d873e57e81
https://www.mozilla.org/en-US/firefox/131.0/releasenotes/ MFSA 2024-46 (bsc#1230979) * CVE-2024-9391 (bmo#1892407) Prevent users from exiting full-screen mode in Firefox Focus for Android * CVE-2024-9392 (bmo#1899154, bmo#1905843) Compromised content process can bypass site isolation * CVE-2024-9393 (bmo#1918301) Cross-origin access to PDF contents through multipart responses * CVE-2024-9394 (bmo#1918874) Cross-origin access to JSON contents through multipart responses * CVE-2024-9395 (bmo#1906024) Specially crafted filename could be used to obscure download type * CVE-2024-9396 (bmo#1912471) Potential memory corruption may occur when cloning certain objects * CVE-2024-9397 (bmo#1916659) Potential directory upload bypass via clickjacking * CVE-2024-9398 (bmo#1881037) External protocol handlers could be enumerated via popups * CVE-2024-9399 (bmo#1907726) Specially crafted WebTransport requests could lead to denial of service * CVE-2024-9400 (bmo#1915249) Potential memory corruption during JIT compilation * CVE-2024-9401 (bmo#1872744, bmo#1897792, bmo#1911317, bmo#1916476) Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 * CVE-2024-9402 (bmo#1872744, bmo#1897792, bmo#1911317, bmo#1913445, bmo#1914106, bmo#1914475, bmo#1914963, bmo#1915008, bmo#1916476) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1178
130 lines
4.0 KiB
Diff
130 lines
4.0 KiB
Diff
# HG changeset patch
|
|
# Parent e31f5228a09ed69d7ac3c84e54f0faa6a5910ae0
|
|
Taken from https://bugzilla.mozilla.org/show_bug.cgi?id=1504834
|
|
|
|
diff --git a/gfx/2d/DrawTargetSkia.cpp b/gfx/2d/DrawTargetSkia.cpp
|
|
--- a/gfx/2d/DrawTargetSkia.cpp
|
|
+++ b/gfx/2d/DrawTargetSkia.cpp
|
|
@@ -155,17 +155,18 @@ static IntRect CalculateSurfaceBounds(co
|
|
if (!sampledBounds.ToIntRect(&bounds)) {
|
|
return surfaceBounds;
|
|
}
|
|
|
|
return surfaceBounds.Intersect(bounds);
|
|
}
|
|
|
|
static const int kARGBAlphaOffset =
|
|
- SurfaceFormat::A8R8G8B8_UINT32 == SurfaceFormat::B8G8R8A8 ? 3 : 0;
|
|
+ 0; // Skia is always BGRA SurfaceFormat::A8R8G8B8_UINT32 ==
|
|
+ // SurfaceFormat::B8G8R8A8 ? 3 : 0;
|
|
|
|
static bool VerifyRGBXFormat(uint8_t* aData, const IntSize& aSize,
|
|
const int32_t aStride, SurfaceFormat aFormat) {
|
|
if (aFormat != SurfaceFormat::B8G8R8X8 || aSize.IsEmpty()) {
|
|
return true;
|
|
}
|
|
// We should've initialized the data to be opaque already
|
|
// On debug builds, verify that this is actually true.
|
|
diff --git a/gfx/2d/Types.h b/gfx/2d/Types.h
|
|
--- a/gfx/2d/Types.h
|
|
+++ b/gfx/2d/Types.h
|
|
@@ -94,28 +94,21 @@ enum class SurfaceFormat : int8_t {
|
|
// this format.
|
|
HSV,
|
|
Lab,
|
|
Depth,
|
|
|
|
// This represents the unknown format.
|
|
UNKNOWN, // TODO: Replace uses with Maybe<SurfaceFormat>.
|
|
|
|
-// The following values are endian-independent synonyms. The _UINT32 suffix
|
|
-// indicates that the name reflects the layout when viewed as a uint32_t
|
|
-// value.
