diff options
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r-- | gnu/packages/patches/beignet-correct-file-names.patch | 32 | ||||
-rw-r--r-- | gnu/packages/patches/emacs-browse-at-remote-cgit-gnu.patch | 59 | ||||
-rw-r--r-- | gnu/packages/patches/gcc-8-strmov-store-file-names.patch | 110 | ||||
-rw-r--r-- | gnu/packages/patches/icecat-bug-1413868-pt1.patch | 663 | ||||
-rw-r--r-- | gnu/packages/patches/libtiff-CVE-2018-10963.patch | 40 | ||||
-rw-r--r-- | gnu/packages/patches/libtiff-CVE-2018-8905.patch | 61 | ||||
-rw-r--r-- | gnu/packages/patches/qtoctave-qt-5.11-fix.patch | 26 |
7 files changed, 932 insertions, 59 deletions
diff --git a/gnu/packages/patches/beignet-correct-file-names.patch b/gnu/packages/patches/beignet-correct-file-names.patch new file mode 100644 index 0000000000..2c5d0bbaea --- /dev/null +++ b/gnu/packages/patches/beignet-correct-file-names.patch @@ -0,0 +1,32 @@ +Help CMake find Clang's libraries. +Have it install the ICD file in the right place. + +diff --git a/CMake/FindLLVM.cmake b/CMake/FindLLVM.cmake +index 5457f248..e8e8f94a 100644 +--- a/CMake/FindLLVM.cmake ++++ b/CMake/FindLLVM.cmake +@@ -107,7 +107,7 @@ endif (LLVM_VERSION_NODOT VERSION_GREATER 34) + macro(add_one_lib name) + FIND_LIBRARY(CLANG_LIB + NAMES ${name} +- PATHS ${LLVM_LIBRARY_DIR} NO_DEFAULT_PATH) ++ PATHS ${CLANG_LIBRARY_DIR} NO_DEFAULT_PATH) + set(CLANG_LIBRARIES ${CLANG_LIBRARIES} ${CLANG_LIB}) + unset(CLANG_LIB CACHE) + endmacro() +diff --git a/CMakeLists.txt b/CMakeLists.txt +index c11acbb2..fb99e5c8 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -217,7 +217,7 @@ IF(OCLIcd_FOUND) + "intel-beignet.icd.in" + "${ICD_FILE_NAME}" + ) +- install (FILES ${CMAKE_CURRENT_BINARY_DIR}/${ICD_FILE_NAME} DESTINATION /etc/OpenCL/vendors) ++ install (FILES ${CMAKE_CURRENT_BINARY_DIR}/${ICD_FILE_NAME} DESTINATION etc/OpenCL/vendors COMPONENT config) + ELSE(OCLIcd_FOUND) + MESSAGE(STATUS "Looking for OCL ICD header file - not found") + MESSAGE(FATAL_ERROR "OCL ICD loader miss. If you really want to disable OCL ICD support, please run cmake with option -DOCLICD_COMPAT=0.") +-- +2.14.3 + diff --git a/gnu/packages/patches/emacs-browse-at-remote-cgit-gnu.patch b/gnu/packages/patches/emacs-browse-at-remote-cgit-gnu.patch deleted file mode 100644 index b90017fdb4..0000000000 --- a/gnu/packages/patches/emacs-browse-at-remote-cgit-gnu.patch +++ /dev/null @@ -1,59 +0,0 @@ -Copyright © 2018 Oleg Pykhalov <go.wigust@gmail.com> - -This patch adds a support for Git repositories hosted on git.savannah.gnu.org. - -Upstream bug URL: - -https://github.com/rmuslimov/browse-at-remote/pull/46 - -From cd2ccdaef8b1d97337d790175f71cc3dbcfcff64 Mon Sep 17 00:00:00 2001 -From: Oleg Pykhalov <go.wigust@gmail.com> -Date: Fri, 26 Jan 2018 00:05:30 +0300 -Subject: [PATCH] Add support for repositories that are hosted on gnu cgit - ---- - browse-at-remote.el | 21 ++++++++++++++++++++- - 1 file changed, 20 insertions(+), 1 deletion(-) - -diff --git a/browse-at-remote.el b/browse-at-remote.el -index 66967b3..e210d18 100644 ---- a/browse-at-remote.el -+++ b/browse-at-remote.el -@@ -44,7 +44,8 @@ - (defcustom browse-at-remote-remote-type-domains - '(("bitbucket.org" ."bitbucket") - ("github.com" . "github") -- ("gitlab.com" . "gitlab")) -+ ("gitlab.com" . "gitlab") -+ ("git.savannah.gnu.org" . "gnu")) - "Alist of domain patterns to remote types." - - :type '(alist :key-type (string :tag "Domain") -@@ -199,6 +200,24 @@ If HEAD is detached, return nil." - (if (fboundp formatter) - formatter nil))) - -+(defun browse-at-remote-gnu-format-url (repo-url) -+ "Get a gnu formatted URL." -+ (replace-regexp-in-string -+ (concat "https://" (car (rassoc "gnu" browse-at-remote-remote-type-domains)) -+ "/\\(git\\).