Compare commits
8 Commits
7c9617ab51
...
17b23692fe
Author | SHA1 | Date |
---|---|---|
Cameron Kaiser | 17b23692fe | |
Cameron Kaiser | 2f7da4e25a | |
Cameron Kaiser | c51a503edb | |
Cameron Kaiser | c889bc5ce1 | |
Cameron Kaiser | 2488fabc48 | |
Cameron Kaiser | fb91afbb46 | |
Cameron Kaiser | 28b4c08821 | |
Cameron Kaiser | 9197c15057 |
|
@ -49,7 +49,7 @@
|
|||
<!ENTITY helpus.getInvolvedLink "get involved!">
|
||||
<!ENTITY helpus.end "">
|
||||
|
||||
<!ENTITY copyright.blurb "Copyright © 2010-2022 Contributors to TenFourFox. All rights reserved.">
|
||||
<!ENTITY copyright.blurb "Copyright © 2010-2023 Contributors to TenFourFox. All rights reserved.">
|
||||
|
||||
<!-- LOCALIZATION NOTE (bottomLinks.license): This is a link title that links to about:license. -->
|
||||
<!ENTITY bottomLinks.license "Licensing Information">
|
||||
|
|
|
@ -699,6 +699,7 @@ nsScriptSecurityManager::CheckLoadURIWithPrincipal(nsIPrincipal* aPrincipal,
|
|||
ToLowerCase(hostname);
|
||||
#define BLOC(q) hostname.EqualsLiteral(q)
|
||||
#define BLOCU(q) url.EqualsLiteral(q)
|
||||
#define BLOCS(q) (StringBeginsWith(url, NS_LITERAL_CSTRING(q)))
|
||||
#define BLOCE(q) (StringEndsWith(url, NS_LITERAL_CSTRING(q)))
|
||||
|
||||
if (0 ||
|
||||
|
@ -711,10 +712,12 @@ nsScriptSecurityManager::CheckLoadURIWithPrincipal(nsIPrincipal* aPrincipal,
|
|||
BLOCE("/public/scripts/tldr/index.js")
|
||||
) ||
|
||||
#endif // __ppc__
|
||||
BLOCS("https://developer.mozilla.org/static/js/main.") ||
|
||||
|
||||
0) {
|
||||
#undef BLOC
|
||||
#undef BLOCU
|
||||
#undef BLOCS
|
||||
#undef BLOCE
|
||||
|
||||
#ifndef DEBUG
|
||||
|
|
|
@ -281,7 +281,7 @@ nsHTMLContentSerializer::AppendElementStart(Element* aElement,
|
|||
if (ns == kNameSpaceID_XHTML &&
|
||||
(name == nsGkAtoms::script ||
|
||||
name == nsGkAtoms::style ||
|
||||
name == nsGkAtoms::noscript ||
|
||||
(name == nsGkAtoms::noscript && aElement->OwnerDoc()->IsScriptEnabled()) ||
|
||||
name == nsGkAtoms::noframes)) {
|
||||
++mDisableEntityEncoding;
|
||||
}
|
||||
|
@ -310,7 +310,7 @@ nsHTMLContentSerializer::AppendElementEnd(Element* aElement,
|
|||
if (ns == kNameSpaceID_XHTML &&
|
||||
(name == nsGkAtoms::script ||
|
||||
name == nsGkAtoms::style ||
|
||||
name == nsGkAtoms::noscript ||
|
||||
(name == nsGkAtoms::noscript && aElement->OwnerDoc()->IsScriptEnabled()) ||
|
||||
name == nsGkAtoms::noframes)) {
|
||||
--mDisableEntityEncoding;
|
||||
}
|
||||
|
|
|
@ -74,7 +74,7 @@ pixman_sample_floor_y (pixman_fixed_t y,
|
|||
|
||||
if (f < Y_FRAC_FIRST (n))
|
||||
{
|
||||
if (pixman_fixed_to_int (i) == 0x8000)
|
||||
if (pixman_fixed_to_int (i) == 0xffff8000)
|
||||
{
|
||||
f = 0; /* saturate */
|
||||
}
|
||||
|
|
|
@ -4,18 +4,23 @@
|
|||
|
||||
#include "vdmx.h"
|
||||
|
||||
#include <set>
|
||||
|
||||
// VDMX - Vertical Device Metrics
|
||||
// http://www.microsoft.com/typography/otspec/vdmx.htm
|
||||
|
||||
namespace ots {
|
||||
|
||||
#define TABLE_NAME "VDMX"
|
||||
|
||||
bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
||||
Buffer table(data, length);
|
||||
ots::Font* font = this->GetFont();
|
||||
|
||||
if (!table.ReadU16(&this->version) ||
|
||||
!table.ReadU16(&this->num_recs) ||
|
||||
!table.ReadU16(&this->num_ratios)) {
|
||||
return Error("Failed to read table header");
|
||||
return Drop("Failed to read table header");
|
||||
}
|
||||
|
||||
if (this->version > 1) {
|
||||
|
@ -30,7 +35,7 @@ bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
|||
!table.ReadU8(&rec.x_ratio) ||
|
||||
!table.ReadU8(&rec.y_start_ratio) ||
|
||||
!table.ReadU8(&rec.y_end_ratio)) {
|
||||
return Error("Failed to read RatioRange record %d", i);
|
||||
return Drop("Failed to read RatioRange record %d", i);
|
||||
}
|
||||
|
||||
if (rec.charset > 1) {
|
||||
|
@ -56,17 +61,28 @@ bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
|||
|
||||
this->offsets.reserve(this->num_ratios);
|
||||
const size_t current_offset = table.offset();
|
||||
std::set<uint16_t> unique_offsets;
|
||||
// current_offset is less than (2 bytes * 3) + (4 bytes * USHRT_MAX) = 256k.
