Merge branch 'master' into security-updates

This commit is contained in:
Mark H Weaver 2016-03-12 15:07:41 -05:00
commit 2c9f0b0770
51 changed files with 3237 additions and 220 deletions

View File

@ -140,7 +140,13 @@ necessary to support this, including @env{PATH} and @env{GUILE_LOAD_PATH}.
Note that @command{./pre-inst-env guix pull} does @emph{not} upgrade the Note that @command{./pre-inst-env guix pull} does @emph{not} upgrade the
local source tree; it simply updates the @file{~/.config/guix/latest} local source tree; it simply updates the @file{~/.config/guix/latest}
symlink (@pxref{Invoking guix pull}). Run @command{git pull} instead if symlink (@pxref{Invoking guix pull}). Run @command{git pull} instead if
you want to upgrade your local source tree. you want to upgrade your local source tree.@footnote{If you would like
to set up @command{guix} to use your Git checkout, you can point the
@file{~/.config/guix/latest} symlink to your Git checkout directory.
If you are the sole user of your system, you may also consider pointing
the @file{/root/.config/guix/latest} symlink to point to
@file{~/.config/guix/latest}; this way it will always use the same
@command{guix} as your user does.}
@node The Perfect Setup @node The Perfect Setup

View File

@ -484,19 +484,21 @@ GNU Guix depends on the following packages:
The following dependencies are optional: The following dependencies are optional:
@itemize @itemize
@item
Installing @uref{http://gnutls.org/, GnuTLS-Guile} will allow you to
access @code{https} URLs for substitutes, which is highly recommended
(@pxref{Substitutes}). It also allows you to access HTTPS URLs with the
@command{guix download} command (@pxref{Invoking guix download}), the
@command{guix import pypi} command, and the @command{guix import cpan}
command. @xref{Guile Preparations, how to install the GnuTLS bindings
for Guile,, gnutls-guile, GnuTLS-Guile}.
@item @item
Installing Installing
@url{http://savannah.nongnu.org/projects/guile-json/, Guile-JSON} will @url{http://savannah.nongnu.org/projects/guile-json/, Guile-JSON} will
allow you to use the @command{guix import pypi} command (@pxref{Invoking allow you to use the @command{guix import pypi} command (@pxref{Invoking
guix import}). It is of guix import}). It is of
interest primarily for developers and not for casual users. interest primarily for developers and not for casual users.
@item
Installing @uref{http://gnutls.org/, GnuTLS-Guile} will
allow you to access @code{https} URLs with the @command{guix download}
command (@pxref{Invoking guix download}), the @command{guix import pypi}
command, and the @command{guix import cpan} command. This is primarily
of interest to developers. @xref{Guile Preparations, how to install the
GnuTLS bindings for Guile,, gnutls-guile, GnuTLS-Guile}.
@end itemize @end itemize
Unless @code{--disable-daemon} was passed to @command{configure}, the Unless @code{--disable-daemon} was passed to @command{configure}, the
@ -1350,7 +1352,7 @@ As an example, @var{file} might contain a definition like this
@verbatiminclude package-hello.scm @verbatiminclude package-hello.scm
@end example @end example
Developers may find it useful to include such a @file{package.scm} file Developers may find it useful to include such a @file{guix.scm} file
in the root of their project source tree that can be used to test in the root of their project source tree that can be used to test
development snapshots and create reproducible development environments development snapshots and create reproducible development environments
(@pxref{Invoking guix environment}). (@pxref{Invoking guix environment}).
@ -1703,6 +1705,13 @@ or to client tools such as @command{guix package}
(@pxref{client-substitute-urls,, client @option{--substitute-urls} (@pxref{client-substitute-urls,, client @option{--substitute-urls}
option}). option}).
Substitute URLs can be either HTTP or HTTPS@footnote{For HTTPS access,
the Guile bindings of GnuTLS must be installed. @xref{Requirements}.}
HTTPS is recommended because communications are encrypted; conversely,
using HTTP makes all communications visible to an eavesdropper, who
could use the information gathered to determine, for instance, whether
your system has unpatched security vulnerabilities.
@cindex security @cindex security
@cindex digital signatures @cindex digital signatures
To allow Guix to download substitutes from @code{hydra.gnu.org}, you To allow Guix to download substitutes from @code{hydra.gnu.org}, you
@ -1757,13 +1766,21 @@ one of the keys listed in the ACL. It also detects and raises an error
when attempting to use a substitute that has been tampered with. when attempting to use a substitute that has been tampered with.
@vindex http_proxy @vindex http_proxy
Substitutes are downloaded over HTTP. The @code{http_proxy} environment Substitutes are downloaded over HTTP or HTTPS.
The @code{http_proxy} environment
variable can be set in the environment of @command{guix-daemon} and is variable can be set in the environment of @command{guix-daemon} and is
honored for downloads of substitutes. Note that the value of honored for downloads of substitutes. Note that the value of
@code{http_proxy} in the environment where @command{guix build}, @code{http_proxy} in the environment where @command{guix build},
@command{guix package}, and other client commands are run has @command{guix package}, and other client commands are run has
@emph{absolutely no effect}. @emph{absolutely no effect}.
When using HTTPS, the server's X.509 certificate is @emph{not} validated
(in other words, the server is not authenticated), contrary to what
HTTPS clients such as Web browsers usually do. This is because Guix
authenticates substitute information itself, as explained above, which
is what we care about (whereas X.509 certificates are about
authenticating bindings between domain names and public keys.)
The substitute mechanism can be disabled globally by running The substitute mechanism can be disabled globally by running
@code{guix-daemon} with @code{--no-substitutes} (@pxref{Invoking @code{guix-daemon} with @code{--no-substitutes} (@pxref{Invoking
guix-daemon}). It can also be disabled temporarily by passing the guix-daemon}). It can also be disabled temporarily by passing the
@ -1771,6 +1788,8 @@ guix-daemon}). It can also be disabled temporarily by passing the
build}, and other command-line tools. build}, and other command-line tools.
@unnumberedsubsec On Trusting Binaries
Today, each individual's control over their own computing is at the Today, each individual's control over their own computing is at the
mercy of institutions, corporations, and groups with enough power and mercy of institutions, corporations, and groups with enough power and
determination to subvert the computing infrastructure and exploit its determination to subvert the computing infrastructure and exploit its

