Hello community,
here is the log from the commit of package mozilla-nspr for openSUSE:Factory
checked in at 2016-03-16 10:24:22
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/mozilla-nspr (Old)
and /work/SRC/openSUSE:Factory/.mozilla-nspr.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mozilla-nspr"
Changes:
--------
--- /work/SRC/openSUSE:Factory/mozilla-nspr/mozilla-nspr.changes
2015-12-27 02:00:20.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.mozilla-nspr.new/mozilla-nspr.changes
2016-03-16 10:24:24.000000000 +0100
@@ -1,0 +2,14 @@
+Mon Feb 29 15:31:53 UTC 2016 - w...@rosenauer.org
+
+- update to version 4.12
+ * added a PR_GetEnvSecure function, which attempts to detect if
+ the program is being executed with elevated privileges, and
+ returns NULL if detected. It is recommended to use this function
+ in general purpose library code.
+ * fixed a memory allocation bug related to the PR_*printf functions
+ * exported API PR_DuplicateEnvironment, which had already been
+ added in NSPR 4.10.9
+ * added support for FreeBSD aarch64
+ * several minor correctness and compatibility fixes
+
+-------------------------------------------------------------------
Old:
----
nspr-4.11.tar.gz
New:
----
nspr-4.12.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ mozilla-nspr.spec ++++++
--- /var/tmp/diff_new_pack.KTNYZt/_old 2016-03-16 10:24:25.000000000 +0100
+++ /var/tmp/diff_new_pack.KTNYZt/_new 2016-03-16 10:24:25.000000000 +0100
@@ -1,8 +1,8 @@
#
# spec file for package mozilla-nspr
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
-# 2006-2015 Wolfgang Rosenauer
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# 2006-2016 Wolfgang Rosenauer
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
Name: mozilla-nspr
-Version: 4.11
+Version: 4.12
Release: 0
Summary: Netscape Portable Runtime
License: MPL-2.0
++++++ nspr-4.11.tar.gz -> nspr-4.12.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/.hg_archival.txt
new/nspr-4.12/nspr/.hg_archival.txt
--- old/nspr-4.11/nspr/.hg_archival.txt 2015-11-18 13:36:52.000000000 +0100
+++ new/nspr-4.12/nspr/.hg_archival.txt 2016-02-12 14:51:25.000000000 +0100
@@ -1,4 +1,4 @@
repo: a4b34919bf34db2ee22acbbc305693c8980b6dc6
-node: ebae38973a1a7241482448091e96e4e4fe5dbc27
+node: 88265db540d75d59e12ea8dbc34031160fce9ccc
branch: default
-tag: NSPR_4_11_RTM
+tag: NSPR_4_12_RTM
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/configure new/nspr-4.12/nspr/configure
--- old/nspr-4.11/nspr/configure 2015-11-18 13:36:52.000000000 +0100
+++ new/nspr-4.12/nspr/configure 2016-02-12 14:51:25.000000000 +0100
@@ -2488,7 +2488,7 @@
program_prefix=${target_alias}-
MOD_MAJOR_VERSION=4
-MOD_MINOR_VERSION=11
+MOD_MINOR_VERSION=12
MOD_PATCH_VERSION=0
NSPR_MODNAME=nspr20
_HAVE_PTHREADS=
@@ -7048,10 +7048,6 @@
PR_MD_ASFILES=os_Linux_ppc.s
fi
;;
- m68k)
- CFLAGS="$CFLAGS -m68020-60"
- CXXFLAGS="$CXXFLAGS -m68020-60"
- ;;
esac
;;
@@ -7894,7 +7890,7 @@
_SAVE_LIBS="$LIBS"
LIBS="$LIBS $OS_LIBS"
-for ac_func in dladdr gettid lchown setpriority strerror syscall
+for ac_func in dladdr gettid lchown setpriority strerror syscall
secure_getenv __secure_getenv
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/configure.in
new/nspr-4.12/nspr/configure.in
--- old/nspr-4.11/nspr/configure.in 2015-11-18 13:36:52.000000000 +0100
+++ new/nspr-4.12/nspr/configure.in 2016-02-12 14:51:25.000000000 +0100
@@ -15,7 +15,7 @@
dnl = Defaults
dnl ========================================================
MOD_MAJOR_VERSION=4
-MOD_MINOR_VERSION=11
+MOD_MINOR_VERSION=12
MOD_PATCH_VERSION=0
NSPR_MODNAME=nspr20
_HAVE_PTHREADS=
@@ -1856,10 +1856,6 @@
PR_MD_ASFILES=os_Linux_ppc.s
fi
;;
- m68k)
- CFLAGS="$CFLAGS -m68020-60"
- CXXFLAGS="$CXXFLAGS -m68020-60"
- ;;
esac
;;
@@ -2543,7 +2539,8 @@
AC_PROG_GCC_TRADITIONAL
_SAVE_LIBS="$LIBS"
LIBS="$LIBS $OS_LIBS"
-AC_CHECK_FUNCS(dladdr gettid lchown setpriority strerror syscall)
+AC_CHECK_FUNCS(dladdr gettid lchown setpriority strerror syscall dnl
+ secure_getenv __secure_getenv)
LIBS="$_SAVE_LIBS"
dnl ========================================================
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/lib/ds/plarena.h
new/nspr-4.12/nspr/lib/ds/plarena.h
--- old/nspr-4.11/nspr/lib/ds/plarena.h 2015-11-18 13:36:52.000000000 +0100
+++ new/nspr-4.12/nspr/lib/ds/plarena.h 2016-02-12 14:51:25.000000000 +0100
@@ -96,11 +96,11 @@
/* These definitions are usually provided through the
* sanitizer/asan_interface.h header installed by ASan.