|
|
-#if MOZ_LITTLE_ENDIAN()
|
|
+ // The following values are endian-independent synonyms. The _UINT32 suffix
|
|
+ // indicates that the name reflects the layout when viewed as a uint32_t
|
|
+ // value.
|
|
A8R8G8B8_UINT32 = B8G8R8A8, // 0xAARRGGBB
|
|
X8R8G8B8_UINT32 = B8G8R8X8, // 0x00RRGGBB
|
|
-#elif MOZ_BIG_ENDIAN()
|
|
- A8R8G8B8_UINT32 = A8R8G8B8, // 0xAARRGGBB
|
|
- X8R8G8B8_UINT32 = X8R8G8B8, // 0x00RRGGBB
|
|
-#else
|
|
-# error "bad endianness"
|
|
-#endif
|
|
|
|
// The following values are OS and endian-independent synonyms.
|
|
//
|
|
// TODO(aosmond): When everything blocking bug 1581828 has been resolved, we
|
|
// can make this use R8B8G8A8 and R8B8G8X8 for non-Windows platforms.
|
|
OS_RGBA = A8R8G8B8_UINT32,
|
|
OS_RGBX = X8R8G8B8_UINT32
|
|
};
|
|
diff --git a/gfx/skia/skia/modules/skcms/skcms.cc b/gfx/skia/skia/modules/skcms/skcms.cc
|
|
--- a/gfx/skia/skia/modules/skcms/skcms.cc
|
|
+++ b/gfx/skia/skia/modules/skcms/skcms.cc
|
|
@@ -26,16 +26,18 @@
|
|
// it'd be a lot slower. But we want all those headers included so we
|
|
// can use their features after runtime checks later.
|
|
#include <smmintrin.h>
|
|
#include <avxintrin.h>
|
|
#include <avx2intrin.h>
|
|
#include <avx512fintrin.h>
|
|
#include <avx512dqintrin.h>
|
|
#endif
|
|
+#else
|
|
+ #define SKCMS_PORTABLE
|
|
#endif
|
|
|
|
using namespace skcms_private;
|
|
|
|
static bool sAllowRuntimeCPUDetection = true;
|
|
|
|
void skcms_DisableRuntimeCPUDetection() {
|
|
sAllowRuntimeCPUDetection = false;
|
|
@@ -319,30 +321,38 @@ enum {
|
|
skcms_Signature_sf32 = 0x73663332,
|
|
// XYZ is also a PCS signature, so it's defined in skcms.h
|
|
// skcms_Signature_XYZ = 0x58595A20,
|
|
};
|
|
|
|
static uint16_t read_big_u16(const uint8_t* ptr) {
|
|
uint16_t be;
|
|
memcpy(&be, ptr, sizeof(be));
|
|
-#if defined(_MSC_VER)
|
|
- return _byteswap_ushort(be);
|
|
+#if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
|
|
+ return be;
|
|
#else
|
|
- return __builtin_bswap16(be);
|
|
+ #if defined(_MSC_VER)
|
|
+ return _byteswap_ushort(be);
|
|
+ #else
|
|
+ return __builtin_bswap16(be);
|
|
+ #endif
|
|
#endif
|
|
}
|
|
|
|
static uint32_t read_big_u32(const uint8_t* ptr) {
|
|
uint32_t be;
|
|
memcpy(&be, ptr, sizeof(be));
|
|
-#if defined(_MSC_VER)
|
|
- return _byteswap_ulong(be);
|
|
+#if __BYTE_ORDER == __ORDER_BIG_ENDIAN__
|
|
+ return be;
|
|
#else
|
|
- return __builtin_bswap32(be);
|
|
+ #if defined(_MSC_VER)
|
|
+ return _byteswap_ulong(be);
|
|
+ #else
|
|
+ return __builtin_bswap32(be);
|
|
+ #endif
|
|
#endif
|
|
}
|
|
|
|
static int32_t read_big_i32(const uint8_t* ptr) {
|
|
return (int32_t)read_big_u32(ptr);
|
|
}
|
|
|
|
static float read_big_fixed(const uint8_t* ptr) {
|