View File

@ -528,6 +528,23 @@ dist_patch_DATA = \
gnu/packages/patches/icecat-update-graphite2.patch \ gnu/packages/patches/icecat-update-graphite2.patch \
gnu/packages/patches/icecat-update-graphite2-pt2.patch \ gnu/packages/patches/icecat-update-graphite2-pt2.patch \
gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch \ gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch \
gnu/packages/patches/icecat-CVE-2015-4477.patch \
gnu/packages/patches/icecat-CVE-2015-7207.patch \
gnu/packages/patches/icecat-CVE-2016-1952-pt01.patch \
gnu/packages/patches/icecat-CVE-2016-1952-pt02.patch \
gnu/packages/patches/icecat-CVE-2016-1952-pt03.patch \
gnu/packages/patches/icecat-CVE-2016-1952-pt04.patch \
gnu/packages/patches/icecat-CVE-2016-1952-pt05.patch \
gnu/packages/patches/icecat-CVE-2016-1952-pt06.patch \
gnu/packages/patches/icecat-CVE-2016-1954.patch \
gnu/packages/patches/icecat-CVE-2016-1960.patch \
gnu/packages/patches/icecat-CVE-2016-1961.patch \
gnu/packages/patches/icecat-CVE-2016-1962.patch \
gnu/packages/patches/icecat-CVE-2016-1964.patch \
gnu/packages/patches/icecat-CVE-2016-1965.patch \
gnu/packages/patches/icecat-CVE-2016-1966.patch \
gnu/packages/patches/icecat-CVE-2016-1974.patch \
gnu/packages/patches/icecat-bug-1248851.patch \
gnu/packages/patches/icu4c-CVE-2014-6585.patch \ gnu/packages/patches/icu4c-CVE-2014-6585.patch \
gnu/packages/patches/icu4c-CVE-2015-1270.patch \ gnu/packages/patches/icu4c-CVE-2015-1270.patch \
gnu/packages/patches/icu4c-CVE-2015-4760.patch \ gnu/packages/patches/icu4c-CVE-2015-4760.patch \
@ -619,7 +636,6 @@ dist_patch_DATA = \
gnu/packages/patches/module-init-tools-moduledir.patch \ gnu/packages/patches/module-init-tools-moduledir.patch \
gnu/packages/patches/mumps-build-parallelism.patch \ gnu/packages/patches/mumps-build-parallelism.patch \
gnu/packages/patches/mupen64plus-ui-console-notice.patch \ gnu/packages/patches/mupen64plus-ui-console-notice.patch \
gnu/packages/patches/mupdf-buildsystem-fix.patch \
gnu/packages/patches/mutt-store-references.patch \ gnu/packages/patches/mutt-store-references.patch \
gnu/packages/patches/net-tools-bitrot.patch \ gnu/packages/patches/net-tools-bitrot.patch \
gnu/packages/patches/ngircd-handle-zombies.patch \ gnu/packages/patches/ngircd-handle-zombies.patch \
@ -752,6 +768,7 @@ dist_patch_DATA = \
gnu/packages/patches/util-linux-tests.patch \ gnu/packages/patches/util-linux-tests.patch \
gnu/packages/patches/upower-builddir.patch \ gnu/packages/patches/upower-builddir.patch \
gnu/packages/patches/valgrind-enable-arm.patch \ gnu/packages/patches/valgrind-enable-arm.patch \
gnu/packages/patches/vorbis-tools-CVE-2015-6749.patch \
gnu/packages/patches/vpnc-script.patch \ gnu/packages/patches/vpnc-script.patch \
gnu/packages/patches/vtk-mesa-10.patch \ gnu/packages/patches/vtk-mesa-10.patch \
gnu/packages/patches/w3m-libgc.patch \ gnu/packages/patches/w3m-libgc.patch \