- * See https://code.google.com/p/address-sanitizer/wiki/ManualPoisoning
+ * See
https://github.com/google/sanitizers/wiki/AddressSanitizerManualPoisoning
*/
-void __asan_poison_memory_region(void const volatile *addr, size_t size);
-void __asan_unpoison_memory_region(void const volatile *addr, size_t size);
+PR_IMPORT(void) __asan_poison_memory_region(void const volatile *addr, size_t
size);
+PR_IMPORT(void) __asan_unpoison_memory_region(void const volatile *addr,
size_t size);
#define PL_MAKE_MEM_NOACCESS(addr, size) \
__asan_poison_memory_region((addr), (size))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/include/md/_freebsd.cfg
new/nspr-4.12/nspr/pr/include/md/_freebsd.cfg
--- old/nspr-4.11/nspr/pr/include/md/_freebsd.cfg 2015-11-18
13:36:52.000000000 +0100
+++ new/nspr-4.12/nspr/pr/include/md/_freebsd.cfg 2016-02-12
14:51:25.000000000 +0100
@@ -342,6 +342,52 @@
#define PR_BYTES_PER_WORD_LOG2 2
#define PR_BYTES_PER_DWORD_LOG2 3
+#elif defined(__aarch64__)
+
+#undef IS_BIG_ENDIAN
+#define IS_LITTLE_ENDIAN 1
+#define IS_64
+
+#define PR_BYTES_PER_BYTE 1
+#define PR_BYTES_PER_SHORT 2
+#define PR_BYTES_PER_INT 4
+#define PR_BYTES_PER_INT64 8
+#define PR_BYTES_PER_LONG 8
+#define PR_BYTES_PER_FLOAT 4
+#define PR_BYTES_PER_DOUBLE 8
+#define PR_BYTES_PER_WORD 8
+#define PR_BYTES_PER_DWORD 8
+
+#define PR_BITS_PER_BYTE 8
+#define PR_BITS_PER_SHORT 16
+#define PR_BITS_PER_INT 32
+#define PR_BITS_PER_INT64 64
+#define PR_BITS_PER_LONG 64
+#define PR_BITS_PER_FLOAT 32
+#define PR_BITS_PER_DOUBLE 64
+#define PR_BITS_PER_WORD 64
+
+#define PR_BITS_PER_BYTE_LOG2 3
+#define PR_BITS_PER_SHORT_LOG2 4
+#define PR_BITS_PER_INT_LOG2 5
+#define PR_BITS_PER_INT64_LOG2 6
+#define PR_BITS_PER_LONG_LOG2 6
+#define PR_BITS_PER_FLOAT_LOG2 5
+#define PR_BITS_PER_DOUBLE_LOG2 6
+#define PR_BITS_PER_WORD_LOG2 6
+
+#define PR_ALIGN_OF_SHORT 2
+#define PR_ALIGN_OF_INT 4
+#define PR_ALIGN_OF_LONG 8
+#define PR_ALIGN_OF_INT64 8
+#define PR_ALIGN_OF_FLOAT 4
+#define PR_ALIGN_OF_DOUBLE 8
+#define PR_ALIGN_OF_POINTER 8
+#define PR_ALIGN_OF_WORD 8
+
+#define PR_BYTES_PER_WORD_LOG2 3
+#define PR_BYTES_PER_DWORD_LOG2 3
+
#elif defined(__arm__)
#if defined(__ARMEB__) || defined(__ARM_BIG_ENDIAN__)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/include/md/_freebsd.h
new/nspr-4.12/nspr/pr/include/md/_freebsd.h
--- old/nspr-4.11/nspr/pr/include/md/_freebsd.h 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/include/md/_freebsd.h 2016-02-12 14:51:25.000000000
+0100
@@ -29,6 +29,8 @@
#define _PR_SI_ARCHITECTURE "powerpc64"
#elif defined(__powerpc__)
#define _PR_SI_ARCHITECTURE "powerpc"
+#elif defined(__aarch64__)
+#define _PR_SI_ARCHITECTURE "aarch64"
#elif defined(__arm__)
#define _PR_SI_ARCHITECTURE "arm"
#elif defined(__mips64__)
@@ -228,7 +230,7 @@
#define _MD_EARLY_INIT _MD_EarlyInit
#define _MD_FINAL_INIT _PR_UnixInit
-#define _MD_INTERVAL_USE_GTOD
+#define _PR_HAVE_CLOCK_MONOTONIC
/*
