2019-09-05 14:57:01 +02:00
|
|
|
# HG changeset patch
|
2020-03-12 20:14:24 +01:00
|
|
|
# Parent b5471d23321d16a0bacc25b7afd27d2e16adba1a
|
2019-09-05 14:57:01 +02:00
|
|
|
Taken from https://bugzilla.mozilla.org/show_bug.cgi?id=1504834
|
|
|
|
|
- Mozilla Firefox 73.0
* Added support for setting a default zoom level applicable for all
web content
* High-contrast mode has been updated to allow background images
* Improved audio quality when playing back audio at a faster or
slower speed
* Added NextDNS as alternative option for DNS over HTTPS
MFSA 2020-05 (bsc#1163368)
* CVE-2020-6796 (bmo#1610426)
Missing bounds check on shared memory read in the parent process
* CVE-2020-6797 (bmo#1596668) (MacOS X only)
Extensions granted downloads.open permission could open arbitrary
applications on Mac OSX
* CVE-2020-6798 (bmo#1602944)
Incorrect parsing of template tag could result in JavaScript injection
* CVE-2020-6799 (bmo#1606596) (Windows only)
Arbitrary code execution when opening pdf links from other
applications, when Firefox is configured as default pdf reader
* CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
bmo#1608580,bmo#1608785,bmo#1605777)
Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
* CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492)
Memory safety bugs fixed in Firefox 73
- updated requirements
* rust >= 1.39
* NSS >= 3.49.2
* rust-cbindgen >= 0.12.0
- rebased patches
- removed obsolete patch
* mozilla-bmo1601707.patch
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802
2020-02-12 15:14:39 +01:00
|
|
|
diff --git a/gfx/2d/DrawTargetSkia.cpp b/gfx/2d/DrawTargetSkia.cpp
|
|
|
|
--- a/gfx/2d/DrawTargetSkia.cpp
|
|
|
|
+++ b/gfx/2d/DrawTargetSkia.cpp
|
2020-03-12 20:14:24 +01:00
|
|
|
@@ -130,18 +130,17 @@ static IntRect CalculateSurfaceBounds(co
|
- Mozilla Firefox 73.0
* Added support for setting a default zoom level applicable for all
web content
* High-contrast mode has been updated to allow background images
* Improved audio quality when playing back audio at a faster or
slower speed
* Added NextDNS as alternative option for DNS over HTTPS
MFSA 2020-05 (bsc#1163368)
* CVE-2020-6796 (bmo#1610426)
Missing bounds check on shared memory read in the parent process
* CVE-2020-6797 (bmo#1596668) (MacOS X only)
Extensions granted downloads.open permission could open arbitrary
applications on Mac OSX
* CVE-2020-6798 (bmo#1602944)
Incorrect parsing of template tag could result in JavaScript injection
* CVE-2020-6799 (bmo#1606596) (Windows only)
Arbitrary code execution when opening pdf links from other
applications, when Firefox is configured as default pdf reader
* CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
bmo#1608580,bmo#1608785,bmo#1605777)
Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
* CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492)
Memory safety bugs fixed in Firefox 73
- updated requirements
* rust >= 1.39
* NSS >= 3.49.2
* rust-cbindgen >= 0.12.0
- rebased patches
- removed obsolete patch
* mozilla-bmo1601707.patch
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802
2020-02-12 15:14:39 +01:00
|
|
|
Rect sampledBounds = inverse.TransformBounds(*aBounds);
|
|
|
|
if (!sampledBounds.ToIntRect(&bounds)) {
|
|
|
|
return surfaceBounds;
|
|
|
|
}
|
|
|
|
|
2019-09-05 14:57:01 +02:00
|
|
|
return surfaceBounds.Intersect(bounds);
|
|
|
|
}
|
|
|
|
|
|
|
|
-static const int kARGBAlphaOffset =
|
|
|
|
- SurfaceFormat::A8R8G8B8_UINT32 == SurfaceFormat::B8G8R8A8 ? 3 : 0;
|
|
|
|
+static const int kARGBAlphaOffset = 0; // Skia is always BGRA SurfaceFormat::A8R8G8B8_UINT32 == SurfaceFormat::B8G8R8A8 ? 3 : 0;
|
|
|
|
|
|
|
|
static bool VerifyRGBXFormat(uint8_t* aData, const IntSize& aSize,
|
|
|
|
const int32_t aStride, SurfaceFormat aFormat) {
|
- Mozilla Firefox 73.0
* Added support for setting a default zoom level applicable for all
web content
* High-contrast mode has been updated to allow background images
* Improved audio quality when playing back audio at a faster or
slower speed
* Added NextDNS as alternative option for DNS over HTTPS
MFSA 2020-05 (bsc#1163368)
* CVE-2020-6796 (bmo#1610426)
Missing bounds check on shared memory read in the parent process
* CVE-2020-6797 (bmo#1596668) (MacOS X only)
Extensions granted downloads.open permission could open arbitrary
applications on Mac OSX
* CVE-2020-6798 (bmo#1602944)
Incorrect parsing of template tag could result in JavaScript injection
* CVE-2020-6799 (bmo#1606596) (Windows only)
Arbitrary code execution when opening pdf links from other
applications, when Firefox is configured as default pdf reader
* CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
bmo#1608580,bmo#1608785,bmo#1605777)
Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
* CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492)
Memory safety bugs fixed in Firefox 73
- updated requirements
* rust >= 1.39
* NSS >= 3.49.2
* rust-cbindgen >= 0.12.0
- rebased patches
- removed obsolete patch
* mozilla-bmo1601707.patch
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802
2020-02-12 15:14:39 +01:00
|
|
|
if (aFormat != SurfaceFormat::B8G8R8X8 || aSize.IsEmpty()) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
// We should've initialized the data to be opaque already
|
|
|
|
// On debug builds, verify that this is actually true.
