From 5fcc9b3d74800a59250e8f3a39294b309a96ca48 Mon Sep 17 00:00:00 2001 From: Juan RP Date: Thu, 26 May 2016 06:56:12 +0200 Subject: [PATCH] firefox: fix stack overflow in brotli with musl (via Alpine). --- .../firefox/patches/fix-stack-overflow.patch | 43 +++++++++++++++++++ srcpkgs/firefox/template | 2 +- 2 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 srcpkgs/firefox/patches/fix-stack-overflow.patch diff --git a/srcpkgs/firefox/patches/fix-stack-overflow.patch b/srcpkgs/firefox/patches/fix-stack-overflow.patch new file mode 100644 index 0000000000..9c94956d75 --- /dev/null +++ b/srcpkgs/firefox/patches/fix-stack-overflow.patch @@ -0,0 +1,43 @@ +https://bugs.alpinelinux.org/issues/5559 +https://bugzilla.mozilla.org/show_bug.cgi?id=1274732 + +--- netwerk/streamconv/converters/nsHTTPCompressConv.cpp ++++ netwerk/streamconv/converters/nsHTTPCompressConv.cpp +@@ -165,9 +165,8 @@ nsHTTPCompressConv::BrotliHandler(nsIInputStream *stream, void *closure, const c + nsHTTPCompressConv *self = static_cast(closure); + *countRead = 0; + +- const uint32_t kOutSize = 128 * 1024; // just a chunk size, we call in a loop +- unsigned char outBuffer[kOutSize]; +- unsigned char *outPtr; ++ const size_t kOutSize = 128 * 1024; // just a chunk size, we call in a loop ++ uint8_t *outPtr; + size_t outSize; + size_t avail = aAvail; + BrotliResult res; +@@ -177,9 +176,15 @@ nsHTTPCompressConv::BrotliHandler(nsIInputStream *stream, void *closure, const c + return NS_OK; + } + ++ auto outBuffer = MakeUniqueFallible(kOutSize); ++ if (outBuffer == nullptr) { ++ self->mBrotli->mStatus = NS_ERROR_OUT_OF_MEMORY; ++ return self->mBrotli->mStatus; ++ } ++ + do { + outSize = kOutSize; +- outPtr = outBuffer; ++ outPtr = outBuffer.get(); + + // brotli api is documented in brotli/dec/decode.h and brotli/dec/decode.c + LOG(("nsHttpCompresssConv %p brotlihandler decompress %d\n", self, avail)); +@@ -210,7 +215,7 @@ nsHTTPCompressConv::BrotliHandler(nsIInputStream *stream, void *closure, const c + nsresult rv = self->do_OnDataAvailable(self->mBrotli->mRequest, + self->mBrotli->mContext, + self->mBrotli->mSourceOffset, +- reinterpret_cast(outBuffer), ++ reinterpret_cast(outBuffer.get()), + outSize); + LOG(("nsHttpCompressConv %p BrotliHandler ODA rv=%x", self, rv)); + if (NS_FAILED(rv)) { diff --git a/srcpkgs/firefox/template b/srcpkgs/firefox/template index c0ea7510a3..af3085b2bc 100644 --- a/srcpkgs/firefox/template +++ b/srcpkgs/firefox/template @@ -1,7 +1,7 @@ # Template build file for 'firefox'. pkgname=firefox version=46.0.1 -revision=1 +revision=2 short_desc="Lightweight gecko-based web browser" maintainer="Juan RP " homepage="https://www.mozilla.org/firefox/"