* We wrapped the select() call. _MD_SELECT refers to the built-in,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/include/md/_linux.h
new/nspr-4.12/nspr/pr/include/md/_linux.h
--- old/nspr-4.11/nspr/pr/include/md/_linux.h 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/include/md/_linux.h 2016-02-12 14:51:25.000000000
+0100
@@ -671,7 +671,7 @@
#define _MD_EARLY_INIT _MD_EarlyInit
#define _MD_FINAL_INIT _PR_UnixInit
-#define HAVE_CLOCK_MONOTONIC
+#define _PR_HAVE_CLOCK_MONOTONIC
/*
* We wrapped the select() call. _MD_SELECT refers to the built-in,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/include/md/_netbsd.h
new/nspr-4.12/nspr/pr/include/md/_netbsd.h
--- old/nspr-4.11/nspr/pr/include/md/_netbsd.h 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/include/md/_netbsd.h 2016-02-12 14:51:25.000000000
+0100
@@ -211,7 +211,7 @@
#define _MD_EARLY_INIT _MD_EarlyInit
#define _MD_FINAL_INIT _PR_UnixInit
-#define _MD_INTERVAL_USE_GTOD
+#define _PR_HAVE_CLOCK_MONOTONIC
/*
* We wrapped the select() call. _MD_SELECT refers to the built-in,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/include/md/_openbsd.h
new/nspr-4.12/nspr/pr/include/md/_openbsd.h
--- old/nspr-4.11/nspr/pr/include/md/_openbsd.h 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/include/md/_openbsd.h 2016-02-12 14:51:25.000000000
+0100
@@ -192,7 +192,7 @@
#define _MD_EARLY_INIT _MD_EarlyInit
#define _MD_FINAL_INIT _PR_UnixInit
-#define _MD_INTERVAL_USE_GTOD
+#define _PR_HAVE_CLOCK_MONOTONIC
/*
* We wrapped the select() call. _MD_SELECT refers to the built-in,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/include/md/_unixos.h
new/nspr-4.12/nspr/pr/include/md/_unixos.h
--- old/nspr-4.11/nspr/pr/include/md/_unixos.h 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/include/md/_unixos.h 2016-02-12 14:51:25.000000000
+0100
@@ -302,7 +302,7 @@
#define _MD_INTERVAL_PER_SEC _PR_UNIX_TicksPerSecond
#endif
-#ifdef HAVE_CLOCK_MONOTONIC
+#ifdef _PR_HAVE_CLOCK_MONOTONIC
extern PRIntervalTime _PR_UNIX_GetInterval2(void);
extern PRIntervalTime _PR_UNIX_TicksPerSecond2(void);
#define _MD_INTERVAL_INIT()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/include/prenv.h
new/nspr-4.12/nspr/pr/include/prenv.h
--- old/nspr-4.11/nspr/pr/include/prenv.h 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/include/prenv.h 2016-02-12 14:51:25.000000000
+0100
@@ -91,6 +91,20 @@
NSPR_API(char*) PR_GetEnv(const char *var);
/*
+** PR_GetEnvSecure() -- get a security-sensitive environment variable
+**
+** Description:
+**
+** PR_GetEnvSecure() is similar to PR_GetEnv(), but it returns NULL if
+** the program was run with elevated privilege (e.g., setuid or setgid
+** on Unix). This can be used for cases like log file paths which
+** could otherwise be used for privilege escalation. Note that some
+** platforms may have platform-specific privilege elevation mechanisms
+** not recognized by this function; see the implementation for details.