*\\'") -+ "cgit" repo-url nil nil 1)) -+ -+(defun browse-at-remote--format-region-url-as-gnu (repo-url location filename &optional linestart lineend) -+ "URL formatter for gnu." -+ (let ((repo-url (browse-at-remote-gnu-format-url repo-url))) -+ (cond -+ (linestart (format "%s.git/tree/%s?h=%s#n%d" repo-url filename location linestart)) -+ (t (format "%s.git/tree/%s?h=%s" repo-url filename location))))) -+ -+(defun browse-at-remote--format-commit-url-as-gnu (repo-url commithash) -+ "Commit URL formatted for gnu" -+ (format "%s.git/commit/?id=%s" (browse-at-remote-gnu-format-url repo-url) commithash)) -+ - (defun browse-at-remote--format-region-url-as-github (repo-url location filename &optional linestart lineend) - "URL formatted for github." - (cond --- -2.15.1 - diff --git a/gnu/packages/patches/gcc-8-strmov-store-file-names.patch b/gnu/packages/patches/gcc-8-strmov-store-file-names.patch new file mode 100644 index 0000000000..f8e6b951b2 --- /dev/null +++ b/gnu/packages/patches/gcc-8-strmov-store-file-names.patch @@ -0,0 +1,110 @@ +Make sure that statements such as: + + strcpy (dst, "/gnu/store/…"); + +or + + static const char str[] = "/gnu/store/…"; + … + strcpy (dst, str); + +do not result in chunked /gnu/store strings that are undetectable by +Guix's GC and its grafting code. See <https://bugs.gnu.org/24703> +and <https://bugs.gnu.org/30395>. + +--- gcc-5.3.0/gcc/builtins.c 2016-10-18 10:50:46.080616285 +0200 ++++ gcc-5.3.0/gcc/builtins.c 2016-11-09 15:26:43.693042737 +0100 +@@ -3012,6 +3012,58 @@ determine_block_size (tree len, rtx len_rtx, + GET_MODE_MASK (GET_MODE (len_rtx))); + } + ++extern void debug_tree (tree); ++ ++/* Return true if STR contains the string "/gnu/store". */ ++ ++bool ++store_reference_p (tree str) ++{ ++ if (getenv ("GUIX_GCC_DEBUG") != NULL) ++ debug_tree (str); ++ ++ if (TREE_CODE (str) == ADDR_EXPR) ++ str = TREE_OPERAND (str, 0); ++ ++ if (TREE_CODE (str) == VAR_DECL ++ && TREE_STATIC (str) ++ && TREE_READONLY (str)) ++ { ++ /* STR may be a 'static const' variable whose initial value ++ is a string constant. See <https://bugs.gnu.org/30395>. */ ++ str = DECL_INITIAL (str); ++ if (str == NULL_TREE) ++ return false; ++ } ++ ++ if (TREE_CODE (str) != STRING_CST) ++ return false; ++ ++ int len; ++ const char *store; ++ ++ store = getenv ("NIX_STORE") ? getenv ("NIX_STORE") : "/gnu/store"; ++ len = strlen (store); ++ ++ /* Size of the hash part of store file names, including leading slash and ++ trailing hyphen. */ ++ const int hash_len = 34; ++ ++ if (TREE_STRING_LENGTH (str) < len + hash_len) ++ return false; ++ ++ /* We cannot use 'strstr' because 'TREE_STRING_POINTER' returns a string ++ that is not necessarily NUL-terminated. */ ++ ++ for (int i = 0; i < TREE_STRING_LENGTH (str) - (len + hash_len); i++) ++ { ++ if (strncmp (TREE_STRING_POINTER (str) + i, store, len) == 0) ++ return true; ++ } ++ ++ return false; ++} ++ + /* Try to verify that the sizes and lengths of the arguments to a string + manipulation function given by EXP are within valid bounds and that + the operation does not lead to buffer overflow or read past the end. +@@ -3605,6 +3657,13 @@ expand_builtin_memory_copy_args (tree dest, tree src, tree len, + unsigned HOST_WIDE_INT max_size; + unsigned HOST_WIDE_INT probable_max_size; + ++ /* Do not emit block moves, which translate to the 'movabs' instruction on ++ x86_64, when SRC refers to store items. That way, store references ++ remain visible to the Guix GC and grafting code. See ++ <https://bugs.gnu.org/24703>. */ ++ if (store_reference_p (src)) ++ return NULL_RTX; ++ + /* If DEST is not a pointer type, call the normal function. */ + if (dest_align == 0) + return NULL_RTX; +--- gcc-5.5.0/gcc/gimple-fold.c 2018-03-20 11:36:16.709442004 +0100 ++++ gcc-5.5.0/gcc/gimple-fold.c 2018-03-20 11:46:43.838487065 +0100 +@@ -635,6 +635,8 @@ var_decl_component_p (tree var) + return SSA_VAR_P (inner); + } + ++extern bool store_reference_p (tree); ++ + /* If the SIZE argument representing the size of an object is in a range + of values of which exactly one is valid (and that is zero), return + true, otherwise