|
||||
for (unsigned i = 0; i < this->num_ratios; ++i) {
|
||||
uint16_t offset;
|
||||
if (!table.ReadU16(&offset)) {
|
||||
return Error("Failed to read ratio offset %d", i);
|
||||
return Drop("Failed to read ratio offset %d", i);
|
||||
}
|
||||
if (current_offset + offset >= length) { // thus doesn't overflow.
|
||||
return Error("Bad ratio offset %d for ration %d", offset, i);
|
||||
return Drop("Bad ratio offset %d for ration %d", offset, i);
|
||||
}
|
||||
|
||||
this->offsets.push_back(offset);
|
||||
unique_offsets.insert(offset);
|
||||
}
|
||||
|
||||
// Check that num_recs is sufficient to provide as many VDMXGroup records
|
||||
// as there are unique offsets; if not, update it (we'll return an error
|
||||
// below if they're not actually present).
|
||||
if (unique_offsets.size() > this->num_recs) {
|
||||
OTS_WARNING("increasing num_recs (%u is too small for %u unique offsets)",
|
||||
this->num_recs, unique_offsets.size());
|
||||
this->num_recs = unique_offsets.size();
|
||||
}
|
||||
|
||||
this->groups.reserve(this->num_recs);
|
||||
|
@ -75,7 +91,7 @@ bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
|||
if (!table.ReadU16(&group.recs) ||
|
||||
!table.ReadU8(&group.startsz) ||
|
||||
!table.ReadU8(&group.endsz)) {
|
||||
return Error("Failed to read record header %d", i);
|
||||
return Drop("Failed to read record header %d", i);
|
||||
}
|
||||
group.entries.reserve(group.recs);
|
||||
for (unsigned j = 0; j < group.recs; ++j) {
|
||||
|
@ -83,7 +99,7 @@ bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
|||
if (!table.ReadU16(&vt.y_pel_height) ||
|
||||
!table.ReadS16(&vt.y_max) ||
|
||||
!table.ReadS16(&vt.y_min)) {
|
||||
return Error("Failed to read reacord %d group %d", i, j);
|
||||
return Drop("Failed to read record %d group %d", i, j);
|
||||
}
|
||||
if (vt.y_max < vt.y_min) {
|
||||
return Drop("bad y min/max");
|
||||
|
@ -152,4 +168,6 @@ bool OpenTypeVDMX::Serialize(OTSStream *out) {
|
|||
return true;
|
||||
}
|
||||
|
||||
#undef TABLE_NAME
|
||||
|
||||
} // namespace ots
|
||||
|
|
|
@ -174,6 +174,9 @@ static ContentMap& GetContentMap() {
|
|||
// When the pref "layout.css.grid.enabled" changes, this function is invoked
|
||||
// to let us update kDisplayKTable, to selectively disable or restore the
|
||||
// entries for "grid" and "inline-grid" in that table.
|
||||
//
|
||||
// NB: as of TenFourFox issue 659, a whitelist entry per host is also required
|
||||
// to enable (but turning it off turns it off globally).