+*/
+NSPR_API(char*) PR_GetEnvSecure(const char *var);
+
+/*
** PR_SetEnv() -- set, unset or change an environment variable
**
** Description:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/include/prinit.h
new/nspr-4.12/nspr/pr/include/prinit.h
--- old/nspr-4.11/nspr/pr/include/prinit.h 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/include/prinit.h 2016-02-12 14:51:25.000000000
+0100
@@ -31,9 +31,9 @@
** The format of the version string is
** "<major version>.<minor version>[.<patch level>] [<Beta>]"
*/
-#define PR_VERSION "4.11"
+#define PR_VERSION "4.12"
#define PR_VMAJOR 4
-#define PR_VMINOR 11
+#define PR_VMINOR 12
#define PR_VPATCH 0
#define PR_BETA PR_FALSE
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/src/io/prlog.c
new/nspr-4.12/nspr/pr/src/io/prlog.c
--- old/nspr-4.11/nspr/pr/src/io/prlog.c 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/src/io/prlog.c 2016-02-12 14:51:25.000000000
+0100
@@ -238,13 +238,7 @@
}
PR_SetLogBuffering(isSync ? 0 : bufSize);
-#ifdef XP_UNIX
- if ((getuid() != geteuid()) || (getgid() != getegid())) {
- return;
- }
-#endif /* XP_UNIX */
-
- ev = PR_GetEnv("NSPR_LOG_FILE");
+ ev = PR_GetEnvSecure("NSPR_LOG_FILE");
if (ev && ev[0]) {
if (!PR_SetLogFile(ev)) {
#ifdef XP_PC
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/src/io/prprf.c
new/nspr-4.12/nspr/pr/src/io/prprf.c
--- old/nspr-4.11/nspr/pr/src/io/prprf.c 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/src/io/prprf.c 2016-02-12 14:51:25.000000000
+0100
@@ -37,7 +37,7 @@
char *base;
char *cur;
- PRUint32 maxlen;
+ PRUint32 maxlen; /* Must not exceed PR_INT32_MAX. */
int (*func)(void *arg, const char *sp, PRUint32 len);
void *arg;
@@ -697,7 +697,7 @@
char *hexp;
int rv, i;
struct NumArg* nas = NULL;
- struct NumArg* nap;
+ struct NumArg* nap = NULL;
struct NumArg nasArray[ NAS_DEFAULT_NUM ];
char pattern[20];
const char* dolPt = NULL; /* in "%4$.2f", dolPt will point to . */
@@ -1060,6 +1060,13 @@
{
int rv;
+ /*
+ ** We will add len to ss->maxlen at the end of the function. First check
+ ** if ss->maxlen + len would overflow or be greater than PR_INT32_MAX.
+ */
+ if (PR_UINT32_MAX - ss->maxlen < len || ss->maxlen + len > PR_INT32_MAX) {
+ return -1;
+ }
rv = (*ss->func)(ss->arg, sp, len);
if (rv < 0) {
return rv;
@@ -1105,9 +1112,21 @@
PRUint32 newlen;
off = ss->cur - ss->base;
+ if (PR_UINT32_MAX - len < off) {
+ /* off + len would be too big. */
+ return -1;
+ }
if (off + len >= ss->maxlen) {
/* Grow the buffer */
- newlen = ss->maxlen + ((len > 32) ? len : 32);
+ PRUint32 increment = (len > 32) ? len : 32;
+ if (PR_UINT32_MAX - ss->maxlen < increment) {
+ /* ss->maxlen + increment would overflow. */
+ return -1;
+ }
+ newlen = ss->maxlen + increment;
+ if (newlen > PR_INT32_MAX) {
+ return -1;
+ }
if (ss->base) {
newbase = (char*) PR_REALLOC(ss->base, newlen);
} else {
@@ -1210,8 +1229,8 @@
SprintfState ss;
PRUint32 n;
- PR_ASSERT((PRInt32)outlen > 0);
- if ((PRInt32)outlen <= 0) {
+ PR_ASSERT(outlen != 0 && outlen <= PR_INT32_MAX);
+ if (outlen == 0 || outlen > PR_INT32_MAX) {
return 0;
}
@@ -1247,7 +1266,10 @@
ss.stuff = GrowStuff;
if (last) {
- int lastlen = strlen(last);
+ size_t lastlen = strlen(last);
+ if (lastlen > PR_INT32_MAX) {
+ return 0;
+ }
ss.base = last;
ss.cur = last + lastlen;
ss.maxlen = lastlen;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/src/io/prscanf.c
new/nspr-4.12/nspr/pr/src/io/prscanf.c
--- old/nspr-4.11/nspr/pr/src/io/prscanf.c 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/src/io/prscanf.c 2016-02-12 14:51:25.000000000
+0100
@@ -194,7 +194,7 @@
GetInt(ScanfState *state, int code)
{
char buf[FMAX + 1], *p;
- int ch;
+ int ch = 0;