false. */ +@@ -742,6 +744,9 @@ gimple_fold_builtin_memory_op (gimple_stmt_iterator *gsi, + off0 = build_int_cst (build_pointer_type_for_mode (char_type_node, + ptr_mode, true), 0); + ++ if (store_reference_p (src)) ++ return false; ++ + /* If we can perform the copy efficiently with first doing all loads + and then all stores inline it that way. Currently efficiently + means that we can load all the memory into a single integer diff --git a/gnu/packages/patches/icecat-bug-1413868-pt1.patch b/gnu/packages/patches/icecat-bug-1413868-pt1.patch new file mode 100644 index 0000000000..18382dc33a --- /dev/null +++ b/gnu/packages/patches/icecat-bug-1413868-pt1.patch @@ -0,0 +1,663 @@ +Based on <https://hg.mozilla.org/releases/mozilla-esr52/rev/431fa5dd4016> +Adapted to apply cleanly to GNU IceCat. + +# HG changeset patch +# User Honza Bambas <honzab.moz@firemni.cz> +# Date 1528830658 14400 +# Node ID 431fa5dd4016bdab7e4bb0d3c4df85468fe337b0 +# Parent e8e9e1ef79f2a18c61ec1b87cfb214c8d4960f8e +Bug 1413868. r=valentin, a=RyanVM + +diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp +--- a/toolkit/xre/nsAppRunner.cpp ++++ b/toolkit/xre/nsAppRunner.cpp +@@ -4,16 +4,17 @@ + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + + #include "mozilla/dom/ContentParent.h" + #include "mozilla/dom/ContentChild.h" + #include "mozilla/ipc/GeckoChildProcessHost.h" + + #include "mozilla/ArrayUtils.h" + #include "mozilla/Attributes.h" ++#include "mozilla/FilePreferences.h" + #include "mozilla/ChaosMode.h" + #include "mozilla/IOInterposer.h" + #include "mozilla/Likely.h" + #include "mozilla/MemoryChecking.h" + #include "mozilla/Poison.h" + #include "mozilla/Preferences.h" + #include "mozilla/ScopeExit.h" + #include "mozilla/Services.h" +@@ -4304,16 +4305,20 @@ XREMain::XRE_mainRun() + // Need to write out the fact that the profile has been removed and potentially + // that the selected/default profile changed. + mProfileSvc->Flush(); + } + } + + mDirProvider.DoStartup(); + ++ // As FilePreferences need the profile directory, we must initialize right here. ++ mozilla::FilePreferences::InitDirectoriesWhitelist(); ++ mozilla::FilePreferences::InitPrefs(); ++ + OverrideDefaultLocaleIfNeeded(); + + #ifdef MOZ_CRASHREPORTER + nsCString userAgentLocale; + // Try a localized string first. This pref is always a localized string in + // IceCatMobile, and might be elsewhere, too. + if (NS_SUCCEEDED(Preferences::GetLocalizedCString("general.useragent.locale", &userAgentLocale))) { + CrashReporter::AnnotateCrashReport(NS_LITERAL_CSTRING("useragent_locale"), userAgentLocale); +diff --git a/toolkit/xre/nsEmbedFunctions.cpp b/toolkit/xre/nsEmbedFunctions.cpp +--- a/toolkit/xre/nsEmbedFunctions.cpp ++++ b/toolkit/xre/nsEmbedFunctions.cpp +@@ -46,16 +46,17 @@ + #include "nsX11ErrorHandler.h" + #include "nsGDKErrorHandler.h" + #include "base/at_exit.h" + #include "base/command_line.h" + #include "base/message_loop.h" + #include "base/process_util.h" + #include "chrome/common/child_process.h" + ++#include "mozilla/FilePreferences.h" + #include "mozilla/ipc/BrowserProcessSubThread.h" + #include "mozilla/ipc/GeckoChildProcessHost.h" + #include "mozilla/ipc/IOThreadChild.h" + #include "mozilla/ipc/ProcessChild.h" + #include "ScopedXREEmbed.h" + + #include "mozilla/plugins/PluginProcessChild.h" + #include "mozilla/dom/ContentProcess.h" +@@ -680,16 +681,18 @@ XRE_InitChildProcess(int aArgc, + ::SetProcessShutdownParameters(0x280 - 1, SHUTDOWN_NORETRY); + #endif + + #if defined(MOZ_SANDBOX) && defined(XP_WIN) + // We need to do this after the process has been initialised, as + // InitLoggingIfRequired may need access to prefs. + mozilla::sandboxing::InitLoggingIfRequired(aChildData->ProvideLogFunction); + #endif ++ mozilla::FilePreferences::InitDirectoriesWhitelist(); ++ mozilla::FilePreferences::InitPrefs(); + + OverrideDefaultLocaleIfNeeded(); + + #if defined(MOZ_CRASHREPORTER) + #if