View File

@ -9,6 +9,7 @@
;;; Copyright © 2016 Leo Famulari <leo@famulari.name> ;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016 Pjotr Prins <pjotr.guix@thebird.nl> ;;; Copyright © 2016 Pjotr Prins <pjotr.guix@thebird.nl>
;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -424,7 +425,7 @@ connection alive.")
(bind-minor-version "9") (bind-minor-version "9")
(bind-patch-version "8") (bind-patch-version "8")
(bind-release-type "-P") (bind-release-type "-P")
(bind-release-version "3") (bind-release-version "4")
(bind-version (string-append bind-major-version (bind-version (string-append bind-major-version
"." "."
bind-minor-version bind-minor-version
@ -540,7 +541,7 @@ connection alive.")
"/bind-" bind-version ".tar.gz")) "/bind-" bind-version ".tar.gz"))
(sha256 (sha256
(base32 (base32
"01qa17479jghy90lb2j8b1bpg3ay6k6aaajpigyirwzsvyc9yj3a")))) "1wl9kl0630dc1qjrf7fnp8cscagfm5qgmisi0zhr1p6iwi9bil2y"))))
;; When cross-compiling, we need the cross Coreutils and sed. ;; When cross-compiling, we need the cross Coreutils and sed.
;; Otherwise just use those from %FINAL-INPUTS. ;; Otherwise just use those from %FINAL-INPUTS.

View File

@ -3,6 +3,7 @@
;;; Copyright © 2015, 2016 Ben Woodcroft <donttrustben@gmail.com> ;;; Copyright © 2015, 2016 Ben Woodcroft <donttrustben@gmail.com>
;;; Copyright © 2015, 2016 Pjotr Prins <pjotr.guix@thebird.nl> ;;; Copyright © 2015, 2016 Pjotr Prins <pjotr.guix@thebird.nl>
;;; Copyright © 2015 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2016 Roel Janssen <roel@gnu.org>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -36,6 +37,7 @@
#:use-module (gnu packages autotools) #:use-module (gnu packages autotools)
#:use-module (gnu packages algebra) #:use-module (gnu packages algebra)
#:use-module (gnu packages base) #:use-module (gnu packages base)
#:use-module (gnu packages bison)
#:use-module (gnu packages boost) #:use-module (gnu packages boost)
#:use-module (gnu packages compression) #:use-module (gnu packages compression)
#:use-module (gnu packages cpio) #:use-module (gnu packages cpio)
@ -247,6 +249,47 @@ intervals from multiple files in widely-used genomic file formats such as BAM,
BED, GFF/GTF, VCF.") BED, GFF/GTF, VCF.")
(license license:gpl2))) (license license:gpl2)))
(define-public bioawk
(package
(name "bioawk")
(version "1.0")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/lh3/bioawk/archive/v"
version ".tar.gz"))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32 "1daizxsk17ahi9n58fj8vpgwyhzrzh54bzqhanjanp88kgrz7gjw"))))
(build-system gnu-build-system)
(inputs
`(("zlib" ,zlib)))
(native-inputs
`(("bison" ,bison)))
(arguments
`(#:tests? #f ; There are no tests to run.
;; Bison must generate files, before other targets can build.
#:parallel-build? #f
#:phases
(modify-phases %standard-phases
(delete 'configure) ; There is no configure phase.
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
(bin (string-append out "/bin"))
(man (string-append out "/share/man/man1")))
(mkdir-p man)
(copy-file "awk.1" (string-append man "/bioawk.1"))
(install-file "bioawk" bin)))))))
(home-page "https://github.com/lh3/bioawk")
(synopsis "AWK with bioinformatics extensions")
(description "Bioawk is an extension to Brian Kernighan's awk, adding the
support of several common biological data formats, including optionally gzip'ed
BED, GFF, SAM, VCF, FASTA/Q and TAB-delimited formats with column names. It
also adds a few built-in functions and a command line option to use TAB as the
input/output delimiter. When the new functionality is not used, bioawk is
intended to behave exactly the same as the original BWK awk.")
(license license:x11)))
(define-public python2-pybedtools (define-public python2-pybedtools
(package (package
(name "python2-pybedtools") (name "python2-pybedtools")

