,0 +1,106 @@ +commit 885fcfb6c9fe +Author: Eric Rahm <erahm@mozilla.com> +Date: Thu Feb 8 16:25:07 2018 -0800 + + Bug 1436768 - Avoid initializing LogModuleManager more than once. r=froydnj a=RyanVM + + This adds some assertions to make the intended usage of LogModuleManager::Init + more clear. + + --HG-- + extra : source : ec9f62910277ae252c3fb32166358419afb96b34 +--- + xpcom/base/Logging.cpp | 27 +++++++++++++++++++++++---- + 1 file changed, 23 insertions(+), 4 deletions(-) + +diff --git xpcom/base/Logging.cpp xpcom/base/Logging.cpp +index 9d6a6d9ea861..eca3e97ee61e 100644 +--- xpcom/base/Logging.cpp ++++ xpcom/base/Logging.cpp +@@ -16,6 +16,7 @@ + #include "mozilla/Atomics.h" + #include "mozilla/Sprintf.h" + #include "mozilla/UniquePtrExtensions.h" ++#include "MainThreadUtils.h" + #include "nsClassHashtable.h" + #include "nsDebug.h" + #include "NSPRLogModulesParser.h" +@@ -179,6 +180,7 @@ public: + , mAddTimestamp(false) + , mIsSync(false) + , mRotate(0) ++ , mInitialized(false) + { + } + +@@ -190,9 +192,17 @@ public: + + /** + * Loads config from env vars if present. ++ * ++ * Notes: ++ * ++ * 1) This function is only intended to be called once per session. ++ * 2) None of the functions used in Init should rely on logging. + */ + void Init() + { ++ MOZ_DIAGNOSTIC_ASSERT(!mInitialized); ++ mInitialized = true; ++ + bool shouldAppend = false; + bool addTimestamp = false; + bool isSync = false; +@@ -213,8 +223,10 @@ public: + } + } + ++ // Need to capture `this` since `sLogModuleManager` is not set until after ++ // initialization is complete. + NSPRLogModulesParser(modules, +- [&shouldAppend, &addTimestamp, &isSync, &rotate] ++ [this, &shouldAppend, &addTimestamp, &isSync, &rotate] + (const char* aName, LogLevel aLevel, int32_t aValue) mutable { + if (strcmp(aName, "append") == 0) { + shouldAppend = true; +@@ -225,7 +237,7 @@ public: + } else if (strcmp(aName, "rotate") == 0) { + rotate = (aValue << 20) / kRotateFilesNumber; + } else { +- LogModule::Get(aName)->SetLevel(aLevel); ++ this->CreateOrGetModule(aName)->SetLevel(aLevel); + } + }); + +@@ -513,6 +525,7 @@ private: + Atomic<bool, Relaxed> mAddTimestamp; + Atomic<bool, Relaxed> mIsSync; + int32_t mRotate; ++ bool mInitialized; + }; + + StaticAutoPtr<LogModuleManager> sLogModuleManager; +@@ -557,6 +570,8 @@ LogModule::Init() + { + // NB: This method is not threadsafe; it is expected to be called very early + // in startup prior to any other threads being run. ++ MOZ_DIAGNOSTIC_ASSERT(NS_IsMainThread()); ++ + if (sLogModuleManager) { + // Already initialized. + return; +@@ -565,8 +580,12 @@ LogModule::Init() + // NB: We intentionally do not register for ClearOnShutdown as that happens + // before all logging is complete. And, yes, that means we leak, but + // we're doing that intentionally. +- sLogModuleManager = new LogModuleManager(); +- sLogModuleManager->Init(); ++ ++ // Don't assign the pointer until after Init is called. This should help us ++ // detect if any of the functions called by Init somehow rely on logging. ++ auto mgr = new LogModuleManager(); ++ mgr->Init(); ++ sLogModuleManager = mgr; + } + + void Copied: branches/2018Q1/www/waterfox/files/patch-bug1437214 (from r462554, head/www/waterfox/files/patch-bug1437214) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q1/www/waterfox/files/patch-bug1437214 Thu Feb 22 01:01:03 2018 (r462556, copy of r462554, head/www/waterfox/files/patch-bug1437214) @@ -0,0 +1,217 @@ +commit 8fdc2449bfe2 +Author: David Keeler <dkeeler@mozilla.com> +Date: Fri Feb 9 16:35:54 2018 -0800 + + bug 1437214 - if PathBuildingStep::Check fails due to a problem with the subject certificate rather than the potential issuer, set keepGoing to false r=jcj a=RyanVM + + MozReview-Commit-ID: DEr4YgXfkOL + + --HG-- + extra : source : f2669a2b5934ac8e5637c3b96ab1f1dcdf502c00 +--- + security/pkix/lib/pkixbuild.cpp | 13 ++- + security/pkix/test/gtest/pkixbuild_tests.cpp | 163 +++++++++++++++++++++++++++ + 2 files changed, 174 insertions(+), 2 deletions(-) + +diff --git security/pkix/lib/pkixbuild.cpp security/pkix/lib/pkixbuild.cpp +index fd6a9d5115d4..0b33e3d5ae71 100644 +--- security/pkix/lib/pkixbuild.cpp ++++ security/pkix/lib/pkixbuild.cpp +@@ -241,7 +241,12 @@ PathBuildingStep::Check(Input potentialIssuerDER, + validityDuration, stapledOCSPResponse, + subject.GetAuthorityInfoAccess()); + if (rv != Success) { +- return RecordResult(rv, keepGoing); ++ // Since this is actually a problem with the current subject certificate ++ // (rather than the issuer), it doesn't make sense to keep going; all ++ // paths through this certificate will fail. ++ Result savedRv = RecordResult(rv, keepGoing); ++ keepGoing = false; ++ return savedRv; + } + + if (subject.endEntityOrCA == EndEntityOrCA::MustBeEndEntity) { +@@ -251,7 +256,11 @@ PathBuildingStep::Check(Input potentialIssuerDER, + rv = ExtractSignedCertificateTimestampListFromExtension(*sctExtension, + sctList); + if (rv != Success) { +- return RecordResult(rv, keepGoing); ++ // Again, the problem is with this certificate, and all paths through ++ // it will fail. ++ Result savedRv = RecordResult(rv, keepGoing); ++ keepGoing = false; ++ return savedRv; + } + trustDomain.NoteAuxiliaryExtension(AuxiliaryExtension::EmbeddedSCTList, + sctList); +diff --git security/pkix/test/gtest/pkixbuild_tests.cpp security/pkix/test/gtest/pkixbuild_tests.cpp +index 64fa4c307c76..5948df7037a8 100644 +--- security/pkix/test/gtest/pkixbuild_tests.cpp ++++ security/pkix/test/gtest/pkixbuild_tests.cpp +@@ -582,3 +582,166 @@ TEST_F(pkixbuild, CertificateTransparencyExtension) + ASSERT_EQ(BytesToByteString(dummySctList), + extTrustDomain.signedCertificateTimestamps); + } ++ ++// This TrustDomain implements a hierarchy like so: ++// ++// A B ++// | | ++// C D ++// \ / ++// E ++// ++// where A is a trust anchor, B is not a trust anchor and has no known issuer, C ++// and D are intermediates with the same subject and subject public key, and E ++// is an end-entity (in practice, the end-entity will be generated by the test ++// functions using this trust domain). ++class MultiplePathTrustDomain: public DefaultCryptoTrustDomain ++{ ++public: ++ void SetUpCerts() ++ { ++ ASSERT_FALSE(ENCODING_FAILED(CreateCert("UntrustedRoot", "UntrustedRoot", ++ EndEntityOrCA::MustBeCA, ++ &subjectDERToCertDER))); ++ // The subject DER -> cert DER mapping would be overwritten for subject ++ // "Intermediate" when we create the second "Intermediate" certificate, so ++ // we keep a copy of this "Intermediate". ++ intermediateSignedByUntrustedRootCertDER = ++ CreateCert("UntrustedRoot", "Intermediate", EndEntityOrCA::MustBeCA); ++ ASSERT_FALSE(ENCODING_FAILED(intermediateSignedByUntrustedRootCertDER)); ++ rootCACertDER = CreateCert("TrustedRoot", "TrustedRoot", ++ EndEntityOrCA::MustBeCA, &subjectDERToCertDER); ++ ASSERT_FALSE(ENCODING_FAILED(rootCACertDER)); ++ ASSERT_FALSE(ENCODING_FAILED(CreateCert("TrustedRoot", "Intermediate", ++ EndEntityOrCA::MustBeCA, ++ &subjectDERToCertDER))); ++ } ++ ++private: ++ Result GetCertTrust(EndEntityOrCA, const CertPolicyId&, Input candidateCert, ++ /*out*/ TrustLevel& trustLevel) override ++ { ++ trustLevel = InputEqualsByteString(candidateCert, rootCACertDER) ++ ? TrustLevel::TrustAnchor ++ : TrustLevel::InheritsTrust; ++ return Success; ++ } ++ ++ Result CheckCert(ByteString& certDER, IssuerChecker& checker, bool& keepGoing) ++ { ++ Input derCert; ++ Result rv = derCert.Init(certDER.data(), certDER.length()); ++ if (rv != Success) { ++ return rv; ++ } ++ return checker.Check(derCert, nullptr/*additionalNameConstraints*/, ++ keepGoing); ++ } ++ ++ Result FindIssuer(Input encodedIssuerName, IssuerChecker& checker, Time) ++ override ++ { ++ ByteString subjectDER(InputToByteString(encodedIssuerName)); ++ ByteString certDER(subjectDERToCertDER[subjectDER]); ++ assert(!ENCODING_FAILED(certDER)); ++ bool keepGoing; ++ Result rv = CheckCert(certDER, checker, keepGoing); ++ if (rv != Success) { ++ return rv; ++ } ++ // Also try the other intermediate. ++ if (keepGoing) { ++ rv = CheckCert(intermediateSignedByUntrustedRootCertDER, checker, ++ keepGoing); ++ if (rv != Success) { ++ return rv; ++ } ++ } ++ return Success; ++ } ++ ++ Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration, ++ /*optional*/ const Input*, ++ /*optional*/ const Input*) override ++ { ++ return Success; ++ } ++ ++ Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override ++ { ++ return Success; ++ } ++ ++ std::map<ByteString, ByteString> subjectDERToCertDER; ++ ByteString rootCACertDER; ++ ByteString intermediateSignedByUntrustedRootCertDER; ++}; ++ ++TEST_F(pkixbuild, BadEmbeddedSCTWithMultiplePaths) ++{ ++ MultiplePathTrustDomain trustDomain; ++ trustDomain.SetUpCerts(); ++ ++ // python security/pkix/tools/DottedOIDToCode.py --tlv ++ // id-embeddedSctList 1.3.6.1.4.1.11129.2.4.2 ++ static const uint8_t tlv_id_embeddedSctList[] = { ++ 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79, 0x02, 0x04, 0x02 ++ }; ++ static const uint8_t dummySctList[] = { ++ 0x01, 0x02, 0x03, 0x04, 0x05 ++ }; ++ ByteString ctExtension = TLV(der::SEQUENCE, ++ BytesToByteString(tlv_id_embeddedSctList) + ++ Boolean(false) + ++ // The contents of the OCTET STRING are supposed to consist of an OCTET ++ // STRING of useful data. We're testing what happens if it isn't, so shove ++ // some bogus (non-OCTET STRING) data in there. ++ TLV(der::OCTET_STRING, BytesToByteString(dummySctList))); ++ ByteString certDER(CreateCert("Intermediate", "Cert with bogus SCT list", ++ EndEntityOrCA::MustBeEndEntity, ++ nullptr, /*subjectDERToCertDER*/ ++ &ctExtension)); ++ ASSERT_FALSE(ENCODING_FAILED(certDER)); ++ Input certDERInput; ++ ASSERT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length())); ++ ASSERT_EQ(Result::ERROR_BAD_DER, ++ BuildCertChain(trustDomain, certDERInput, Now(), ++ EndEntityOrCA::MustBeEndEntity, ++ KeyUsage::noParticularKeyUsageRequired, ++ KeyPurposeId::id_kp_serverAuth, ++ CertPolicyId::anyPolicy, ++ nullptr/*stapledOCSPResponse*/)); ++} ++ ++// Same as a MultiplePathTrustDomain, but the end-entity is revoked. ++class RevokedEndEntityTrustDomain final : public MultiplePathTrustDomain ++{ ++public: ++ Result CheckRevocation(EndEntityOrCA endEntityOrCA, const CertID&, Time, ++ Duration, /*optional*/ const Input*, ++ /*optional*/ const Input*) override ++ { ++ if (endEntityOrCA == EndEntityOrCA::MustBeEndEntity) { ++ return Result::ERROR_REVOKED_CERTIFICATE; ++ } ++ return Success; ++ } ++}; ++ ++TEST_F(pkixbuild, RevokedEndEntityWithMultiplePaths) ++{ ++ RevokedEndEntityTrustDomain trustDomain; ++ trustDomain.SetUpCerts(); ++ ByteString certDER(CreateCert("Intermediate", "RevokedEndEntity", ++ EndEntityOrCA::MustBeEndEntity)); ++ ASSERT_FALSE(ENCODING_FAILED(certDER)); ++ Input certDERInput; ++ ASSERT_EQ(Success, certDERInput.Init(certDER.data(), certDER.length())); ++ ASSERT_EQ(Result::ERROR_REVOKED_CERTIFICATE, ++ BuildCertChain(trustDomain, certDERInput, Now(), ++ EndEntityOrCA::MustBeEndEntity, ++ KeyUsage::noParticularKeyUsageRequired, ++ KeyPurposeId::id_kp_serverAuth, ++ CertPolicyId::anyPolicy, ++ nullptr/*stapledOCSPResponse*/)); ++} Copied: branches/2018Q1/www/waterfox/files/patch-bug1438645 (from r462554, head/www/waterfox/files/patch-bug1438645) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q1/www/waterfox/files/patch-bug1438645 Thu Feb 22 01:01:03 2018 (r462556, copy of r462554, head/www/waterfox/files/patch-bug1438645) @@ -0,0 +1,210 @@ +commit dc9f32108582 +Author: Ted Campbell <tcampbell@mozilla.com> +Date: Thu Feb 15 14:58:00 2018 +0200 + + Bug 1438645 - Prevent XDR from reading past its buffer. r=nbp a=lizzard + While XDR data is supposed to be trusted, we currently run into a + corruption for some users/use-cases and so make more XDR operations + fallible instead of crashing. + + MozReview-Commit-ID: 9FSLNWh9RxG + + --HG-- + extra : source : fb0c12a38e03ad49c40eb64df23885037d26053d +--- + js/src/jsatom.cpp | 18 ++++++++++++---- + js/src/vm/Xdr.cpp | 2 ++ + js/src/vm/Xdr.h | 62 ++++++++++++++++++++++++++++++++++++------------------- + 3 files changed, 57 insertions(+), 25 deletions(-) + +diff --git js/src/jsatom.cpp js/src/jsatom.cpp +index 5d3ed0040dc1..f1d975f6f03d 100644 +--- js/src/jsatom.cpp ++++ js/src/jsatom.cpp +@@ -644,15 +644,25 @@ js::XDRAtom(XDRState<mode>* xdr, MutableHandleAtom atomp) + JSAtom* atom; + if (latin1) { + const Latin1Char* chars = nullptr; +- if (length) +- chars = reinterpret_cast<const Latin1Char*>(xdr->buf.read(length)); ++ if (length) { ++ const uint8_t *ptr; ++ size_t nbyte = length * sizeof(Latin1Char); ++ if (!xdr->peekData(&ptr, nbyte)) ++ return false; ++ chars = reinterpret_cast<const Latin1Char*>(ptr); ++ } + atom = AtomizeChars(cx, chars, length); + } else { + #if MOZ_LITTLE_ENDIAN + /* Directly access the little endian chars in the XDR buffer. */ + const char16_t* chars = nullptr; +- if (length) +- chars = reinterpret_cast<const char16_t*>(xdr->buf.read(length * sizeof(char16_t))); ++ if (length) { ++ const uint8_t *ptr; ++ size_t nbyte = length * sizeof(char16_t); ++ if (!xdr->peekData(&ptr, nbyte)) ++ return false; ++ chars = reinterpret_cast<const char16_t*>(ptr); ++ } + atom = AtomizeChars(cx, chars, length); + #else + /* +diff --git js/src/vm/Xdr.cpp js/src/vm/Xdr.cpp +index ec184f31e0c7..5847dbbe3453 100644 +--- js/src/vm/Xdr.cpp ++++ js/src/vm/Xdr.cpp +@@ -73,6 +73,8 @@ XDRState<mode>::codeChars(char16_t* chars, size_t nchars) + mozilla::NativeEndian::copyAndSwapToLittleEndian(ptr, chars, nchars); + } else { + const uint8_t* ptr = buf.read(nbytes); ++ if (!ptr) ++ return fail(JS::TranscodeResult_Failure_BadDecode); + mozilla::NativeEndian::copyAndSwapFromLittleEndian(chars, ptr, nchars); + } + return true; +diff --git js/src/vm/Xdr.h js/src/vm/Xdr.h +index 0a6cbf01b50f..a60f43c6b531 100644 +--- js/src/vm/Xdr.h ++++ js/src/vm/Xdr.h +@@ -61,11 +61,6 @@ class XDRBuffer<XDR_ENCODE> : public XDRBufferBase + return ptr; + } + +- const char* readCString() { +- MOZ_CRASH("Should never read in encode mode"); +- return nullptr; +- } +- + const uint8_t* read(size_t n) { + MOZ_CRASH("Should never read in encode mode"); + return nullptr; +@@ -87,19 +82,15 @@ class XDRBuffer<XDR_DECODE> : public XDRBufferBase + : XDRBufferBase(cx, cursor), + buffer_(buffer.begin(), buffer.length()) { } + +- const char* readCString() { +- char* ptr = reinterpret_cast<char*>(&buffer_[cursor_]); +- uint8_t* end = reinterpret_cast<uint8_t*>(strchr(ptr, '\0')) + 1; +- MOZ_ASSERT(buffer_.begin().get() < end); +- MOZ_ASSERT(end <= buffer_.end().get()); +- cursor_ = end - buffer_.begin().get(); +- return ptr; +- } +- + const uint8_t* read(size_t n) { + MOZ_ASSERT(cursor_ < buffer_.length()); + uint8_t* ptr = &buffer_[cursor_]; + cursor_ += n; ++ ++ // Don't let buggy code read past our buffer ++ if (cursor_ > buffer_.length()) ++ return nullptr; ++ + return ptr; + } + +@@ -174,7 +165,7 @@ class XDRCoderBase + template <XDRMode mode> + class XDRState : public XDRCoderBase + { +- public: ++ protected: + XDRBuffer<mode> buf; + private: + JS::TranscodeResult resultCode_; +@@ -220,6 +211,14 @@ class XDRState : public XDRCoderBase + return false; + } + ++ bool peekData(const uint8_t** pptr, size_t length) { ++ const uint8_t* ptr = buf.read(length); ++ if (!ptr) ++ return fail(JS::TranscodeResult_Failure_BadDecode); ++ *pptr = ptr; ++ return true; ++ } ++ + bool codeUint8(uint8_t* n) { + if (mode == XDR_ENCODE) { + uint8_t* ptr = buf.write(sizeof(*n)); +@@ -227,7 +226,10 @@ class XDRState : public XDRCoderBase + return fail(JS::TranscodeResult_Throw); + *ptr = *n; + } else { +- *n = *buf.read(sizeof(*n)); ++ const uint8_t* ptr = buf.read(sizeof(*n)); ++ if (!ptr) ++ return fail(JS::TranscodeResult_Failure_BadDecode); ++ *n = *ptr; + } + return true; + } +@@ -240,6 +242,8 @@ class XDRState : public XDRCoderBase + mozilla::LittleEndian::writeUint16(ptr, *n); + } else { + const uint8_t* ptr = buf.read(sizeof(*n)); ++ if (!ptr) ++ return fail(JS::TranscodeResult_Failure_BadDecode); + *n = mozilla::LittleEndian::readUint16(ptr); + } + return true; +@@ -253,6 +257,8 @@ class XDRState : public XDRCoderBase + mozilla::LittleEndian::writeUint32(ptr, *n); + } else { + const uint8_t* ptr = buf.read(sizeof(*n)); ++ if (!ptr) ++ return fail(JS::TranscodeResult_Failure_BadDecode); + *n = mozilla::LittleEndian::readUint32(ptr); + } + return true; +@@ -266,6 +272,8 @@ class XDRState : public XDRCoderBase + mozilla::LittleEndian::writeUint64(ptr, *n); + } else { + const uint8_t* ptr = buf.read(sizeof(*n)); ++ if (!ptr) ++ return fail(JS::TranscodeResult_Failure_BadDecode); + *n = mozilla::LittleEndian::readUint64(ptr); + } + return true; +@@ -328,7 +336,10 @@ class XDRState : public XDRCoderBase + return fail(JS::TranscodeResult_Throw); + memcpy(ptr, bytes, len); + } else { +- memcpy(bytes, buf.read(len), len); ++ const uint8_t* ptr = buf.read(len); ++ if (!ptr) ++ return fail(JS::TranscodeResult_Failure_BadDecode); ++ memcpy(bytes, ptr, len); + } + return true; + } +@@ -340,14 +351,23 @@ class XDRState : public XDRCoderBase + * the decoding buffer. + */ *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201802220101.w1M113Kq023706>