defined(MOZ_CONTENT_SANDBOX) && !defined(MOZ_WIDGET_GONK) + AddContentSandboxLevelAnnotation(); + #endif + #endif +diff --git a/xpcom/io/FilePreferences.cpp b/xpcom/io/FilePreferences.cpp +new file mode 100644 +--- /dev/null ++++ b/xpcom/io/FilePreferences.cpp +@@ -0,0 +1,271 @@ ++/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ ++/* vim: set ts=8 sts=2 et sw=2 tw=80: */ ++/* This Source Code Form is subject to the terms of the Mozilla Public ++* License, v. 2.0. If a copy of the MPL was not distributed with this ++* file, You can obtain one at http://mozilla.org/MPL/2.0/. */ ++ ++#include "FilePreferences.h" ++ ++#include "mozilla/Preferences.h" ++#include "nsAppDirectoryServiceDefs.h" ++#include "nsDirectoryServiceDefs.h" ++#include "nsDirectoryServiceUtils.h" ++ ++namespace mozilla { ++namespace FilePreferences { ++ ++static bool sBlockUNCPaths = false; ++typedef nsTArray<nsString> Paths; ++ ++static Paths& PathArray() ++{ ++ static Paths sPaths; ++ return sPaths; ++} ++ ++static void AllowDirectory(char const* directory) ++{ ++ nsCOMPtr<nsIFile> file; ++ NS_GetSpecialDirectory(directory, getter_AddRefs(file)); ++ if (!file) { ++ return; ++ } ++ ++ nsString path; ++ if (NS_FAILED(file->GetTarget(path))) { ++ return; ++ } ++ ++ // The whitelist makes sense only for UNC paths, because this code is used ++ // to block only UNC paths, hence, no need to add non-UNC directories here ++ // as those would never pass the check. ++ if (!StringBeginsWith(path, NS_LITERAL_STRING("\\\\"))) { ++ return; ++ } ++ ++ if (!PathArray().Contains(path)) { ++ PathArray().AppendElement(path); ++ } ++} ++ ++void InitPrefs() ++{ ++ sBlockUNCPaths = Preferences::GetBool("network.file.disable_unc_paths", false); ++} ++ ++void InitDirectoriesWhitelist() ++{ ++ // NS_GRE_DIR is the installation path where the binary resides. ++ AllowDirectory(NS_GRE_DIR); ++ // NS_APP_USER_PROFILE_50_DIR and NS_APP_USER_PROFILE_LOCAL_50_DIR are the two ++ // parts of the profile we store permanent and local-specific data. ++ AllowDirectory(NS_APP_USER_PROFILE_50_DIR); ++ AllowDirectory(NS_APP_USER_PROFILE_LOCAL_50_DIR); ++} ++ ++namespace { // anon ++ ++class Normalizer ++{ ++public: ++ Normalizer(const nsAString& aFilePath, const char16_t aSeparator); ++ bool Get(nsAString& aNormalizedFilePath); ++ ++private: ++ bool ConsumeItem(); ++ bool ConsumeSeparator(); ++ bool IsEOF() { return mFilePathCursor == mFilePathEnd; } ++ ++ bool ConsumeName(); ++ bool CheckParentDir(); ++ bool CheckCurrentDir(); ++ ++ nsString::const_char_iterator mFilePathCursor; ++ nsString::const_char_iterator mFilePathEnd; ++ ++ nsDependentSubstring mItem; ++ char16_t const mSeparator; ++ nsTArray<nsDependentSubstring> mStack; ++}; ++ ++Normalizer::Normalizer(const nsAString& aFilePath, const char16_t aSeparator) ++ : mFilePathCursor(aFilePath.BeginReading()) ++ , mFilePathEnd(aFilePath.EndReading()) ++ , mSeparator(aSeparator) ++{ ++} ++ ++bool Normalizer::ConsumeItem() ++{ ++ if (IsEOF()) { ++ return false; ++ } ++ ++ nsString::const_char_iterator nameBegin = mFilePathCursor; ++ while (mFilePathCursor != mFilePathEnd) { ++ if (*mFilePathCursor == mSeparator) { ++ break; // don't include the separator ++ } ++ ++mFilePathCursor; ++ } ++ ++ mItem.Rebind(nameBegin, mFilePathCursor); ++ return true; ++} ++ ++bool Normalizer::ConsumeSeparator() ++{ ++ if (IsEOF()) { ++ return false; ++ } ++ ++ if (*mFilePathCursor != mSeparator) { ++ return false; ++ } ++ ++ ++mFilePathCursor; ++ return true; ++} ++ ++bool Normalizer::Get(nsAString& aNormalizedFilePath) ++{ ++ aNormalizedFilePath.Truncate(); ++ ++ if (IsEOF()) { ++ return true; ++ } ++ if (ConsumeSeparator()) { ++ aNormalizedFilePath.Append(mSeparator); ++ } ++ ++ if (IsEOF()) { ++ return true; ++ } ++ if (ConsumeSeparator()) { ++ aNormalizedFilePath.Append(mSeparator); ++ } ++ ++ while (!IsEOF()) { ++ if (!ConsumeName()) { ++ return false; ++ } ++ } ++ ++ for (auto const& name : mStack) { ++ aNormalizedFilePath.Append(name); ++ } ++ ++ return true; ++} ++ ++bool Normalizer::ConsumeName() ++{ ++ if (!ConsumeItem()) { ++ return true; ++ } ++ ++ if (CheckCurrentDir()) { ++ return true; ++ } ++ ++ if (CheckParentDir()) { ++ if (!mStack.Length()) { ++ // This means there are more \.. than valid names ++ return false; ++ } ++ ++ mStack.RemoveElementAt(mStack.Length() - 1); ++ return true; ++ } ++ ++ if (mItem.IsEmpty()) { ++ // this means an empty name (a lone slash), which is illegal ++ return false; ++ } ++ ++ if (ConsumeSeparator()) { ++ mItem.Rebind(mItem.BeginReading(), mFilePathCursor); ++ } ++ mStack.AppendElement(mItem); ++ ++ return true; ++} ++ ++bool Normalizer::CheckCurrentDir() ++{ ++ if (mItem == NS_LITERAL_STRING(".")) { ++ ConsumeSeparator(); ++ // EOF is acceptable ++ return true; ++ } ++ ++ return false; ++} ++ ++bool Normalizer::CheckParentDir() ++{ ++ if (mItem == NS_LITERAL_STRING("..")) { ++ ConsumeSeparator(); ++ // EOF is acceptable ++ return true; ++ } ++ ++ return false; ++} ++ ++} // anon ++ ++bool IsBlockedUNCPath(const nsAString& aFilePath) ++{ ++ if (!sBlockUNCPaths) { ++ return false; ++ } ++ ++ if (!StringBeginsWith(aFilePath, NS_LITERAL_STRING("\\\\"))) { ++ return false; ++ } ++ ++ nsAutoString normalized; ++ if (!Normalizer(aFilePath, L'\\').Get(normalized)) { ++ // Broken paths are considered invalid and thus inaccessible ++ return true; ++ } ++ ++ for (const auto& allowedPrefix : PathArray()) { ++ if (StringBeginsWith(normalized, allowedPrefix)) { ++ if (normalized.Length() == allowedPrefix.Length()) { ++ return false; ++ } ++ if (normalized[allowedPrefix.Length()] == L'\\') { ++ return false; ++ } ++ ++ // When we are here, the path has a form "\\path\prefixevil" ++ // while we have an allowed prefix of "\\path\prefix". ++ // Note that we don't want to add a slash to the end of a prefix ++ // so that opening the directory (no slash at the end) still works. ++ break; ++ } ++ } ++ ++ return true; ++} ++ ++void testing::SetBlockUNCPaths(bool aBlock) ++{ ++ sBlockUNCPaths = aBlock; ++} ++ ++void testing::AddDirectoryToWhitelist(nsAString const & aPath) ++{ ++ PathArray().AppendElement(aPath); ++} ++ ++bool testing::NormalizePath(nsAString const & aPath, nsAString & aNormalized) ++{ ++ Normalizer normalizer(aPath, L'\\'); ++ return normalizer.Get(aNormalized); ++} ++ ++} // ::FilePreferences ++} // ::mozilla +diff --git a/xpcom/io/FilePreferences.h b/xpcom/io/FilePreferences.h +new file mode 100644 +--- /dev/null ++++ b/xpcom/io/FilePreferences.h +@@ -0,0 +1,25 @@ ++/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ ++/* vim: set ts=8 sts=2 et sw=2 tw=80: */ ++/* This Source Code Form is subject to the terms of the Mozilla Public ++* License, v. 2.0. If a copy of the MPL was not distributed with this ++* file, You can obtain one at http://mozilla.org/MPL/2.0/. */ ++ ++#include "nsIObserver.h" ++ ++namespace mozilla { ++namespace FilePreferences { ++ ++void InitPrefs(); ++void InitDirectoriesWhitelist(); ++bool IsBlockedUNCPath(const nsAString& aFilePath); ++ ++namespace testing { ++ ++void SetBlockUNCPaths(bool aBlock); ++void AddDirectoryToWhitelist(nsAString const& aPath); ++bool NormalizePath(nsAString const & aPath, nsAString & aNormalized); ++ ++} ++ ++} // FilePreferences ++} // mozilla +diff --git a/xpcom/io/moz.build b/xpcom/io/moz.build +--- a/xpcom/io/moz.build ++++ b/xpcom/io/moz.build +@@ -79,24 +79,26 @@ EXPORTS += [ + 'nsUnicharInputStream.h', + 'nsWildCard.h', + 'SlicedInputStream.h', + 'SpecialSystemDirectory.h', + ] + + EXPORTS.mozilla += [ + 'Base64.h', ++ 'FilePreferences.h', + 'SnappyCompressOutputStream.h', + 'SnappyFrameUtils.h', + 'SnappyUncompressInputStream.h', + ] + + UNIFIED_SOURCES += [ + 'Base64.cpp', + 'crc32c.c', ++ 'FilePreferences.cpp', + 'nsAnonymousTemporaryFile.cpp', + 'nsAppFileLocationProvider.cpp', + 'nsBinaryStream.cpp', + 'nsDirectoryService.cpp', + 'nsEscape.cpp', + 