View File

@ -90,15 +90,14 @@ with a flexible variety of user interfaces.")
(define-public cppunit (define-public cppunit
(package (package
(name "cppunit") (name "cppunit")
(version "1.12.1") (version "1.13.2")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "mirror://sourceforge/cppunit/" name "/" (uri (string-append "http://dev-www.libreoffice.org/src/"
name "-" name "-" version ".tar.gz"))
version ".tar.gz"))
(sha256 (sha256
(base32 (base32
"0jm49v5rmc5qw34vqs56gy8xja1dhci73bmh23cig4kcir6a0a5c")))) "17s2kzmkw3kfjhpp72rfppyd7syr7bdq5s69syj2nvrlwd3d4irz"))))
;; Explicitly link with libdl. This is expected to be done by packages ;; Explicitly link with libdl. This is expected to be done by packages
;; relying on cppunit for their tests. However, not all of them do. ;; relying on cppunit for their tests. However, not all of them do.
;; If we added the linker flag to such packages, we would pollute all ;; If we added the linker flag to such packages, we would pollute all
@ -106,7 +105,7 @@ with a flexible variety of user interfaces.")
(arguments (arguments
`(#:make-flags '("LDFLAGS=-ldl"))) `(#:make-flags '("LDFLAGS=-ldl")))
(build-system gnu-build-system) (build-system gnu-build-system)
(home-page "http://sourceforge.net/projects/cppunit/") (home-page "https://wiki.freedesktop.org/www/Software/cppunit/")
(synopsis "Unit testing framework for C++") (synopsis "Unit testing framework for C++")
(description "CppUnit is the C++ port of the famous JUnit framework for (description "CppUnit is the C++ port of the famous JUnit framework for
unit testing. Test output is in XML for automatic testing and GUI based for unit testing. Test output is in XML for automatic testing and GUI based for
@ -116,17 +115,17 @@ supervised tests.")
(define-public catch-framework (define-public catch-framework
(package (package
(name "catch") (name "catch")
(version "1.1.3") ;Sub-minor is the build number (version "1.3.5") ;Sub-minor is the build number
(source (origin (source (origin
(method git-fetch) (method git-fetch)
(uri (git-reference (uri (git-reference
(url "https://github.com/philsquared/Catch") (url "https://github.com/philsquared/Catch")
;; Semi-arbitrary. ;; Semi-arbitrary.
(commit "c51e86819d"))) (commit "ae5ee2cf63d6d67bd1369b512d2a7b60b571c907")))
(file-name (string-append name "-" version)) (file-name (string-append name "-" version))
(sha256 (sha256
(base32 (base32
"0kgi7wxxysgjbpisqfj4dj0k19cyyai92f001zi8gzkybd4fkgv5")))) "1yfb3lxv929szqy1nw9xw3d45wzkppziqshkjxvrb1fdmf46x564"))))
(build-system trivial-build-system) (build-system trivial-build-system)
(arguments (arguments
`(#:modules ((guix build utils)) `(#:modules ((guix build utils))