static const char digits[] = "0123456789abcdefABCDEF";
PRBool seenDigit = PR_FALSE;
int base;
@@ -304,7 +304,7 @@
GetFloat(ScanfState *state)
{
char buf[FMAX + 1], *p;
- int ch;
+ int ch = 0;
PRBool seenDigit = PR_FALSE;
if (state->width == 0 || state->width > FMAX) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/src/md/unix/unix.c
new/nspr-4.12/nspr/pr/src/md/unix/unix.c
--- old/nspr-4.11/nspr/pr/src/md/unix/unix.c 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/src/md/unix/unix.c 2016-02-12 14:51:25.000000000
+0100
@@ -2715,7 +2715,7 @@
/* Android <= 19 doesn't have mmap64. */
#if defined(ANDROID) && __ANDROID_API__ <= 19
-extern void *__mmap2(void *, size_t, int, int, int, size_t);
+PR_IMPORT(void) *__mmap2(void *, size_t, int, int, int, size_t);
#define ANDROID_PAGE_SIZE 4096
@@ -3040,7 +3040,7 @@
}
#endif
-#if defined(HAVE_CLOCK_MONOTONIC)
+#if defined(_PR_HAVE_CLOCK_MONOTONIC)
PRIntervalTime _PR_UNIX_GetInterval2()
{
struct timespec time;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/src/md/windows/ntinrval.c
new/nspr-4.12/nspr/pr/src/md/windows/ntinrval.c
--- old/nspr-4.11/nspr/pr/src/md/windows/ntinrval.c 2015-11-18
13:36:52.000000000 +0100
+++ new/nspr-4.12/nspr/pr/src/md/windows/ntinrval.c 2016-02-12
14:51:25.000000000 +0100
@@ -8,6 +8,10 @@
*
*/
+/* Mozilla's build system defines this globally. */
+#ifdef WIN32_LEAN_AND_MEAN
+#undef WIN32_LEAN_AND_MEAN
+#endif
#include "primpl.h"
#ifdef WINCE
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/src/md/windows/w95thred.c
new/nspr-4.12/nspr/pr/src/md/windows/w95thred.c
--- old/nspr-4.11/nspr/pr/src/md/windows/w95thred.c 2015-11-18
13:36:52.000000000 +0100
+++ new/nspr-4.12/nspr/pr/src/md/windows/w95thred.c 2016-02-12
14:51:25.000000000 +0100
@@ -65,7 +65,7 @@
** suspending). Therefore, get a real handle from
** the pseudo handle via DuplicateHandle(...)
*/
- DuplicateHandle(
+ BOOL ok = DuplicateHandle(
GetCurrentProcess(), /* Process of source handle */
GetCurrentThread(), /* Pseudo Handle to dup */
GetCurrentProcess(), /* Process of handle */
@@ -73,6 +73,11 @@
0L, /* access flags */
FALSE, /* Inheritable */
DUPLICATE_SAME_ACCESS); /* Options */
+ if (!ok) {
+ return PR_FAILURE;
+ }
+ thread->id = GetCurrentThreadId();
+ thread->md.id = thread->id;
}
/* Create the blocking IO semaphore */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/src/misc/prenv.c
new/nspr-4.12/nspr/pr/src/misc/prenv.c
--- old/nspr-4.11/nspr/pr/src/misc/prenv.c 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/src/misc/prenv.c 2016-02-12 14:51:25.000000000
+0100
@@ -4,10 +4,12 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include <string.h>
+#include <stdlib.h>
#include "primpl.h"
#include "prmem.h"
#if defined(XP_UNIX)
+#include <unistd.h>
#if defined(DARWIN)
#if defined(HAVE_CRT_EXTERNS_H)
#include <crt_externs.h>
@@ -17,6 +19,11 @@
#endif /* DARWIN */
#endif /* XP_UNIX */
+#if !defined(HAVE_SECURE_GETENV) && defined(HAVE___SECURE_GETENV)
+#define secure_getenv __secure_getenv
+#define HAVE_SECURE_GETENV 1
+#endif
+
/* Lock used to lock the environment */
#if defined(_PR_NO_PREEMPT)
#define _PR_NEW_LOCK_ENV()
@@ -63,6 +70,34 @@
return ev;
}
+PR_IMPLEMENT(char*) PR_GetEnvSecure(const char *var)
+{
+#ifdef HAVE_SECURE_GETENV
+ char *ev;
+
+ if (!_pr_initialized) _PR_ImplicitInitialization();
+
+ _PR_LOCK_ENV();
+ ev = secure_getenv(var);
+ _PR_UNLOCK_ENV();
+
+ return ev;
+#else
+#ifdef XP_UNIX
+ /*
+ ** Fall back to checking uids and gids. This won't detect any other
+ ** privilege-granting mechanisms the platform may have. This also
+ ** can't detect the case where the process already called
+ ** setuid(geteuid()) and/or setgid(getegid()).