'nsInputStreamTee.cpp', + 'nsIOUtil.cpp', + 'nsLinebreakConverter.cpp', +diff --git a/xpcom/io/nsLocalFileWin.cpp b/xpcom/io/nsLocalFileWin.cpp +--- a/xpcom/io/nsLocalFileWin.cpp ++++ b/xpcom/io/nsLocalFileWin.cpp +@@ -41,16 +41,17 @@ + #include <stdio.h> + #include <stdlib.h> + #include <mbstring.h> + + #include "nsXPIDLString.h" + #include "prproces.h" + #include "prlink.h" + ++#include "mozilla/FilePreferences.h" + #include "mozilla/Mutex.h" + #include "SpecialSystemDirectory.h" + + #include "nsTraceRefcnt.h" + #include "nsXPCOMCIDInternal.h" + #include "nsThreadUtils.h" + #include "nsXULAppAPI.h" + +@@ -1162,16 +1163,20 @@ nsLocalFile::InitWithPath(const nsAStrin + char16_t secondChar = *(++begin); + + // just do a sanity check. if it has any forward slashes, it is not a Native path + // on windows. Also, it must have a colon at after the first char. + if (FindCharInReadable(L'/', begin, end)) { + return NS_ERROR_FILE_UNRECOGNIZED_PATH; + } + ++ if (FilePreferences::IsBlockedUNCPath(aFilePath)) { ++ return NS_ERROR_FILE_ACCESS_DENIED; ++ } ++ + if (secondChar != L':' && (secondChar != L'\\' || firstChar != L'\\')) { + return NS_ERROR_FILE_UNRECOGNIZED_PATH; + } + + if (secondChar == L':') { + // Make sure we have a valid drive, later code assumes the drive letter + // is a single char a-z or A-Z. + if (PathGetDriveNumberW(aFilePath.Data()) == -1) { +@@ -1974,16 +1979,20 @@ nsLocalFile::CopySingleFile(nsIFile* aSo + bool path1Remote, path2Remote; + if (!IsRemoteFilePath(filePath.get(), path1Remote) || + !IsRemoteFilePath(destPath.get(), path2Remote) || + path1Remote || path2Remote) { + dwCopyFlags |= COPY_FILE_NO_BUFFERING; + } + } + ++ if (FilePreferences::IsBlockedUNCPath(destPath)) { ++ return NS_ERROR_FILE_ACCESS_DENIED; ++ } ++ + if (!move) { + copyOK = ::CopyFileExW(filePath.get(), destPath.get(), nullptr, + nullptr, nullptr, dwCopyFlags); + } else { + copyOK = ::MoveFileExW(filePath.get(), destPath.get(), + MOVEFILE_REPLACE_EXISTING); + + // Check if copying the source file to a different volume, +diff --git a/xpcom/tests/gtest/TestFilePreferencesWin.cpp b/xpcom/tests/gtest/TestFilePreferencesWin.cpp +new file mode 100644 +--- /dev/null ++++ b/xpcom/tests/gtest/TestFilePreferencesWin.cpp +@@ -0,0 +1,141 @@ ++#include "gtest/gtest.h" ++ ++#include "mozilla/FilePreferences.h" ++#include "nsIFile.h" ++#include "nsXPCOMCID.h" ++ ++TEST(FilePreferencesWin, Normalization) ++{ ++ nsAutoString normalized; ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("foo"), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("foo")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\foo"), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\foo")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\foo"), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\\\foo")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("foo\\some"), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("foo\\some")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\.\\foo"), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\\\foo")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\."), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\\\")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\.\\"), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\\\")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\.\\."), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\\\")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\foo\\bar"), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\\\foo\\bar")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\foo\\bar\\"), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\\\foo\\bar\\")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\foo\\bar\\."), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\\\foo\\bar\\")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\foo\\bar\\.