View File

@ -68,14 +68,14 @@ a major mode for Emacs for examining the flowcharts that it produces.")
(define-public complexity (define-public complexity
(package (package
(name "complexity") (name "complexity")
(version "1.9") (version "1.10")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "mirror://gnu/complexity/complexity-" (uri (string-append "mirror://gnu/complexity/complexity-"
version ".tar.gz")) version ".tar.xz"))
(sha256 (sha256
(base32 (base32
"1jn61389bjxgc49ldzcp89kylagcd2b19i38jv99nl3blylkkwf6")))) "0lr0l9kj2w3jilz9h9y4np9pf9i9ccpy6331lanki2fnz4z8ldvd"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(native-inputs (native-inputs
`(("texinfo" ,texinfo) `(("texinfo" ,texinfo)
@ -190,7 +190,7 @@ COCOMO model or user-provided parameters.")
(define-public the-silver-searcher (define-public the-silver-searcher
(package (package
(name "the-silver-searcher") (name "the-silver-searcher")
(version "0.29.1") (version "0.31.0")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append (uri (string-append
@ -198,7 +198,7 @@ COCOMO model or user-provided parameters.")
version ".tar.gz")) version ".tar.gz"))
(sha256 (sha256
(base32 (base32
"0ah7vcqprl9hhafi68bvzaiywy7dfm28zf7kpw3xrlqzfn0vg7kp")) "1a3xncsq3x8pci194k484s5mdqij2sirpz6dj6711n2p8mzq5g31"))
(file-name (string-append name "-" version ".tar.gz")))) (file-name (string-append name "-" version ".tar.gz"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(native-inputs (native-inputs
@ -284,14 +284,14 @@ stack traces.")
(define-public lcov (define-public lcov
(package (package
(name "lcov") (name "lcov")
(version "1.10") (version "1.12")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "mirror://sourceforge/ltp/lcov-" (uri (string-append "mirror://sourceforge/ltp/lcov-"
version ".tar.gz")) version ".tar.gz"))
(sha256 (sha256
(base32 (base32
"13xq2ln4jjasslqzzhr5g11q1c19gwpng1jphzbzmylmrjz62ila")))) "19wfifdpxxivhq9adbphanjfga9bg9spms9v7c3589wndjff8x5l"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(arguments (arguments
'(#:make-flags (let ((out (assoc-ref %outputs "out"))) '(#:make-flags (let ((out (assoc-ref %outputs "out")))

View File

@ -2,6 +2,7 @@
;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com> ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
;;; Copyright © 2016 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -65,14 +66,14 @@ and BOOTP/TFTP for network booting of diskless machines.")
(define-public bind-utils (define-public bind-utils
(package (package
(name "bind-utils") (name "bind-utils")
(version "9.10.3-P3") (version "9.10.3-P4")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "http://ftp.isc.org/isc/bind9/" version (uri (string-append "http://ftp.isc.org/isc/bind9/" version
"/bind-" version ".tar.gz")) "/bind-" version ".tar.gz"))
(sha256 (sha256
(base32 (base32
"10yblk8qbb85qxakzdjy5qmqvqj4rlcqsqvlkriglampzg8i0239")))) "0giys46ifypysf799w9v58kbaz1v3fbdzw3s212znifzzfsl9h1a"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(inputs (inputs
;; it would be nice to add GeoIP and gssapi once there is package ;; it would be nice to add GeoIP and gssapi once there is package

View File

@ -411,7 +411,7 @@ message bus.")
(version "0.6.40") (version "0.6.40")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "http://www.freedesktop.org/software/" (uri (string-append "https://www.freedesktop.org/software/"
name "/" name "-" version ".tar.xz")) name "/" name "-" version ".tar.xz"))
(sha256 (sha256
(base32 (base32

View File

@ -16,6 +16,7 @@
;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com> ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
;;; Copyright © 2016 Rodger Fox <thylakoid@openmailbox.org> ;;; Copyright © 2016 Rodger Fox <thylakoid@openmailbox.org>
;;; Copyright © 2016 Manolis Fragkiskos Ragkousis <manolis837@gmail.com> ;;; Copyright © 2016 Manolis Fragkiskos Ragkousis <manolis837@gmail.com>
;;; Copyright © 2016 Nils Gillmann <niasterisk@grrlz.net>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -2001,3 +2002,27 @@ is attributed to Albert Einstein.")
;; license information. ;; license information.
(license license:gpl3+))) (license license:gpl3+)))
(define-public powwow
(package
(name "powwow")
(version "1.2.17")
(source (origin
(method url-fetch)
(uri (string-append
"http://www.hoopajoo.net/static/projects/powwow-"
version ".tar.gz"))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
"1xmsg2y7qcvj67i9ilnih0mvfxcpni7fzrz343x9rdfnkkzf3pp8"))))
(inputs
`(("ncurses" ,ncurses)))
(build-system gnu-build-system)
(home-page "http://www.hoopajoo.net/projects/powwow.html")
(synopsis "MUD and telnet client")
(description
"POWWOW is a client software which can be used for telnet as well as for
@dfn{Multi-User Dungeon} (MUD). Additionally it can serve as a nice client for
the chat server psyced with the specific config located at
http://lavachat.symlynx.com/unix/")
(license license:gpl2+)))