|
||||
static void
|
||||
GridEnabledPrefChangeCallback(const char* aPrefName, void* aClosure)
|
||||
{
|
||||
|
|
|
@ -6598,7 +6598,11 @@ PresShell::RecordMouseLocation(WidgetGUIEvent* aEvent)
|
|||
|
||||
nsIFrame* GetNearestFrameContainingPresShell(nsIPresShell* aPresShell)
|
||||
{
|
||||
nsView* view = aPresShell->GetViewManager()->GetRootView();
|
||||
nsViewManager* vm = aPresShell->GetViewManager();
|
||||
if (!vm) {
|
||||
return nullptr;
|
||||
}
|
||||
nsView* view = vm->GetRootView();
|
||||
while (view && !view->GetFrame()) {
|
||||
view = view->GetParent();
|
||||
}
|
||||
|
|
|
@ -1439,6 +1439,10 @@ protected:
|
|||
// Value to make sure our resolved variable results stay within sane limits.
|
||||
const uint32_t MAX_CSS_VAR_LENGTH = 10240;
|
||||
|
||||
// TenFourFox issue 659
|
||||
// If this host is whitelisted, turn on CSS grid and inline grid.
|
||||
bool mHostCSSGridOK : 1;
|
||||
|
||||
public:
|
||||
// Used from nsCSSParser constructors and destructors
|
||||
CSSParserImpl* mNextFree;
|
||||
|
@ -1587,6 +1591,32 @@ CSSParserImpl::InitScanner(nsCSSScanner& aScanner,
|
|||
mSheetURI = aSheetURI;
|
||||
mSheetPrincipal = aSheetPrincipal;
|
||||
mHavePushBack = false;
|
||||
|
||||
// TenFourFox issue 659
|
||||
mHostCSSGridOK = false;
|
||||
if (MOZ_LIKELY(mBaseURI)) {
|
||||
nsCString host;
|
||||
bool isChrome;
|
||||
|
||||
// Never turn on grid for browser chrome.
|
||||
nsresult rv = mBaseURI->SchemeIs("chrome", &isChrome);
|
||||
if (NS_SUCCEEDED(rv) && !isChrome) {
|
||||
// Get host and check pref.
|
||||
rv = mBaseURI->GetHost(host);
|
||||
if (NS_SUCCEEDED(rv) && !host.IsEmpty()) {
|
||||
nsCString pref;
|
||||
|
||||
pref.AssignLiteral("layout.css.grid.host.");
|
||||
pref.SetCapacity(pref.Length() + host.Length());
|
||||
pref += host;
|
||||
mHostCSSGridOK = Preferences::GetBool(pref.get(), false);
|
||||
#if DEBUG
|
||||
if (mHostCSSGridOK)
|
||||
fprintf(stderr, "CSS grid enabled for %s\n", pref.get());
|
||||
#endif
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
|
@ -7586,6 +7616,14 @@ CSSParserImpl::ParseVariant(nsCSSValue& aValue,
|
|||
}
|
||||
if ((aVariantMask & VARIANT_KEYWORD) != 0) {
|
||||
int32_t value;
|
||||
|
||||
// TenFourFox issue 659
|
||||
if (MOZ_UNLIKELY(!mHostCSSGridOK &&
|
||||
aKeywordTable == nsCSSProps::kDisplayKTable &&
|
||||
(keyword == eCSSKeyword_grid ||
|
||||
keyword == eCSSKeyword_inline_grid))) {
|
||||
// pretend the keyword wasn't found
|
||||
} else
|
||||
if (nsCSSProps::FindKeyword(keyword, aKeywordTable, value)) {
|
||||
aValue.SetIntValue(value, eCSSUnit_Enumerated);
|
||||
return CSSParseResult::Ok;
|
||||
|
|
|
@ -826,6 +826,11 @@ MOZ_WIN_MEM_TRY_BEGIN
|
|||
uint32_t offset = aItem->LocalOffset();
|
||||
if (len < ZIPLOCAL_SIZE || offset > len - ZIPLOCAL_SIZE)
|
||||
return 0;
|
||||
// Check there's enough space for the signature
|
||||
if (offset > mFd->mLen) {
|
||||
NS_WARNING("Corrupt local offset in JAR file");
|
||||
return 0;
|
||||
}
|
||||
|
||||
// -- check signature before using the structure, in case the zip file is corrupt
|
||||
ZipLocal* Local = (ZipLocal*)(data + offset);
|
||||
|
@ -838,6 +843,11 @@ MOZ_WIN_MEM_TRY_BEGIN
|
|||
offset += ZIPLOCAL_SIZE +
|
||||
xtoint(Local->filename_len) +
|
||||
xtoint(Local->extrafield_len);
|
||||
// Check data points inside the file.