\\"), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\\\foo\\bar\\")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\foo\\bar\\..\\"), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\\\foo\\")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\foo\\bar\\.."), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\\\foo\\")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\foo\\..\\bar\\..\\"), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\\\")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\foo\\..\\bar"), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\\\bar")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\foo\\bar\\..\\..\\"), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\\\")); ++ ++ mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\foo\\bar\\.\\..\\.\\..\\"), normalized); ++ ASSERT_TRUE(normalized == NS_LITERAL_STRING("\\\\")); ++ ++ bool result; ++ ++ result = mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\.."), normalized); ++ ASSERT_FALSE(result); ++ ++ result = mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\..\\"), normalized); ++ ASSERT_FALSE(result); ++ ++ result = mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\.\\..\\"), normalized); ++ ASSERT_FALSE(result); ++ ++ result = mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\foo\\\\bar"), normalized); ++ ASSERT_FALSE(result); ++ ++ result = mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\foo\\bar\\..\\..\\..\\..\\"), normalized); ++ ASSERT_FALSE(result); ++ ++ result = mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\\\"), normalized); ++ ASSERT_FALSE(result); ++ ++ result = mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\.\\\\"), normalized); ++ ASSERT_FALSE(result); ++ ++ result = mozilla::FilePreferences::testing::NormalizePath( ++ NS_LITERAL_STRING("\\\\..\\\\"), normalized); ++ ASSERT_FALSE(result); ++} ++ ++TEST(FilePreferencesWin, AccessUNC) ++{ ++ nsCOMPtr<nsIFile> lf = do_CreateInstance(NS_LOCAL_FILE_CONTRACTID); ++ ++ nsresult rv; ++ ++ mozilla::FilePreferences::testing::SetBlockUNCPaths(false); ++ ++ rv = lf->InitWithPath(NS_LITERAL_STRING("\\\\nice\\..\\evil\\share")); ++ ASSERT_EQ(rv, NS_OK); ++ ++ mozilla::FilePreferences::testing::SetBlockUNCPaths(true); ++ ++ rv = lf->InitWithPath(NS_LITERAL_STRING("\\\\nice\\..\\evil\\share")); ++ ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED); ++ ++ mozilla::FilePreferences::testing::AddDirectoryToWhitelist(NS_LITERAL_STRING("\\\\nice")); ++ ++ rv = lf->InitWithPath(NS_LITERAL_STRING("\\\\nice\\share")); ++ ASSERT_EQ(rv, NS_OK); ++ ++ rv = lf->InitWithPath(NS_LITERAL_STRING("\\\\nice\\..\\evil\\share")); ++ ASSERT_EQ(rv, NS_ERROR_FILE_ACCESS_DENIED); ++} +diff --git a/xpcom/tests/gtest/moz.build b/xpcom/tests/gtest/moz.build +--- a/xpcom/tests/gtest/moz.build ++++ b/xpcom/tests/gtest/moz.build +@@ -51,16 +51,21 @@ UNIFIED_SOURCES += [ + if CONFIG['MOZ_DEBUG'] and CONFIG['OS_ARCH'] not in ('WINNT') and CONFIG['OS_TARGET'] != 'Android': + # FIXME bug 523392: TestDeadlockDetector doesn't like Windows + # Bug 1054249: Doesn't work on Android + UNIFIED_SOURCES += [ + 'TestDeadlockDetector.cpp', + 'TestDeadlockDetectorScalability.cpp', + ] + ++if CONFIG['OS_TARGET'] == 'WINNT': ++ UNIFIED_SOURCES += [ ++ 'TestFilePreferencesWin.cpp', ++ ] ++ + if CONFIG['WRAP_STL_INCLUDES'] and not CONFIG['CLANG_CL']: + UNIFIED_SOURCES += [ + 'TestSTLWrappers.cpp', + ] + + # Compile TestAllocReplacement separately so Windows headers don't pollute + # the global namespace for other files. + SOURCES += [ + diff --git a/gnu/packages/patches/libtiff-CVE-2018-10963.patch b/gnu/packages/patches/libtiff-CVE-2018-10963.patch new file mode 100644 index 0000000000..d31c12399d --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2018-10963.patch @@ -0,0 +1,40 @@ +Fix CVE-2018-10963: + +http://bugzilla.maptools.org/show_bug.cgi?id=2795 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963 + +Patch copied from upstream source repository: + +https://gitlab.com/libtiff/libtiff/commit/de144fd228e4be8aa484c3caf3d814b6fa88c6d9 + +From de144fd228e4be8aa484c3caf3d814b6fa88c6d9 Mon Sep 17 00:00:00 2001 +From: Even Rouault <even.rouault@spatialys.com> +Date: Sat, 12 May 2018 14:24:15 +0200 +Subject: [PATCH] TIFFWriteDirectorySec: avoid assertion. Fixes + http://bugzilla.maptools.org/show_bug.cgi?id=2795. CVE-2018-10963 + +--- + libtiff/tif_dirwrite.