View File

@ -1,7 +1,7 @@
;;; GNU Guix --- Functional package management for GNU ;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2014, 2015 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2014, 2015, 2016 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2015 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2015 Efraim Flashner <efraim@flashner.co.il>
;;; ;;;
@ -440,7 +440,15 @@ as the 'native-search-paths' field."
`(cons (string-append "--enable-languages=" `(cons (string-append "--enable-languages="
,(string-join languages ",")) ,(string-join languages ","))
(remove (cut string-match "--enable-languages.*" <>) (remove (cut string-match "--enable-languages.*" <>)
,flags))))))) ,flags)))
((#:phases phases)
`(modify-phases ,phases
(add-after 'install 'remove-broken-or-conflicting-files
(lambda* (#:key outputs #:allow-other-keys)
(for-each delete-file
(find-files (string-append (assoc-ref outputs "out") "/bin")
".*(c\\+\\+|cpp|g\\+\\+|gcov|gcc.*)"))
#t))))))))
(define %generic-search-paths (define %generic-search-paths
;; This is the language-neutral search path for GCC. Entries in $CPATH are ;; This is the language-neutral search path for GCC. Entries in $CPATH are

View File

@ -144,7 +144,7 @@ catalogs. Nearly all GNU packages use Gettext.")
("perl-module-build" ,perl-module-build) ("perl-module-build" ,perl-module-build)
("docbook-xsl" ,docbook-xsl) ("docbook-xsl" ,docbook-xsl)
("docbook-xml" ,docbook-xml) ;for tests ("docbook-xml" ,docbook-xml) ;for tests
("texlive-bin" ,texlive-bin) ;for tests ("texlive" ,texlive-minimal) ;for tests
("libxml2" ,libxml2) ("libxml2" ,libxml2)
("xsltproc" ,libxslt))) ("xsltproc" ,libxslt)))
(home-page "http://po4a.alioth.debian.org/") (home-page "http://po4a.alioth.debian.org/")

View File

@ -3382,7 +3382,7 @@ USB transfers with your high-level application or system daemon.")
(define-public simple-scan (define-public simple-scan
(package (package
(name "simple-scan") (name "simple-scan")
(version "3.17.4") (version "3.19.91")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "https://launchpad.net/simple-scan/" (uri (string-append "https://launchpad.net/simple-scan/"
@ -3391,7 +3391,7 @@ USB transfers with your high-level application or system daemon.")
version ".tar.xz")) version ".tar.xz"))
(sha256 (sha256
(base32 (base32
"1pslbv45g01g039zj2b01k08f763kkhzqw8wwz7yh27m7bjllnx6")))) "1c5glf5vxgld41w4jxfqcv17q76qnh43fawpv33hncgh8d283xkf"))))
(build-system glib-or-gtk-build-system) (build-system glib-or-gtk-build-system)
(inputs (inputs
`(("gtk" ,gtk+) `(("gtk" ,gtk+)
@ -3409,6 +3409,21 @@ USB transfers with your high-level application or system daemon.")
("pkg-config" ,pkg-config) ("pkg-config" ,pkg-config)
("vala" ,vala) ("vala" ,vala)
("xmllint" ,libxml2))) ("xmllint" ,libxml2)))
(arguments
'(#:configure-flags '("--disable-packagekit")
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'clean
(lambda _
;; Remove a left-over reference to PackageKit.
;; https://bugs.launchpad.net/simple-scan/+bug/1462769
;; There are some generated C files erroneously
;; included in the source distribution, and this
;; one breaks the build by referring to a
;; non-existent header (packagekit.h)
(delete-file "src/ui.c"))))))
(home-page "https://launchpad.net/simple-scan") (home-page "https://launchpad.net/simple-scan")
(synopsis "Document and image scanner") (synopsis "Document and image scanner")
(description "Simple Scan is an easy-to-use application, designed to let (description "Simple Scan is an easy-to-use application, designed to let
@ -4635,13 +4650,17 @@ as SASL, TLS and VeNCrypt. Additionally it supports encoding extensions.")
("gobject-introspection" ,gobject-introspection) ("gobject-introspection" ,gobject-introspection)
("intltool" ,intltool) ("intltool" ,intltool)
("pkg-config" ,pkg-config))) ("pkg-config" ,pkg-config)))
(propagated-inputs
`(("gtk+" ,gtk+))) ; required by libnautilus-extension.pc
(inputs (inputs
;; TODO: add gvfs support. ;; TODO: add gvfs support.
`(("dconf" ,dconf) `(("dconf" ,dconf)
("exempi" ,exempi) ("exempi" ,exempi)
("gnome-desktop" ,gnome-desktop) ("gnome-desktop" ,gnome-desktop)
;; XXX: gtk+ is required by libnautilus-extension.pc
;;
;; Don't propagate it to reduces "profile pollution" of the 'gnome' meta
;; package. See:
;; <http://lists.gnu.org/archive/html/guix-devel/2016-03/msg00283.html>.
("gtk+" ,gtk+)
("libexif" ,libexif) ("libexif" ,libexif)
("libxml2" ,libxml2))) ("libxml2" ,libxml2)))
(synopsis "File manager for GNOME") (synopsis "File manager for GNOME")