|
||||
if (offset > mFd->mLen) {
|
||||
NS_WARNING("Corrupt local offset in JAR file");
|
||||
return 0;
|
||||
}
|
||||
|
||||
return offset;
|
||||
MOZ_WIN_MEM_TRY_CATCH(return 0)
|
||||
|
|
|
@ -2395,11 +2395,10 @@ pref("layout.css.variables.enabled", true);
|
|||
pref("layout.css.overflow-clip-box.enabled", false);
|
||||
|
||||
// Is support for CSS grid enabled?
|
||||
#ifdef RELEASE_BUILD
|
||||
pref("layout.css.grid.enabled", false);
|
||||
#else
|
||||
// TenFourFox issue 659 makes this into a per-host whitelist.
|
||||
pref("layout.css.grid.enabled", true);
|
||||
#endif
|
||||
// Whitelist by default:
|
||||
pref("layout.css.grid.host.developer.mozilla.org", true);
|
||||
|
||||
// Is support for CSS "grid-template-{columns,rows}: subgrid X" enabled?
|
||||
pref("layout.css.grid-template-subgrid-value.enabled", false);
|
||||
|
|
|
@ -3224,11 +3224,13 @@ nsCookieService::SetCookieInternal(nsIURI *aHostURI,
|
|||
// 3 = secure and "https:"
|
||||
bool isHTTPS;
|
||||
nsresult rv = aHostURI->SchemeIs("https", &isHTTPS);
|
||||
/*
|
||||
if (NS_SUCCEEDED(rv)) {
|
||||
Telemetry::Accumulate(Telemetry::COOKIE_SCHEME_SECURITY,
|
||||
((cookieAttributes.isSecure)? 0x02 : 0x00) |
|
||||
((isHTTPS)? 0x01 : 0x00));
|
||||
}
|
||||
*/
|
||||
|
||||
int64_t currentTimeInUsec = PR_Now();
|
||||
|
||||
|
@ -3285,6 +3287,15 @@ nsCookieService::SetCookieInternal(nsIURI *aHostURI,
|
|||
return newCookie;
|
||||
}
|
||||
|
||||
if (!CheckHiddenPrefix(cookieAttributes)) {
|
||||
COOKIE_LOGFAILURE(SET_COOKIE, aHostURI, savedCookieHeader, "failed the CheckHiddenPrefix tests");
|
||||
return newCookie;
|
||||
}
|
||||
if (!CheckPrefixes(cookieAttributes, isHTTPS)) {
|
||||
COOKIE_LOGFAILURE(SET_COOKIE, aHostURI, savedCookieHeader, "failed the prefix tests");
|
||||
return newCookie;
|
||||
}
|
||||
|
||||
// create a new nsCookie and copy attributes
|
||||
RefPtr<nsCookie> cookie =
|
||||
nsCookie::Create(cookieAttributes.name,
|
||||
|
@ -4108,6 +4119,56 @@ nsCookieService::CheckPath(nsCookieAttributes &aCookieAttributes,
|
|||
return true;
|
||||
}
|
||||
|
||||
bool
|
||||
nsCookieService::CheckPrefixes(nsCookieAttributes &aCookieAttributes,
|
||||
bool aSecureRequest)
|
||||
{
|
||||
if (aCookieAttributes.name.IsEmpty() || aCookieAttributes.name.Length() == 0)
|
||||
return true;
|
||||
|
||||
bool isSecure = StringBeginsWith(aCookieAttributes.name, NS_LITERAL_CSTRING("__Secure-"));
|
||||
bool isHost = StringBeginsWith(aCookieAttributes.name, NS_LITERAL_CSTRING("__Host-"));
|
||||
|
||||
if (!isSecure && !isHost) {
|
||||
// not one of the magic prefixes: carry on
|
||||
return true;
|
||||
}
|
||||
|
||||
if (!aSecureRequest || !aCookieAttributes.isSecure) {
|
||||
// the magic prefixes may only be used from a secure request and
|
||||
// the secure attribute must be set on the cookie
|
||||
return false;
|
||||
}
|
||||
|
||||
if (isHost) {
|
||||
// The host prefix requires that the path is "/" and that the cookie
|
||||
// had no domain attribute. CheckDomain() and CheckPath() MUST be run
|
||||
// first to make sure invalid attributes are rejected and to regularlize
|
||||
// them. In particular all explicit domain attributes result in a host
|
||||
// that starts with a dot, and if the host doesn't start with a dot it
|
||||
// correctly matches the true host.
