[tor-commits] [tor-browser-build/master] Applying patch for bug 24052
gk at torproject.org
gk at torproject.org
Fri Nov 3 22:06:44 UTC 2017
commit e0e6bfd780cdbb529aecc57699a8f410f667c62f
Author: Georg Koppen <gk at torproject.org>
Date: Mon Oct 30 09:44:58 2017 +0000
Applying patch for bug 24052
---
projects/firefox/24052.patch | 57 ++++++++++++++++++++++++++++++++++++++++++++
projects/firefox/build | 4 ++++
projects/firefox/config | 2 ++
3 files changed, 63 insertions(+)
diff --git a/projects/firefox/24052.patch b/projects/firefox/24052.patch
new file mode 100644
index 0000000..a418a97
--- /dev/null
+++ b/projects/firefox/24052.patch
@@ -0,0 +1,57 @@
+From c5d1bb91512f9dd20e0f54c6f3e6979588cf9f56 Mon Sep 17 00:00:00 2001
+From: Georg Koppen <gk at torproject.org>
+Date: Fri, 27 Oct 2017 20:40:57 +0000
+Subject: [PATCH] Bug 24052: Streamline handling of file:// resources
+
+We should make sure restrictions regarding loading of file:// resources
+are adhered to more strictly, at least on *nix platforms.
+
+This is a workaround for
+https://bugzilla.mozilla.org/show_bug.cgi?id=1412081.
+
+diff --git a/netwerk/base/nsIOService.cpp b/netwerk/base/nsIOService.cpp
+index 0da79c18ae41..0cc67da7b18f 100644
+--- a/netwerk/base/nsIOService.cpp
++++ b/netwerk/base/nsIOService.cpp
+@@ -789,12 +789,20 @@ nsIOService::NewChannelFromURIWithProxyFlagsInternal(nsIURI* aURI,
+ // if calling newChannel2() fails we try to fall back to
+ // creating a new channel by calling NewChannel().
+ if (NS_FAILED(rv)) {
++#ifdef XP_UNIX
++ if (rv == NS_ERROR_FILE_TARGET_DOES_NOT_EXIST) {
++ return rv;
++ } else {
++#endif
+ rv = handler->NewChannel(aURI, getter_AddRefs(channel));
+ NS_ENSURE_SUCCESS(rv, rv);
+ // The protocol handler does not implement NewChannel2, so
+ // maybe we need to wrap the channel (see comment in MaybeWrap
+ // function).
+ channel = nsSecCheckWrapChannel::MaybeWrap(channel, aLoadInfo);
++#ifdef XP_UNIX
++ }
++#endif
+ }
+ }
+
+diff --git a/netwerk/protocol/file/nsFileProtocolHandler.cpp b/netwerk/protocol/file/nsFileProtocolHandler.cpp
+index e55cb9d47460..c24c928b6f02 100644
+--- a/netwerk/protocol/file/nsFileProtocolHandler.cpp
++++ b/netwerk/protocol/file/nsFileProtocolHandler.cpp
+@@ -188,6 +188,13 @@ nsFileProtocolHandler::NewChannel2(nsIURI* uri,
+ nsILoadInfo* aLoadInfo,
+ nsIChannel** result)
+ {
++#ifdef XP_UNIX
++ if (aLoadInfo && aLoadInfo->TriggeringPrincipal()) {
++ if (aLoadInfo->TriggeringPrincipal()->GetIsCodebasePrincipal()) {
++ return NS_ERROR_FILE_TARGET_DOES_NOT_EXIST;
++ }
++ }
++#endif
+ nsFileChannel *chan = new nsFileChannel(uri);
+ if (!chan)
+ return NS_ERROR_OUT_OF_MEMORY;
+--
+2.14.2
+
diff --git a/projects/firefox/build b/projects/firefox/build
index 8ff265d..97b148d 100644
--- a/projects/firefox/build
+++ b/projects/firefox/build
@@ -86,6 +86,10 @@ fi
export CC='gcc -m32'
[% END -%]
+[% IF c("var/linux") || c("var/osx") %]
+ patch -p1 < $rootdir/24052.patch
+[% END -%]
+
rm -f configure
rm -f js/src/configure
make -f client.mk configure CONFIGURE_ARGS="--with-tor-browser-version=[% c("var/torbrowser_version") %] --with-distribution-id=org.torproject --enable-update-channel=[% c("var/torbrowser_update_channel") %] --enable-bundled-fonts"
diff --git a/projects/firefox/config b/projects/firefox/config
index 85a4f00..c0c620f 100644
--- a/projects/firefox/config
+++ b/projects/firefox/config
@@ -81,6 +81,8 @@ input_files:
enable: '[% c("var/linux") %]'
- filename: fix-info-plist.py
enable: '[% c("var/osx") %]'
+ - filename: 24052.patch
+ enable: '[% c("var/linux") || c("var/osx") %]'
- URL: https://people.torproject.org/~gk/mirrors/sources/msvcr100.dll
sha256sum: 8793353461826fbd48f25ea8b835be204b758ce7510db2af631b28850355bd18
enable: '[% c("var/windows") %]'
More information about the tor-commits
mailing list