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c +index 2430de6d..c15a28db 100644 +--- a/libtiff/tif_dirwrite.c ++++ b/libtiff/tif_dirwrite.c +@@ -695,8 +695,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff) + } + break; + default: +- assert(0); /* we should never get here */ +- break; ++ TIFFErrorExt(tif->tif_clientdata,module, ++ "Cannot write tag %d (%s)", ++ TIFFFieldTag(o), ++ o->field_name ? o->field_name : "unknown"); ++ goto bad; + } + } + } +-- +2.17.0 + diff --git a/gnu/packages/patches/libtiff-CVE-2018-8905.patch b/gnu/packages/patches/libtiff-CVE-2018-8905.patch new file mode 100644 index 0000000000..f49815789e --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2018-8905.patch @@ -0,0 +1,61 @@ +Fix CVE-2018-8095: + +http://bugzilla.maptools.org/show_bug.cgi?id=2780 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905 + +Patch copied from upstream source repository: + +https://gitlab.com/libtiff/libtiff/commit/58a898cb4459055bb488ca815c23b880c242a27d + +From 58a898cb4459055bb488ca815c23b880c242a27d Mon Sep 17 00:00:00 2001 +From: Even Rouault <even.rouault@spatialys.com> +Date: Sat, 12 May 2018 15:32:31 +0200 +Subject: [PATCH] LZWDecodeCompat(): fix potential index-out-of-bounds write. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2780 / CVE-2018-8905 + +The fix consists in using the similar code LZWDecode() to validate we +don't write outside of the output buffer. +--- + libtiff/tif_lzw.c | 18 ++++++++++++------ + 1 file changed, 12 insertions(+), 6 deletions(-) + +diff --git a/libtiff/tif_lzw.c b/libtiff/tif_lzw.c +index 4ccb443c..94d85e38 100644 +--- a/libtiff/tif_lzw.c ++++ b/libtiff/tif_lzw.c +@@ -602,6 +602,7 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s) + char *tp; + unsigned char *bp; + int code, nbits; ++ int len; + long nextbits, nextdata, nbitsmask; + code_t *codep, *free_entp, *maxcodep, *oldcodep; + +@@ -753,13 +754,18 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s) + } while (--occ); + break; + } +- assert(occ >= codep->length); +- op += codep->length; +- occ -= codep->length; +- tp = op; ++ len = codep->length; ++ tp = op + len; + do { +- *--tp = codep->value; +- } while( (codep = codep->next) != NULL ); ++ int t; ++ --tp; ++ t = codep->value; ++ codep = codep->next; ++ *tp = (char)t; ++ } while (codep && tp > op); ++ assert(occ >= len); ++ op += len; ++ occ -= len; + } else { + *op++ = (char)code; + occ--; +-- +2.17.0 + diff --git a/gnu/packages/patches/qtoctave-qt-5.11-fix.patch b/gnu/packages/patches/qtoctave-qt-5.11-fix.patch new file mode 100644 index 0000000000..67317d1b36 --- /dev/null +++ b/gnu/packages/patches/qtoctave-qt-5.11-fix.patch @@ -0,0 +1,26 @@ +This patch comes from upstream: +https://hg.savannah.gnu.org/hgweb/octave/rev/cdaa884568b1. + +# HG changeset patch +# User Mike Miller <mtmiller@octave.org> +# Date 1527214835 25200 +# Node ID cdaa884568b159549bd373f04386ff62417f6df9 +# Parent 9e39a53b4e007d3f79f88b711ab9fa5f2f24fbc9 +add Qt include needed to build against Qt 5.11 (bug #53978) + +* settings-dialog.cc: Add missing include for <QButtonGroup> to fix build +failure with Qt 5.11. + +diff --git a/libgui/src/settings-dialog.cc b/libgui/src/settings-dialog.cc +--- a/libgui/src/settings-dialog.cc ++++ b/libgui/src/settings-dialog.cc +@@ -34,6 +34,8 @@ + #include "workspace-model.h" + #include "settings-dialog.h" + #include "ui-settings-dialog.h" ++ ++#include <QButtonGroup> + #include <QDir> + #include <QFileInfo> + #include <QFileDialog> + |