|
||||
if (aCookieAttributes.host[0] == '.' ||
|
||||
!aCookieAttributes.path.EqualsLiteral("/")) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
bool
|
||||
nsCookieService::CheckHiddenPrefix(nsCookieAttributes &aCookieAttributes)
|
||||
{
|
||||
if (aCookieAttributes.name.IsEmpty() || aCookieAttributes.name.Length() == 0)
|
||||
return true;
|
||||
if (StringBeginsWith(aCookieAttributes.value, NS_LITERAL_CSTRING("__Host-")))
|
||||
return false;
|
||||
if (StringBeginsWith(aCookieAttributes.value, NS_LITERAL_CSTRING("__Secure-")))
|
||||
return false;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
bool
|
||||
nsCookieService::GetExpiry(nsCookieAttributes &aCookieAttributes,
|
||||
int64_t aServerTime,
|
||||
|
|
|
@ -309,6 +309,8 @@ class nsCookieService final : public nsICookieService
|
|||
CookieStatus CheckPrefs(nsIURI *aHostURI, bool aIsForeign, bool aRequireHostMatch, const char *aCookieHeader);
|
||||
bool CheckDomain(nsCookieAttributes &aCookie, nsIURI *aHostURI, const nsCString &aBaseDomain, bool aRequireHostMatch);
|
||||
static bool CheckPath(nsCookieAttributes &aCookie, nsIURI *aHostURI);
|
||||
bool CheckPrefixes(nsCookieAttributes &aCookie, bool aSecureRequest);
|
||||
bool CheckHiddenPrefix(nsCookieAttributes &aCookie);
|
||||
static bool GetExpiry(nsCookieAttributes &aCookie, int64_t aServerTime, int64_t aCurrentTime);
|
||||
void RemoveAllFromMemory();
|
||||
already_AddRefed<nsIArray> PurgeCookies(int64_t aCurrentTimeInUsec);
|
||||
|
|
|
@ -786,6 +786,14 @@ parserCreate(const XML_Char *encodingName,
|
|||
parserInit(parser, encodingName);
|
||||
|
||||
if (encodingName && !protocolEncodingName) {
|
||||
if (dtd) {
|
||||
// We need to stop the upcoming call to XML_ParserFree from happily
|
||||
// destroying parser->m_dtd because the DTD is shared with the parent
|
||||
// parser and the only guard that keeps XML_ParserFree from destroying
|
||||
// parser->m_dtd is parser->m_isParamEntity but it will be set to
|
||||
// XML_TRUE only later in XML_ExternalEntityParserCreate (or not at all).
|
||||
parser->m_dtd = NULL;
|
||||
}
|
||||
XML_ParserFree(parser);
|
||||
return NULL;
|
||||
}
|
||||
|
|
|
@ -1572,13 +1572,22 @@ nsLocalFile::IsExecutable(bool* aResult)
|
|||
|
||||
// Search for any of the set of executable extensions.
|
||||
static const char* const executableExts[] = {
|
||||
#ifdef MOZ_WIDGET_COCOA
|
||||
"afploc", // Can point to other files.
|
||||
#endif
|
||||
"air", // Adobe AIR installer
|
||||
#ifdef MOZ_WIDGET_COCOA
|
||||
"inetloc", // https://ssd-disclosure.com/ssd-advisory-macos-finder-rce/
|
||||
"atloc", // Can point to other files.
|
||||
"fileloc", // File location files can be used to point to other files.
|
||||
"webloc", // same URL
|
||||
"ftploc", // Can point to other files.
|
||||
"inetloc", // https://ssd-disclosure.com/ssd-advisory-macos-finder-rce/
|
||||
// Shouldn't be able to do the same, but can, due to
|
||||
// macOS vulnerabilities.
|
||||
#endif
|
||||
"jar" // java application bundle
|
||||
#ifdef MOZ_WIDGET_COCOA
|
||||
,"webloc" // same URL
|
||||
#endif
|
||||
};
|
||||
nsDependentSubstring ext = Substring(path, dotIdx + 1);
|
||||
for (size_t i = 0; i < ArrayLength(executableExts); i++) {
|
||||
|
@ -1781,11 +1790,14 @@ nsLocalFile::GetNativeTarget(nsACString& aResult)
|
|||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
if (readlink(mPath.get(), target, (size_t)size) < 0) {
|
||||
ssize_t written = readlink(mPath.get(), target, (size_t)size);
|
||||
if (written < 0) {
|
||||
free(target);
|
||||
return NSRESULT_FOR_ERRNO();
|
||||
}
|
||||
target[size] = '\0';
|
||||
// Target might have changed since the lstat call, or lstat might lie, see bug
|
||||
// 1791029.
|
||||
target[written] = '\0';
|
||||
|
||||
nsresult rv = NS_OK;
|
||||
nsCOMPtr<nsIFile> self(this);
|
||||
|
|
Loading…
Reference in New Issue