diff options
author | Mark H Weaver <mhw@netris.org> | 2016-04-27 22:33:02 -0400 |
---|---|---|
committer | Mark H Weaver <mhw@netris.org> | 2016-04-28 10:25:19 -0400 |
commit | dde2a94c095f840578c307ebf23cd7c3ba5ec858 (patch) | |
tree | 214642e8d3e7ece66e548072144193d1ed17efe1 /gnu/packages/patches/icecat-CVE-2016-2807-pt4.patch | |
parent | 3161f6a4eca3225778a76eb5c21cfc150e6dce0a (diff) | |
download | guix-dde2a94c095f840578c307ebf23cd7c3ba5ec858.tar guix-dde2a94c095f840578c307ebf23cd7c3ba5ec858.tar.gz |
gnu: icecat: Add fixes for CVE-2016-{2805,2807,2808,2814} etc.
* gnu/packages/patches/icecat-CVE-2016-2805.patch,
gnu/packages/patches/icecat-CVE-2016-2807-pt1.patch,
gnu/packages/patches/icecat-CVE-2016-2807-pt2.patch,
gnu/packages/patches/icecat-CVE-2016-2807-pt3.patch,
gnu/packages/patches/icecat-CVE-2016-2807-pt4.patch,
gnu/packages/patches/icecat-CVE-2016-2807-pt5.patch,
gnu/packages/patches/icecat-CVE-2016-2808.patch,
gnu/packages/patches/icecat-CVE-2016-2814.patch,
gnu/packages/patches/icecat-update-bundled-graphite2: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
icecat fixup
Diffstat (limited to 'gnu/packages/patches/icecat-CVE-2016-2807-pt4.patch')
-rw-r--r-- | gnu/packages/patches/icecat-CVE-2016-2807-pt4.patch | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/gnu/packages/patches/icecat-CVE-2016-2807-pt4.patch b/gnu/packages/patches/icecat-CVE-2016-2807-pt4.patch new file mode 100644 index 0000000000..5eff4fe99c --- /dev/null +++ b/gnu/packages/patches/icecat-CVE-2016-2807-pt4.patch @@ -0,0 +1,37 @@ +Copied from https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/5c312182da90 + +# HG changeset patch +# User Jan de Mooij <jdemooij@mozilla.com> +# Date 1458828581 -3600 +# Node ID 5c312182da9020504103aa329360abaffa7e232d +# Parent fa4efccde9b7efde8763a178a6cf422b6d37a0e9 +Bug 1254622 - Relookup group->newScript in CreateThisForFunctionWithGroup. r=bhackett a=sylvestre + +MozReview-Commit-ID: KXd7kB70f1Z + +diff --git a/js/src/jsobj.cpp b/js/src/jsobj.cpp +--- a/js/src/jsobj.cpp ++++ b/js/src/jsobj.cpp +@@ -1574,18 +1574,19 @@ CreateThisForFunctionWithGroup(JSContext + // Not enough objects with this group have been created yet, so make a + // plain object and register it with the group. Use the maximum number + // of fixed slots, as is also required by the TypeNewScript. + gc::AllocKind allocKind = GuessObjectGCKind(NativeObject::MAX_FIXED_SLOTS); + PlainObject* res = NewObjectWithGroup<PlainObject>(cx, group, parent, allocKind, newKind); + if (!res) + return nullptr; + +- if (newKind != SingletonObject) +- newScript->registerNewObject(res); ++ // Make sure group->newScript is still there. ++ if (newKind != SingletonObject && group->newScript()) ++ group->newScript()->registerNewObject(res); + + return res; + } + + gc::AllocKind allocKind = NewObjectGCKind(&PlainObject::class_); + + if (newKind == SingletonObject) { + Rooted<TaggedProto> protoRoot(cx, group->proto()); + |