Received: by mail.netbsd.org (Postfix, from userid 605) id 829F384D78; Sat, 30 May 2020 08:02:54 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 0B70584D65 for ; Sat, 30 May 2020 08:02:54 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id wKwSQrI8ZdPi for ; Sat, 30 May 2020 08:02:53 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id 3CA1984CCD for ; Sat, 30 May 2020 08:02:53 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 30F9BFB27; Sat, 30 May 2020 08:02:53 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1590825773255790" MIME-Version: 1.0 Date: Sat, 30 May 2020 08:02:53 +0000 From: "Roland Illig" Subject: CVS commit: pkgsrc/www/firefox To: pkgsrc-changes@NetBSD.org Reply-To: rillig@netbsd.org X-Mailer: log_accum Message-Id: <20200530080253.30F9BFB27@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_1590825773255790 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: rillig Date: Sat May 30 08:02:53 UTC 2020 Modified Files: pkgsrc/www/firefox: Makefile distinfo Added Files: pkgsrc/www/firefox/patches: patch-gfx_cairo_cairo_src_cairo-type1-subset.c patch-media_libtheora_lib_info.c patch-media_libvorbis_lib_vorbis__info.c patch-security_nss_lib_freebl_mpi_mpi.c Log Message: www/firefox: fix argument range for functions To generate a diff of this commit: cvs rdiff -u -r1.426 -r1.427 pkgsrc/www/firefox/Makefile cvs rdiff -u -r1.394 -r1.395 pkgsrc/www/firefox/distinfo cvs rdiff -u -r0 -r1.1 \ pkgsrc/www/firefox/patches/patch-gfx_cairo_cairo_src_cairo-type1-subset.c \ pkgsrc/www/firefox/patches/patch-media_libvorbis_lib_vorbis__info.c \ pkgsrc/www/firefox/patches/patch-security_nss_lib_freebl_mpi_mpi.c cvs rdiff -u -r0 -r1.4 \ pkgsrc/www/firefox/patches/patch-media_libtheora_lib_info.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1590825773255790 Content-Disposition: inline Content-Length: 7752 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/www/firefox/Makefile diff -u pkgsrc/www/firefox/Makefile:1.426 pkgsrc/www/firefox/Makefile:1.427 --- pkgsrc/www/firefox/Makefile:1.426 Sat May 9 22:20:44 2020 +++ pkgsrc/www/firefox/Makefile Sat May 30 08:02:52 2020 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.426 2020/05/09 22:20:44 ryoon Exp $ +# $NetBSD: Makefile,v 1.427 2020/05/30 08:02:52 rillig Exp $ FIREFOX_VER= ${MOZ_BRANCH}${MOZ_BRANCH_MINOR} MOZ_BRANCH= 76.0 @@ -6,6 +6,7 @@ MOZ_BRANCH_MINOR= .1 DISTNAME= firefox-${FIREFOX_VER}.source PKGNAME= ${DISTNAME:S/.source//:S/b/beta/:S/esr//} +PKGREVISION= 1 CATEGORIES= www MASTER_SITES+= ${MASTER_SITE_MOZILLA:=firefox/releases/${FIREFOX_VER}/source/} EXTRACT_SUFX= .tar.xz Index: pkgsrc/www/firefox/distinfo diff -u pkgsrc/www/firefox/distinfo:1.394 pkgsrc/www/firefox/distinfo:1.395 --- pkgsrc/www/firefox/distinfo:1.394 Sat May 9 22:20:44 2020 +++ pkgsrc/www/firefox/distinfo Sat May 30 08:02:52 2020 @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.394 2020/05/09 22:20:44 ryoon Exp $ +$NetBSD: distinfo,v 1.395 2020/05/30 08:02:52 rillig Exp $ SHA1 (firefox-76.0.1.source.tar.xz) = 7713e5e25b9ae1344f2f3dbbb6cd49c147ed73c0 RMD160 (firefox-76.0.1.source.tar.xz) = dcadde9ab0c3c566396dc9f51ff2348d95d143d6 @@ -13,6 +13,7 @@ SHA1 (patch-dom_base_nsAttrName.h) = ac7 SHA1 (patch-dom_media_CubebUtils.cpp) = 226821d961039ae5c9c50d8615757b73c6bcd80a SHA1 (patch-gfx_angle_checkout_src_common_third__party_smhasher_src_PMurHash.cpp) = e458c9c8dc66edc69c1874734af28a77fc5e3993 SHA1 (patch-gfx_angle_checkout_src_compiler_translator_InfoSink.h) = 2f73c76c48852613e0c55c1680fcc2a9eb3cf4ef +SHA1 (patch-gfx_cairo_cairo_src_cairo-type1-subset.c) = 89a9d934ef76706c552c0b81e6cbc0f45b1ffd2c SHA1 (patch-gfx_skia_skia_src_core_SkCpu.cpp) = 36218819254f3681b9c717d652ea78c9f20d49ad SHA1 (patch-image_imgFrame.h) = f42357044238b1dcaa555e57c23287b1b573b895 SHA1 (patch-ipc_chromium_src_base_lock__impl__posix.cc) = d84d9b4d416e049423120dcbf9199644ce1c93ab @@ -27,7 +28,10 @@ SHA1 (patch-media_ffvpx_libavutil_arm_bs SHA1 (patch-media_libcubeb_src_cubeb__alsa.c) = 31536f36cb33f16da309527b50eda9b721608115 SHA1 (patch-media_libcubeb_src_moz.build) = e4e64a1135cf4157ae5b6f7c1710ebd076953479 SHA1 (patch-media_libpng_pngpriv.h) = c8084332560017cd7c9b519b61d125fa28af0dbc +SHA1 (patch-media_libtheora_lib_info.c) = f6dbf536d73859a1ff78304c2e9f6a6f74dac01f +SHA1 (patch-media_libvorbis_lib_vorbis__info.c) = b6b1a84a095db8459bdff24c04f4d56886ddbe45 SHA1 (patch-nsprpub_pr_src_pthreads_ptsynch.c) = 13e512c7ee9fa1e14ba415d62fa853e5fbfc91c0 +SHA1 (patch-security_nss_lib_freebl_mpi_mpi.c) = a7cd867916524770609d1c307a65b315b88456f4 SHA1 (patch-third__party_rust_libc_src_unix_bsd_netbsdlike_netbsd_mod.rs) = 3755f32fea84900cc0f00af3d9f53ed5fcfb0b4b SHA1 (patch-toolkit_components_terminator_nsTerminator.cpp) = e5700d95302ef9672b404ab19e13ef7ba3ede5cf SHA1 (patch-toolkit_modules_subprocess_subprocess__shared__unix.js) = 22a39e54e042ab2270a3cb54e4e307c8900cad12 Added files: Index: pkgsrc/www/firefox/patches/patch-gfx_cairo_cairo_src_cairo-type1-subset.c diff -u /dev/null pkgsrc/www/firefox/patches/patch-gfx_cairo_cairo_src_cairo-type1-subset.c:1.1 --- /dev/null Sat May 30 08:02:53 2020 +++ pkgsrc/www/firefox/patches/patch-gfx_cairo_cairo_src_cairo-type1-subset.c Sat May 30 08:02:52 2020 @@ -0,0 +1,19 @@ +$NetBSD: patch-gfx_cairo_cairo_src_cairo-type1-subset.c,v 1.1 2020/05/30 08:02:52 rillig Exp $ + +Fix undefined behavior when calling functions with illegal values. + +gfx/cairo/cairo/src/cairo-type1-subset.c:273:11: error: array subscript is of type 'char' [-Werror,-Wchar-subscripts] + +https://bugzilla.mozilla.org/show_bug.cgi?id=1642081 + +--- gfx/cairo/cairo/src/cairo-type1-subset.c.orig 2020-05-07 18:34:10.000000000 +0000 ++++ gfx/cairo/cairo/src/cairo-type1-subset.c +@@ -270,7 +270,7 @@ cairo_type1_font_subset_find_segments (c + font->eexec_segment = (char *) p + font->header_segment_size; + font->eexec_segment_is_ascii = TRUE; + for (i = 0; i < 4; i++) { +- if (!isxdigit(font->eexec_segment[i])) ++ if (!isxdigit((unsigned char) font->eexec_segment[i])) + font->eexec_segment_is_ascii = FALSE; + } + } Index: pkgsrc/www/firefox/patches/patch-media_libvorbis_lib_vorbis__info.c diff -u /dev/null pkgsrc/www/firefox/patches/patch-media_libvorbis_lib_vorbis__info.c:1.1 --- /dev/null Sat May 30 08:02:53 2020 +++ pkgsrc/www/firefox/patches/patch-media_libvorbis_lib_vorbis__info.c