#614: M1642792 M1650811 M1634872

dom/workers/ScriptLoader.cpp

@@ -1040,14 +1040,16 @@ private:
     rv = NS_GetFinalChannelURI(channel, getter_AddRefs(finalURI));
     NS_ENSURE_SUCCESS(rv, rv);
 
-    nsCString filename;
-    rv = finalURI->GetSpec(filename);
-    NS_ENSURE_SUCCESS(rv, rv);
+    if (principal->Subsumes(channelPrincipal)) {
+      nsCString filename;
+      rv = finalURI->GetSpec(filename);
+      NS_ENSURE_SUCCESS(rv, rv);
 
-    if (!filename.IsEmpty()) {
-      // This will help callers figure out what their script url resolved to in
-      // case of errors.
-      aLoadInfo.mURL.Assign(NS_ConvertUTF8toUTF16(filename));
+      if (!filename.IsEmpty()) {
+        // This will help callers figure out what their script url resolved to in
+        // case of errors.
+        aLoadInfo.mURL.Assign(NS_ConvertUTF8toUTF16(filename));
+      }
     }
 
     // Update the principal of the worker and its base URI if we just loaded the

netwerk/sctp/src/netinet/sctp_input.c

@@ -2517,6 +2517,27 @@ sctp_handle_cookie_echo(struct mbuf *m, int iphlen, int offset,
 		/* cookie too small */
 		return (NULL);
 	}
+#if defined(__Userspace__)
+	/*
+	 * Recover the AF_CONN addresses within the cookie.
+	 * This needs to be done in the buffer provided for later processing
+	 * of the cookie and in the mbuf chain for HMAC validation.
+	 */
+	if ((cookie->addr_type == SCTP_CONN_ADDRESS) && (src->sa_family == AF_CONN)) {
+		struct sockaddr_conn *sconnp = (struct sockaddr_conn *)src;
+
+		memcpy(cookie->address, &sconnp->sconn_addr , sizeof(void *));
+		m_copyback(m, cookie_offset + offsetof(struct sctp_state_cookie, address),
+		           (int)sizeof(void *), (caddr_t)&sconnp->sconn_addr);
+	}
+	if ((cookie->laddr_type == SCTP_CONN_ADDRESS) && (dst->sa_family == AF_CONN)) {
+		struct sockaddr_conn *sconnp = (struct sockaddr_conn *)dst;
+
+		memcpy(cookie->laddress, &sconnp->sconn_addr , sizeof(void *));
+		m_copyback(m, cookie_offset + offsetof(struct sctp_state_cookie, laddress),
+		           (int)sizeof(void *), (caddr_t)&sconnp->sconn_addr);
+	}
+#endif
 	/*
 	 * split off the signature into its own mbuf (since it should not be
 	 * calculated in the sctp_hmac_m() call).

netwerk/sctp/src/netinet/sctp_output.c

@@ -6492,6 +6492,27 @@ sctp_send_initiate_ack(struct sctp_inpcb *inp, struct sctp_tcb *stcb,
 			  (uint8_t *)inp->sctp_ep.secret_key[(int)(inp->sctp_ep.current_secret_number)],
 			  SCTP_SECRET_SIZE, m_cookie, sizeof(struct sctp_paramhdr),
 			  (uint8_t *)signature, SCTP_SIGNATURE_SIZE);
+#if defined(__Userspace__)
+	/*
+	 * Don't put AF_CONN addresses on the wire, in case this is critical
+	 * for the application. However, they are protected by the HMAC and
+	 * need to be reconstructed before checking the HMAC.
+	 * Clearing is only done in the mbuf chain, since the local stc is
+	 * not used anymore.
+	 */
+	if (stc.addr_type == SCTP_CONN_ADDRESS) {
+		const void *p = NULL;
+
+		m_copyback(m_cookie, sizeof(struct sctp_paramhdr) + offsetof(struct sctp_state_cookie, address),
+		           (int)sizeof(void *), (caddr_t)&p);
+	}
+	if (stc.laddr_type == SCTP_CONN_ADDRESS) {
+		const void *p = NULL;
+
+		m_copyback(m_cookie, sizeof(struct sctp_paramhdr) + offsetof(struct sctp_state_cookie, laddress),
+		           (int)sizeof(void *), (caddr_t)&p);
+	}
+#endif
 	/*
 	 * We sifa 0 here to NOT set IP_DF if its IPv4, we ignore the return
 	 * here since the timer will drive a retranmission.

xpcom/io/Base64.cpp

@@ -101,35 +101,55 @@ EncodeInputStream_Encoder(nsIInputStream* aStream,
                           uint32_t aCount,
                           uint32_t* aWriteCount)
 {
-  NS_ASSERTION(aCount > 0, "Er, what?");
+  MOZ_ASSERT(aCount > 0, "Er, what?");
 
   EncodeInputStream_State<T>* state =
     static_cast<EncodeInputStream_State<T>*>(aClosure);
 
+  // We consume the whole data always.
+  *aWriteCount = aCount;
+
   // If we have any data left from last time, encode it now.
   uint32_t countRemaining = aCount;
   const unsigned char* src = (const unsigned char*)aFromSegment;
   if (state->charsOnStack) {
+    MOZ_ASSERT(state->charsOnStack == 1 || state->charsOnStack == 2);
+
+    // Not enough data to compose a triple.
+    if (state->charsOnStack == 1 && countRemaining == 1) {
+      state->charsOnStack = 2;
+      state->c[1] = src[0];
+      return NS_OK;
+    }
+
+    uint32_t consumed = 0;
     unsigned char firstSet[4];
     if (state->charsOnStack == 1) {
       firstSet[0] = state->c[0];
       firstSet[1] = src[0];
-      firstSet[2] = (countRemaining > 1) ? src[1] : '\0';
+      firstSet[2] = src[1];
       firstSet[3] = '\0';
+      consumed = 2;
     } else /* state->charsOnStack == 2 */ {
       firstSet[0] = state->c[0];
       firstSet[1] = state->c[1];
       firstSet[2] = src[0];
       firstSet[3] = '\0';
+      consumed = 1;
     }
     Encode(firstSet, 3, state->buffer);
     state->buffer += 4;
-    countRemaining -= (3 - state->charsOnStack);
-    src += (3 - state->charsOnStack);
+    countRemaining -= consumed;
+    src += consumed;
     state->charsOnStack = 0;
+
+    // Nothing is left.
+    if (!countRemaining) {
+      return NS_OK;
+    }
   }
 
-  // Encode the bulk of the
+  // Encode as many full triplets as possible.
   uint32_t encodeLength = countRemaining - countRemaining % 3;
   MOZ_ASSERT(encodeLength % 3 == 0,
              "Should have an exact number of triplets!");
@@ -138,9 +158,6 @@ EncodeInputStream_Encoder(nsIInputStream* aStream,
   src += encodeLength;
   countRemaining -= encodeLength;
 
-  // We must consume all data, so if there's some data left stash it
-  *aWriteCount = aCount;
-
   if (countRemaining) {
     // We should never have a full triplet left at this point.
     MOZ_ASSERT(countRemaining < 3, "We should have encoded more!");