+ */
+ if (getuid() != geteuid() || getgid() != getegid()) {
+ return NULL;
+ }
+#endif /* XP_UNIX */
+ return PR_GetEnv(var);
+#endif /* HAVE_SECURE_GETENV */
+}
+
PR_IMPLEMENT(PRStatus) PR_SetEnv(const char *string)
{
PRIntn result;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/src/misc/prnetdb.c
new/nspr-4.12/nspr/pr/src/misc/prnetdb.c
--- old/nspr-4.11/nspr/pr/src/misc/prnetdb.c 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/src/misc/prnetdb.c 2016-02-12 14:51:25.000000000
+0100
@@ -63,8 +63,7 @@
#if defined(SOLARIS) || (defined(BSDI) && defined(_REENTRANT)) \
|| (defined(LINUX) && defined(_REENTRANT) \
- && !(defined(__GLIBC__) && __GLIBC__ >= 2) \
- && !defined(ANDROID))
+ && defined(__GLIBC__) && __GLIBC__ < 2)
#define _PR_HAVE_GETPROTO_R
#define _PR_HAVE_GETPROTO_R_POINTER
#endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/src/misc/prtpool.c
new/nspr-4.12/nspr/pr/src/misc/prtpool.c
--- old/nspr-4.11/nspr/pr/src/misc/prtpool.c 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/src/misc/prtpool.c 2016-02-12 14:51:25.000000000
+0100
@@ -281,8 +281,8 @@
int pollfd_cnt, pollfds_used;
int rv;
PRCList *qp, *nextqp;
-PRPollDesc *pollfds;
-PRJob **polljobs;
+PRPollDesc *pollfds = NULL;
+PRJob **polljobs = NULL;
int poll_timeout;
PRIntervalTime now;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/src/misc/prtrace.c
new/nspr-4.12/nspr/pr/src/misc/prtrace.c
--- old/nspr-4.11/nspr/pr/src/misc/prtrace.c 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/src/misc/prtrace.c 2016-02-12 14:51:25.000000000
+0100
@@ -657,14 +657,8 @@
logLostData = 0; /* reset at entry */
logState = LogReset;
-#ifdef XP_UNIX
- if ((getuid() != geteuid()) || (getgid() != getegid())) {
- return NULL;
- }
-#endif /* XP_UNIX */
-
/* Get the filename for the logfile from the environment */
- logFileName = PR_GetEnv( "NSPR_TRACE_LOG" );
+ logFileName = PR_GetEnvSecure( "NSPR_TRACE_LOG" );
if ( logFileName == NULL )
{
PR_LOG( lm, PR_LOG_ERROR,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/src/nspr.def
new/nspr-4.12/nspr/pr/src/nspr.def
--- old/nspr-4.11/nspr/pr/src/nspr.def 2015-11-18 13:36:52.000000000 +0100
+++ new/nspr-4.12/nspr/pr/src/nspr.def 2016-02-12 14:51:25.000000000 +0100
@@ -455,3 +455,10 @@
;+ global:
PR_SyncMemMap;
;+} NSPR_4.9.2;
+;+# Function PR_DuplicateEnvironment had been added in NSPR 4.10.9,
+;+# but we neglected to add it to nspr.def until NSPR 4.12
+;+NSPR_4.12 {
+;+ global:
+ PR_DuplicateEnvironment;
+ PR_GetEnvSecure;
+;+} NSPR_4.10.3;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/src/pthreads/ptio.c
new/nspr-4.12/nspr/pr/src/pthreads/ptio.c
--- old/nspr-4.11/nspr/pr/src/pthreads/ptio.c 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/src/pthreads/ptio.c 2016-02-12 14:51:25.000000000
+0100
@@ -3765,7 +3765,7 @@
* We use these variables to figure out how much time has
* elapsed and how much of the timeout still remains.
*/
- PRIntervalTime start, elapsed, remaining;
+ PRIntervalTime start = 0, elapsed, remaining;
if (pt_TestAbort()) return -1;
@@ -4019,7 +4019,7 @@
* We use these variables to figure out how much time has
* elapsed and how much of the timeout still remains.