|
|
|
|
diff --git a/gfx/2d/Types.h b/gfx/2d/Types.h
|
|
|
|
--- a/gfx/2d/Types.h
|
|
|
|
+++ b/gfx/2d/Types.h
|
2020-03-12 20:14:24 +01:00
|
|
|
@@ -84,25 +84,18 @@ enum class SurfaceFormat : int8_t {
|
- Mozilla Firefox 73.0
* Added support for setting a default zoom level applicable for all
web content
* High-contrast mode has been updated to allow background images
* Improved audio quality when playing back audio at a faster or
slower speed
* Added NextDNS as alternative option for DNS over HTTPS
MFSA 2020-05 (bsc#1163368)
* CVE-2020-6796 (bmo#1610426)
Missing bounds check on shared memory read in the parent process
* CVE-2020-6797 (bmo#1596668) (MacOS X only)
Extensions granted downloads.open permission could open arbitrary
applications on Mac OSX
* CVE-2020-6798 (bmo#1602944)
Incorrect parsing of template tag could result in JavaScript injection
* CVE-2020-6799 (bmo#1606596) (Windows only)
Arbitrary code execution when opening pdf links from other
applications, when Firefox is configured as default pdf reader
* CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
bmo#1608580,bmo#1608785,bmo#1605777)
Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
* CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492)
Memory safety bugs fixed in Firefox 73
- updated requirements
* rust >= 1.39
* NSS >= 3.49.2
* rust-cbindgen >= 0.12.0
- rebased patches
- removed obsolete patch
* mozilla-bmo1601707.patch
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802
2020-02-12 15:14:39 +01:00
|
|
|
Depth,
|
|
|
|
|
|
|
|
// This represents the unknown format.
|
|
|
|
UNKNOWN,
|
|
|
|
|
2019-09-05 14:57:01 +02:00
|
|
|
// The following values are endian-independent synonyms. The _UINT32 suffix
|
|
|
|
// indicates that the name reflects the layout when viewed as a uint32_t
|
|
|
|
// value.
|
- Mozilla Firefox 73.0
* Added support for setting a default zoom level applicable for all
web content
* High-contrast mode has been updated to allow background images
* Improved audio quality when playing back audio at a faster or
slower speed
* Added NextDNS as alternative option for DNS over HTTPS
MFSA 2020-05 (bsc#1163368)
* CVE-2020-6796 (bmo#1610426)
Missing bounds check on shared memory read in the parent process
* CVE-2020-6797 (bmo#1596668) (MacOS X only)
Extensions granted downloads.open permission could open arbitrary
applications on Mac OSX
* CVE-2020-6798 (bmo#1602944)
Incorrect parsing of template tag could result in JavaScript injection
* CVE-2020-6799 (bmo#1606596) (Windows only)
Arbitrary code execution when opening pdf links from other
applications, when Firefox is configured as default pdf reader
* CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
bmo#1608580,bmo#1608785,bmo#1605777)
Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
* CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492)
Memory safety bugs fixed in Firefox 73
- updated requirements
* rust >= 1.39
* NSS >= 3.49.2
* rust-cbindgen >= 0.12.0
- rebased patches
- removed obsolete patch
* mozilla-bmo1601707.patch
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802
2020-02-12 15:14:39 +01:00
|
|
|
-#if MOZ_LITTLE_ENDIAN()
|
2019-09-05 14:57:01 +02:00
|
|
|
A8R8G8B8_UINT32 = B8G8R8A8, // 0xAARRGGBB
|
2020-01-08 12:59:18 +01:00
|
|
|
X8R8G8B8_UINT32 = B8G8R8X8, // 0x00RRGGBB
|
- Mozilla Firefox 73.0
* Added support for setting a default zoom level applicable for all
web content
* High-contrast mode has been updated to allow background images
* Improved audio quality when playing back audio at a faster or
slower speed
* Added NextDNS as alternative option for DNS over HTTPS
MFSA 2020-05 (bsc#1163368)
* CVE-2020-6796 (bmo#1610426)