Sat May 30 08:02:52 2020 @@ -0,0 +1,19 @@ +$NetBSD: patch-media_libvorbis_lib_vorbis__info.c,v 1.1 2020/05/30 08:02:52 rillig Exp $ + +Fix undefined behavior when calling functions with illegal values. + +media/libvorbis/lib/vorbis_info.c:81:8: error: array subscript is of type 'char' [-Werror,-Wchar-subscripts] + +https://bugzilla.mozilla.org/show_bug.cgi?id=1642081 + +--- media/libvorbis/lib/vorbis_info.c.orig 2020-05-07 18:34:46.000000000 +0000 ++++ media/libvorbis/lib/vorbis_info.c +@@ -78,7 +78,7 @@ void vorbis_comment_add_tag(vorbis_comme + static int tagcompare(const char *s1, const char *s2, int n){ + int c=0; + while(c < n){ +- if(toupper(s1[c]) != toupper(s2[c])) ++ if(toupper((unsigned char) s1[c]) != toupper((unsigned char) s2[c])) + return !0; + c++; + } Index: pkgsrc/www/firefox/patches/patch-security_nss_lib_freebl_mpi_mpi.c diff -u /dev/null pkgsrc/www/firefox/patches/patch-security_nss_lib_freebl_mpi_mpi.c:1.1 --- /dev/null Sat May 30 08:02:53 2020 +++ pkgsrc/www/firefox/patches/patch-security_nss_lib_freebl_mpi_mpi.c Sat May 30 08:02:52 2020 @@ -0,0 +1,35 @@ +$NetBSD: patch-security_nss_lib_freebl_mpi_mpi.c,v 1.1 2020/05/30 08:02:52 rillig Exp $ + +Fix undefined behavior when calling functions with illegal values. + +security/nss/lib/freebl/mpi/mpi.c:4565:15: error: array subscript is of type 'char' [-Werror,-Wchar-subscripts] + xch = toupper(ch); + +security/nss/lib/freebl/mpi/mpi.c:4611:14: error: array subscript is of type 'char' [-Werror,-Wchar-subscripts] + ch = tolower(ch); + +https://bugzilla.mozilla.org/show_bug.cgi?id=1642081 + +--- security/nss/lib/freebl/mpi/mpi.c.orig 2020-05-07 18:35:01.000000000 +0000 ++++ security/nss/lib/freebl/mpi/mpi.c +@@ -4560,9 +4560,9 @@ s_mp_tovalue(char ch, int r) + int val, xch; + + if (r > 36) +- xch = ch; ++ xch = (unsigned char) ch; + else +- xch = toupper(ch); ++ xch = toupper((unsigned char) ch); + + if (isdigit(xch)) + val = xch - '0'; +@@ -4608,7 +4608,7 @@ s_mp_todigit(mp_digit val, int r, int lo + ch = s_dmap_1[val]; + + if (r <= 36 && low) +- ch = tolower(ch); ++ ch = tolower((unsigned char) ch); + + return ch; + Index: pkgsrc/www/firefox/patches/patch-media_libtheora_lib_info.c diff -u /dev/null pkgsrc/www/firefox/patches/patch-media_libtheora_lib_info.c:1.4 --- /dev/null Sat May 30 08:02:53 2020 +++ pkgsrc/www/firefox/patches/patch-media_libtheora_lib_info.c Sat May 30 08:02:52 2020 @@ -0,0 +1,19 @@ +$NetBSD: patch-media_libtheora_lib_info.c,v 1.4 2020/05/30 08:02:52 rillig Exp $ + +Fix undefined behavior when calling functions with illegal values. + +media/libtheora/lib/info.c:32:8: error: array subscript is of type 'char' [-Werror,-Wchar-subscripts] + +https://bugzilla.mozilla.org/show_bug.cgi?id=1642081 + +--- media/libtheora/lib/info.c.orig 2020-05-07 18:34:12.000000000 +0000 ++++ media/libtheora/lib/info.c +@@ -29,7 +29,7 @@ + static int oc_tagcompare(const char *_s1,const char *_s2,int _n){ + int c; + for(c=0;c<_n;c++){ +- if(toupper(_s1[c])!=toupper(_s2[c]))return !0; ++ if(toupper((unsigned char)_s1[c])!=toupper((unsigned char)_s2[c]))return !0; + } + return _s1[c]!='='; + } --_----------=_1590825773255790--