View File

@ -291,7 +291,24 @@ standards.")
'("icecat-avoid-bundled-includes.patch" '("icecat-avoid-bundled-includes.patch"
"icecat-re-enable-DHE-cipher-suites.patch" "icecat-re-enable-DHE-cipher-suites.patch"
"icecat-update-graphite2.patch" "icecat-update-graphite2.patch"
"icecat-update-graphite2-pt2.patch"))) "icecat-update-graphite2-pt2.patch"
"icecat-CVE-2015-4477.patch"
"icecat-CVE-2015-7207.patch"
"icecat-CVE-2016-1952-pt01.patch"
"icecat-CVE-2016-1952-pt02.patch"
"icecat-CVE-2016-1952-pt03.patch"
"icecat-CVE-2016-1952-pt04.patch"
"icecat-CVE-2016-1952-pt05.patch"
"icecat-CVE-2016-1952-pt06.patch"
"icecat-CVE-2016-1954.patch"
"icecat-CVE-2016-1960.patch"
"icecat-CVE-2016-1961.patch"
"icecat-CVE-2016-1962.patch"
"icecat-CVE-2016-1964.patch"
"icecat-CVE-2016-1965.patch"
"icecat-CVE-2016-1966.patch"
"icecat-CVE-2016-1974.patch"
"icecat-bug-1248851.patch")))
(modules '((guix build utils))) (modules '((guix build utils)))
(snippet (snippet
'(begin '(begin

View File

@ -206,6 +206,20 @@ exception-handling library.")
"\"/tmp/\""))) "\"/tmp/\"")))
(patches (list (search-patch "openexr-missing-samples.patch"))))) (patches (list (search-patch "openexr-missing-samples.patch")))))
(build-system gnu-build-system) (build-system gnu-build-system)
(arguments
'(#:phases
(modify-phases %standard-phases
(add-after 'unpack 'disable-broken-test
;; This test fails on i686. Upstream developers suggest that
;; this test is broken on i686 and can be safely disabled:
;; https://github.com/openexr/openexr/issues/67#issuecomment-21169748
(lambda _
(substitute* "IlmImfTest/main.cpp"
(("#include \"testOptimizedInterleavePatterns.h\"")
"//#include \"testOptimizedInterleavePatterns.h\"")
(("TEST \\(testOptimizedInterleavePatterns")
"//TEST (testOptimizedInterleavePatterns"))
#t)))))
(native-inputs (native-inputs
`(("pkg-config" ,pkg-config))) `(("pkg-config" ,pkg-config)))
(propagated-inputs (propagated-inputs

View File

@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU ;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr> ;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
;;; ;;;
@ -32,16 +32,15 @@
(define-public libevent (define-public libevent
(package (package
(name "libevent") (name "libevent")
(version "2.0.21") (version "2.0.22")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append (uri (string-append
"https://github.com/downloads/libevent/libevent/libevent-" "https://github.com/libevent/libevent/releases/download/release-"
version version "-stable/libevent-" version "-stable.tar.gz"))
"-stable.tar.gz"))
(sha256 (sha256
(base32 (base32
"1xblymln9vihdmf1aqkp8chwvnhpdch3786bh30bj75slnl31992")) "18qz9qfwrkakmazdlwxvjmw8p76g70n3faikwvdwznns1agw9hki"))
(patches (list (search-patch "libevent-dns-tests.patch"))))) (patches (list (search-patch "libevent-dns-tests.patch")))))
(build-system gnu-build-system) (build-system gnu-build-system)
(inputs (inputs