Missing bounds check on shared memory read in the parent process
* CVE-2020-6797 (bmo#1596668) (MacOS X only)
Extensions granted downloads.open permission could open arbitrary
applications on Mac OSX
* CVE-2020-6798 (bmo#1602944)
Incorrect parsing of template tag could result in JavaScript injection
* CVE-2020-6799 (bmo#1606596) (Windows only)
Arbitrary code execution when opening pdf links from other
applications, when Firefox is configured as default pdf reader
* CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
bmo#1608580,bmo#1608785,bmo#1605777)
Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
* CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492)
Memory safety bugs fixed in Firefox 73
- updated requirements
* rust >= 1.39
* NSS >= 3.49.2
* rust-cbindgen >= 0.12.0
- rebased patches
- removed obsolete patch
* mozilla-bmo1601707.patch
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802
2020-02-12 15:14:39 +01:00
|
|
|
-#elif MOZ_BIG_ENDIAN()
|
2019-09-05 14:57:01 +02:00
|
|
|
- A8R8G8B8_UINT32 = A8R8G8B8, // 0xAARRGGBB
|
2020-01-08 12:59:18 +01:00
|
|
|
- X8R8G8B8_UINT32 = X8R8G8B8, // 0x00RRGGBB
|
2019-09-05 14:57:01 +02:00
|
|
|
-#else
|
|
|
|
-# error "bad endianness"
|
|
|
|
-#endif
|
|
|
|
|
2020-01-08 12:59:18 +01:00
|
|
|
// The following values are OS and endian-independent synonyms.
|
|
|
|
//
|
- Mozilla Firefox 73.0
* Added support for setting a default zoom level applicable for all
web content
* High-contrast mode has been updated to allow background images
* Improved audio quality when playing back audio at a faster or
slower speed
* Added NextDNS as alternative option for DNS over HTTPS
MFSA 2020-05 (bsc#1163368)
* CVE-2020-6796 (bmo#1610426)
Missing bounds check on shared memory read in the parent process
* CVE-2020-6797 (bmo#1596668) (MacOS X only)
Extensions granted downloads.open permission could open arbitrary
applications on Mac OSX
* CVE-2020-6798 (bmo#1602944)
Incorrect parsing of template tag could result in JavaScript injection
* CVE-2020-6799 (bmo#1606596) (Windows only)
Arbitrary code execution when opening pdf links from other
applications, when Firefox is configured as default pdf reader
* CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
bmo#1608580,bmo#1608785,bmo#1605777)
Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
* CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492)
Memory safety bugs fixed in Firefox 73
- updated requirements
* rust >= 1.39
* NSS >= 3.49.2
* rust-cbindgen >= 0.12.0
- rebased patches
- removed obsolete patch
* mozilla-bmo1601707.patch
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802
2020-02-12 15:14:39 +01:00
|
|
|
// TODO(aosmond): When everything blocking bug 1581828 has been resolved, we
|
|
|
|
// can make this use R8B8G8A8 and R8B8G8X8 for non-Windows platforms.
|
|
|
|
OS_RGBA = A8R8G8B8_UINT32,
|
|
|
|
OS_RGBX = X8R8G8B8_UINT32
|
|
|
|
};
|
|
|
|
diff --git a/gfx/skia/skia/third_party/skcms/skcms.cc b/gfx/skia/skia/third_party/skcms/skcms.cc
|
|
|
|
--- a/gfx/skia/skia/third_party/skcms/skcms.cc
|
|
|
|
+++ b/gfx/skia/skia/third_party/skcms/skcms.cc
|
|
|
|
@@ -25,16 +25,18 @@
|
|
|
|
// it'd be a lot slower. But we want all those headers included so we
|
|
|
|
// can use their features after runtime checks later.
|
|
|
|
#include <smmintrin.h>
|
|
|
|
#include <avxintrin.h>
|
|
|
|
#include <avx2intrin.h>
|
2020-01-08 12:59:18 +01:00
|
|
|
#include <avx512fintrin.h>
|
|
|
|
#include <avx512dqintrin.h>
|
|
|
|
#endif
|
2019-09-05 14:57:01 +02:00
|
|
|
+#else
|
|
|
|
+ #define SKCMS_PORTABLE
|
|
|
|
#endif
|
|
|
|
|
|
|
|
// sizeof(x) will return size_t, which is 32-bit on some machines and 64-bit on others.
