Date: Sunday, February 28, 2021 @ 22:32:05 Author: heftig Revision: 408934
86.0-2: FS#69821 add patch Added: firefox/trunk/0002-Bug-1694670.-Fix-the-OOB-check-in-write_u32-u16.-r-a.patch Modified: firefox/trunk/0001-Use-remoting-name-for-GDK-application-names.patch firefox/trunk/PKGBUILD -----------------------------------------------------------------+ 0001-Use-remoting-name-for-GDK-application-names.patch | 4 - 0002-Bug-1694670.-Fix-the-OOB-check-in-write_u32-u16.-r-a.patch | 34 ++++++++++ PKGBUILD | 9 ++ 3 files changed, 43 insertions(+), 4 deletions(-) Modified: 0001-Use-remoting-name-for-GDK-application-names.patch =================================================================== --- 0001-Use-remoting-name-for-GDK-application-names.patch 2021-02-28 22:26:45 UTC (rev 408933) +++ 0001-Use-remoting-name-for-GDK-application-names.patch 2021-02-28 22:32:05 UTC (rev 408934) @@ -9,10 +9,10 @@ 2 files changed, 6 insertions(+), 12 deletions(-) diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp -index df53d2f8358ba..684105058af38 100644 +index 9c7cb46079b5f..dfd4321f52742 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp -@@ -4184,11 +4184,7 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { +@@ -4225,11 +4225,7 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { // consistently. // Set program name to the one defined in application.ini. Added: 0002-Bug-1694670.-Fix-the-OOB-check-in-write_u32-u16.-r-a.patch =================================================================== --- 0002-Bug-1694670.-Fix-the-OOB-check-in-write_u32-u16.-r-a.patch (rev 0) +++ 0002-Bug-1694670.-Fix-the-OOB-check-in-write_u32-u16.-r-a.patch 2021-02-28 22:32:05 UTC (rev 408934) @@ -0,0 +1,34 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Jeff Muizelaar <jmuizel...@mozilla.com> +Date: Thu, 25 Feb 2021 13:18:47 +0000 +Subject: [PATCH] Bug 1694670. Fix the OOB check in write_u32/u16. r=aosmond, + a=RyanVM + +Differential Revision: https://phabricator.services.mozilla.com/D106362 +--- + gfx/qcms/src/iccread.rs | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/gfx/qcms/src/iccread.rs b/gfx/qcms/src/iccread.rs +index 0113e17aff3e6..f1107d50a86b6 100644 +--- a/gfx/qcms/src/iccread.rs ++++ b/gfx/qcms/src/iccread.rs +@@ -229,16 +229,16 @@ fn read_uInt16Number(mem: &mut MemSource, offset: usize) -> uInt16Number { + read_u16(mem, offset) + } + pub fn write_u32(mem: &mut [u8], offset: usize, value: u32) { +- if offset <= mem.len() - std::mem::size_of_val(&value) { ++ if offset > mem.len() - std::mem::size_of_val(&value) { + panic!("OOB"); + } + let mem = mem.as_mut_ptr(); + unsafe { + std::ptr::write_unaligned(mem.add(offset) as *mut u32, cpu_to_be32(value)); + } + } + pub fn write_u16(mem: &mut [u8], offset: usize, value: u16) { +- if offset <= mem.len() - std::mem::size_of_val(&value) { ++ if offset > mem.len() - std::mem::size_of_val(&value) { + panic!("OOB"); + } + let mem = mem.as_mut_ptr(); Modified: PKGBUILD =================================================================== --- PKGBUILD 2021-02-28 22:26:45 UTC (rev 408933) +++ PKGBUILD 2021-02-28 22:32:05 UTC (rev 408934) @@ -4,7 +4,7 @@ pkgname=firefox pkgver=86.0 -pkgrel=1 +pkgrel=2 pkgdesc="Standalone web browser from mozilla.org" arch=(x86_64) license=(MPL GPL LGPL) @@ -21,10 +21,12 @@ options=(!emptydirs !makeflags !strip) source=(https://archive.mozilla.org/pub/firefox/releases/$pkgver/source/firefox-$pkgver.source.tar.xz{,.asc} 0001-Use-remoting-name-for-GDK-application-names.patch + 0002-Bug-1694670.-Fix-the-OOB-check-in-write_u32-u16.-r-a.patch $pkgname.desktop) sha256sums=('c3ac474a2cf6a8e31a962f57c7357dbe67b5088b6aceea9980f25ce7a99b58dd' 'SKIP' - '9b4b36d525be7920413017a4e4300cf881836353d06f874637d368e3d293316d' + 'ea8c317a50e84829c3b94ad73b5b9cfb8a08a73e406f8bd9bfb7730854611539' + '7ca4d5270c5bf4505ab867807bfff65b30cd1d0d8c50b76b406a3233ae3b5ad3' '298eae9de76ec53182f38d5c549d0379569916eebf62149f9d7f4a7edef36abf') validpgpkeys=('14F26682D0916CDD81E37B6D61B7B526D98F0353') # Mozilla Software Releases <rele...@mozilla.com> @@ -47,6 +49,9 @@ # https://bugzilla.mozilla.org/show_bug.cgi?id=1530052 patch -Np1 -i ../0001-Use-remoting-name-for-GDK-application-names.patch + # https://bugs.archlinux.org/task/69821 + patch -Np1 -i ../0002-Bug-1694670.-Fix-the-OOB-check-in-write_u32-u16.-r-a.patch + echo -n "$_google_api_key" >google-api-key echo -n "$_mozilla_api_key" >mozilla-api-key