*/
- PRIntervalTime start, elapsed, remaining;
+ PRIntervalTime start = 0, elapsed, remaining;
if (pt_TestAbort()) return -1;
@@ -4919,7 +4919,7 @@
* We use these variables to figure out how much time has elapsed
* and how much of the timeout still remains.
*/
- PRIntervalTime start, elapsed, remaining;
+ PRIntervalTime start = 0, elapsed, remaining;
static PRBool unwarned = PR_TRUE;
if (unwarned) unwarned = _PR_Obsolete( "PR_Select", "PR_Poll");
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/src/pthreads/ptthread.c
new/nspr-4.12/nspr/pr/src/pthreads/ptthread.c
--- old/nspr-4.11/nspr/pr/src/pthreads/ptthread.c 2015-11-18
13:36:52.000000000 +0100
+++ new/nspr-4.12/nspr/pr/src/pthreads/ptthread.c 2016-02-12
14:51:25.000000000 +0100
@@ -21,6 +21,10 @@
#include <signal.h>
#include <dlfcn.h>
+#if defined(OPENBSD) || defined(FREEBSD) || defined(DRAGONFLY)
+#include <pthread_np.h>
+#endif
+
#ifdef SYMBIAN
/* In Open C sched_get_priority_min/max do not work properly, so we undefine
* _POSIX_THREAD_PRIORITY_SCHEDULING here.
@@ -1733,7 +1737,7 @@
{
PRThread *thread;
size_t nameLen;
- int result;
+ int result = 0;
if (!name) {
PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
@@ -1751,8 +1755,10 @@
return PR_FAILURE;
memcpy(thread->name, name, nameLen + 1);
-#if defined(OPENBSD) || defined(FREEBSD)
- result = pthread_set_name_np(thread->id, name);
+#if defined(OPENBSD) || defined(FREEBSD) || defined(DRAGONFLY)
+ pthread_set_name_np(thread->id, name);
+#elif defined(NETBSD)
+ result = pthread_setname_np(thread->id, "%s", (void *)name);
#else /* not BSD */
/*
* On OSX, pthread_setname_np is only available in 10.6 or later, so test
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/tests/env.c
new/nspr-4.12/nspr/pr/tests/env.c
--- old/nspr-4.11/nspr/pr/tests/env.c 2015-11-18 13:36:52.000000000 +0100
+++ new/nspr-4.12/nspr/pr/tests/env.c 2016-02-12 14:51:25.000000000 +0100
@@ -18,6 +18,7 @@
PRIntn debug = 0;
PRIntn verbose = 0;
+PRIntn secure = 0;
PRBool failedAlready = PR_FALSE;
#define ENVNAME "NSPR_ENVIRONMENT_TEST_VARIABLE"
@@ -43,7 +44,7 @@
{ /* Get command line options */
PLOptStatus os;
- PLOptState *opt = PL_CreateOptState(argc, argv, "vd");
+ PLOptState *opt = PL_CreateOptState(argc, argv, "vds");
while (PL_OPT_EOL != (os = PL_GetNextOpt(opt)))
{
@@ -56,6 +57,15 @@
case 'v': /* verbose */
verbose = 1;
break;
+ case 's': /* secure / set[ug]id */
+ /*
+ ** To test PR_GetEnvSecure, make this executable (or a
+ ** copy of it) setuid / setgid / otherwise inherently
+ ** privileged (e.g., file capabilities) and run it
+ ** with this flag.
+ */
+ secure = 1;
+ break;
default:
break;
}
@@ -113,6 +123,32 @@
if (verbose) printf("env: PR_GetEnv() worked after setting it. Found:
%s\n", value );
}
+ if ( secure ) {
+ /*
+ ** In this case we've been run with elevated privileges, so
+ ** test that PR_GetEnvSecure *doesn't* find that env var.
+ */
+ value = PR_GetEnvSecure( ENVNAME );
+ if ( NULL != value ) {
+ if (debug) printf( "env: PR_GetEnvSecure() failed; expected NULL,
found \"%s\"\n", value );
+ failedAlready = PR_TRUE;
+ } else {
+ if (verbose) printf("env: PR_GetEnvSecure() worked\n" );
+ }
+ } else {
+ /*
+ ** In this case the program is being run normally, so do the
+ ** same check for PR_GetEnvSecure as for PR_GetEnv.