|
- Mozilla Firefox 73.0
* Added support for setting a default zoom level applicable for all
web content
* High-contrast mode has been updated to allow background images
* Improved audio quality when playing back audio at a faster or
slower speed
* Added NextDNS as alternative option for DNS over HTTPS
MFSA 2020-05 (bsc#1163368)
* CVE-2020-6796 (bmo#1610426)
Missing bounds check on shared memory read in the parent process
* CVE-2020-6797 (bmo#1596668) (MacOS X only)
Extensions granted downloads.open permission could open arbitrary
applications on Mac OSX
* CVE-2020-6798 (bmo#1602944)
Incorrect parsing of template tag could result in JavaScript injection
* CVE-2020-6799 (bmo#1606596) (Windows only)
Arbitrary code execution when opening pdf links from other
applications, when Firefox is configured as default pdf reader
* CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
bmo#1608580,bmo#1608785,bmo#1605777)
Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
* CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492)
Memory safety bugs fixed in Firefox 73
- updated requirements
* rust >= 1.39
* NSS >= 3.49.2
* rust-cbindgen >= 0.12.0
- rebased patches
- removed obsolete patch
* mozilla-bmo1601707.patch
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802
2020-02-12 15:14:39 +01:00
|
|
|
// We have better testing on 64-bit machines, so force 32-bit machines to behave like 64-bit.
|
|
|
|
//
|
|
|
|
// Please do not use sizeof() directly, and size_t only when required.
|
|
|
|
// (We have no way of enforcing these requests...)
|
|
|
|
#define SAFE_SIZEOF(x) ((uint64_t)sizeof(x))
|
|
|
|
@@ -275,30 +277,38 @@ enum {
|
|
|
|
skcms_Signature_sf32 = 0x73663332,
|
|
|
|
// XYZ is also a PCS signature, so it's defined in skcms.h
|
|
|
|
// skcms_Signature_XYZ = 0x58595A20,
|
|
|
|
};
|
|
|
|
|
2019-09-05 14:57:01 +02:00
|
|
|
static uint16_t read_big_u16(const uint8_t* ptr) {
|
|
|
|
uint16_t be;
|
|
|
|
memcpy(&be, ptr, sizeof(be));
|
|
|
|
-#if defined(_MSC_VER)
|
|
|
|
+#if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
|
|
|
|
+ return be;
|
|
|
|
+#else
|
|
|
|
+ #if defined(_MSC_VER)
|
|
|
|
return _byteswap_ushort(be);
|
|
|
|
-#else
|
|
|
|
+ #else
|
|
|
|
return __builtin_bswap16(be);
|
|
|
|
+ #endif
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
|
|
|
static uint32_t read_big_u32(const uint8_t* ptr) {
|
|
|
|
uint32_t be;
|
|
|
|
memcpy(&be, ptr, sizeof(be));
|
|
|
|
-#if defined(_MSC_VER)
|
|
|
|
+#if __BYTE_ORDER == __ORDER_BIG_ENDIAN__
|
|
|
|
+ return be;
|
|
|
|
+#else
|
|
|
|
+ #if defined(_MSC_VER)
|
|
|
|
return _byteswap_ulong(be);
|
|
|
|
-#else
|
|
|
|
+ #else
|
|
|
|
return __builtin_bswap32(be);
|
|
|
|
+ #endif
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
- Mozilla Firefox 73.0
* Added support for setting a default zoom level applicable for all
web content
* High-contrast mode has been updated to allow background images
* Improved audio quality when playing back audio at a faster or
slower speed
* Added NextDNS as alternative option for DNS over HTTPS
MFSA 2020-05 (bsc#1163368)
* CVE-2020-6796 (bmo#1610426)
Missing bounds check on shared memory read in the parent process
* CVE-2020-6797 (bmo#1596668) (MacOS X only)
Extensions granted downloads.open permission could open arbitrary
applications on Mac OSX
* CVE-2020-6798 (bmo#1602944)
Incorrect parsing of template tag could result in JavaScript injection
* CVE-2020-6799 (bmo#1606596) (Windows only)
Arbitrary code execution when opening pdf links from other
applications, when Firefox is configured as default pdf reader
* CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
bmo#1608580,bmo#1608785,bmo#1605777)
Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
* CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492)
Memory safety bugs fixed in Firefox 73
- updated requirements
* rust >= 1.39
* NSS >= 3.49.2
* rust-cbindgen >= 0.12.0
- rebased patches
- removed obsolete patch
* mozilla-bmo1601707.patch
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802
2020-02-12 15:14:39 +01:00
|
|
|
static int32_t read_big_i32(const uint8_t* ptr) {
|
|
|
|
return (int32_t)read_big_u32(ptr);
|
|
|
|
}
|
|
|
|
|
|
|
|
static float read_big_fixed(const uint8_t* ptr) {
|