+ */
+ value = PR_GetEnvSecure( ENVNAME );
+ if ( (NULL == value ) || (strcmp( value, ENVVALUE))) {
+ if (debug) printf( "env: PR_GetEnvSecure() Failed after setting\n"
);
+ failedAlready = PR_TRUE;
+ } else {
+ if (verbose) printf("env: PR_GetEnvSecure() worked after setting
it. Found: %s\n", value );
+ }
+ }
+
/* ---------------------------------------------------------------------- */
/* check that PR_DuplicateEnvironment() agrees with PR_GetEnv() */
{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/tests/server_test.c
new/nspr-4.12/nspr/pr/tests/server_test.c
--- old/nspr-4.11/nspr/pr/tests/server_test.c 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/tests/server_test.c 2016-02-12 14:51:25.000000000
+0100
@@ -37,6 +37,7 @@
#define PASS 0
#define FAIL 1
static int debug_mode = 0;
+static int failed_already = 0;
static int _iterations = 1000;
static int _clients = 1;
@@ -90,6 +91,7 @@
break;
case FAIL:
printf ("FAIL\n");
+ failed_already = 1;
break;
default:
break;
@@ -246,21 +248,32 @@
ServerSetup(void)
{
PRFileDesc *listenSocket;
+ PRSocketOptionData sockOpt;
PRNetAddr serverAddr;
PRThread *WorkerThread;
- if ( (listenSocket = PR_NewTCPSocket()) == NULL) {
+ if ((listenSocket = PR_NewTCPSocket()) == NULL) {
if (debug_mode) printf("\tServer error creating listen socket\n");
else Test_Result(FAIL);
return NULL;
}
+ sockOpt.option = PR_SockOpt_Reuseaddr;
+ sockOpt.value.reuse_addr = PR_TRUE;
+ if (PR_SetSocketOption(listenSocket, &sockOpt) != PR_SUCCESS) {
+ if (debug_mode) printf("\tServer error setting socket option: OS error
%d\n",
+ PR_GetOSError());
+ else Test_Result(FAIL);
+ PR_Close(listenSocket);
+ return NULL;
+ }
+
memset(&serverAddr, 0, sizeof(PRNetAddr));
serverAddr.inet.family = PR_AF_INET;
serverAddr.inet.port = PR_htons(PORT);
serverAddr.inet.ip = PR_htonl(PR_INADDR_ANY);
- if ( PR_Bind(listenSocket, &serverAddr) == PR_FAILURE) {
+ if (PR_Bind(listenSocket, &serverAddr) != PR_SUCCESS) {
if (debug_mode) printf("\tServer error binding to server address: OS
error %d\n",
PR_GetOSError());
else Test_Result(FAIL);
@@ -268,7 +281,7 @@
return NULL;
}
- if ( PR_Listen(listenSocket, 128) == PR_FAILURE) {
+ if (PR_Listen(listenSocket, 128) != PR_SUCCESS) {
if (debug_mode) printf("\tServer error listening to server socket\n");
else Test_Result(FAIL);
PR_Close(listenSocket);
@@ -548,7 +561,7 @@
Usage: test_name -d
*/
PLOptStatus os;
- PLOptState *opt = PL_CreateOptState(argc, argv, "d:");
+ PLOptState *opt = PL_CreateOptState(argc, argv, "d");
while (PL_OPT_EOL != (os = PL_GetNextOpt(opt)))
{
if (PL_OPT_BAD == os) continue;
@@ -606,5 +619,5 @@
PR_Cleanup();
- return 0;
+ return failed_already;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nspr-4.11/nspr/pr/tests/vercheck.c
new/nspr-4.12/nspr/pr/tests/vercheck.c
--- old/nspr-4.11/nspr/pr/tests/vercheck.c 2015-11-18 13:36:52.000000000
+0100
+++ new/nspr-4.12/nspr/pr/tests/vercheck.c 2016-02-12 14:51:25.000000000
+0100
@@ -22,7 +22,7 @@
/*
* This release (4.10.10) is backward compatible with the
* 4.0.x, 4.1.x, 4.2.x, 4.3.x, 4.4.x, 4.5.x, 4.6.x, 4.7.x,
- * 4.8.x, 4.9.x, and 4.10.x releases.
+ * 4.8.x, 4.9.x, 4.10.x and 4.11.X releases.
* It, of course, is compatible with itself.
*/
static char *compatible_version[] = {
@@ -39,7 +39,7 @@
"4.9.6",
"4.10", "4.10.1", "4.10.2", "4.10.3", "4.10.4",
"4.10.5", "4.10.6", "4.10.7", "4.10.8", "4.10.9",
- "4.10.10",
+ "4.10.10", "4.11",
PR_VERSION
};
@@ -56,7 +56,7 @@
"3.1", "3.1.1", "3.1.2", "3.1.3",
"3.5", "3.5.1",
"4.11.1",
- "4.12", "4.12.1",
+ "4.12.1",
"10.0", "11.1", "12.14.20"
};