View File

@ -220,7 +220,7 @@ for SYSTEM and optionally VARIANT, or #f if there is no such configuration."
(search-path %load-path file))) (search-path %load-path file)))
(define-public linux-libre (define-public linux-libre
(let* ((version "4.4.4") (let* ((version "4.4.5")
(build-phase (build-phase
'(lambda* (#:key system inputs #:allow-other-keys #:rest args) '(lambda* (#:key system inputs #:allow-other-keys #:rest args)
;; Apply the neat patch. ;; Apply the neat patch.
@ -294,7 +294,7 @@ for SYSTEM and optionally VARIANT, or #f if there is no such configuration."
(uri (linux-libre-urls version)) (uri (linux-libre-urls version))
(sha256 (sha256
(base32 (base32
"0i398ylpkwbrvda970j0ci4k7fl6ljnvra70k8ksqp9xgflm15gx")))) "19yyw6yssyxr9k5y3whgz2p731mb1pnq3xajpv8g01m13cxs32dd"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(supported-systems '("x86_64-linux" "i686-linux")) (supported-systems '("x86_64-linux" "i686-linux"))
(native-inputs `(("perl" ,perl) (native-inputs `(("perl" ,perl)

View File

@ -354,9 +354,7 @@ singular value problems.")
("pango" ,pango) ("pango" ,pango)
("gd" ,gd))) ("gd" ,gd)))
(native-inputs `(("pkg-config" ,pkg-config) (native-inputs `(("pkg-config" ,pkg-config)
;; Need 'tex', 'latex', 'pdflatex', 'kpsexand', and ("texlive" ,texlive-minimal)))
;; 'texhash' binaries.
("texlive" ,texlive-bin)))
(home-page "http://www.gnuplot.info") (home-page "http://www.gnuplot.info")
(synopsis "Command-line driven graphing utility") (synopsis "Command-line driven graphing utility")
(description "Gnuplot is a portable command-line driven graphing (description "Gnuplot is a portable command-line driven graphing

View File

@ -63,17 +63,19 @@
(define-public libotr (define-public libotr
(package (package
(name "libotr") (name "libotr")
(version "4.1.0") (version "4.1.1")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "https://otr.cypherpunks.ca/libotr-" (uri (string-append "https://otr.cypherpunks.ca/libotr-"
version ".tar.gz")) version ".tar.gz"))
(sha256 (sha256
(base32 "0c6rkh58s6wqzcrpccwdik5qs91qj6dgd60a340d72gc80cqknsg")))) (base32
"1x8rliydhbibmzwdbyr7pd7n87m2jmxnqkpvaalnf4154hj1hfwb"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(propagated-inputs (propagated-inputs
`(("libgcrypt" ,libgcrypt))) ; libotr headers include gcrypt.h `(("libgcrypt" ,libgcrypt))) ; libotr headers include gcrypt.h
(inputs `(("libgpg-error" ,libgpg-error))) (inputs `(("libgpg-error" ,libgpg-error)))
(native-inputs `(("perl" ,perl))) ; for the test suite
(synopsis "Off-the-Record (OTR) Messaging Library and Toolkit") (synopsis "Off-the-Record (OTR) Messaging Library and Toolkit")
(description (description
"OTR allows you to have private conversations over instant messaging by "OTR allows you to have private conversations over instant messaging by
@ -88,16 +90,6 @@ keys, no previous conversation is compromised.")
(home-page "https://otr.cypherpunks.ca/") (home-page "https://otr.cypherpunks.ca/")
(license (list lgpl2.1 gpl2)))) (license (list lgpl2.1 gpl2))))
(define-public libotr-3
(package (inherit libotr)
(version "3.2.1")
(source (origin
(method url-fetch)
(uri (string-append "https://otr.cypherpunks.ca/libotr-"
version ".tar.gz"))
(sha256
(base32 "1x6dd4rh499hdraiqfhz81igrj0a5rs0gjhc8l4sljwqhjjyla6l"))))))
(define-public bitlbee (define-public bitlbee
(package (package
(name "bitlbee") (name "bitlbee")
@ -326,14 +318,14 @@ chat protocols.")
(define-public pidgin-otr (define-public pidgin-otr
(package (package
(name "pidgin-otr") (name "pidgin-otr")
(version "4.0.1") (version "4.0.2")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "https://otr.cypherpunks.ca/" (uri (string-append "https://otr.cypherpunks.ca/"
name "-" version ".tar.gz")) name "-" version ".tar.gz"))
(sha256 (sha256
(base32 (base32
"02pkkf86fh5jvzsdn9y78impsgzj1n0p81kc2girvk3vq941yy0v")))) "1i5s9rrgbyss9rszq6c6y53hwqyw1k86s40cpsfx5ccl9bprxdgl"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(native-inputs (native-inputs
`(("pkg-config" ,pkg-config) `(("pkg-config" ,pkg-config)

View File

@ -3,6 +3,7 @@
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015 Stefan Reichör <stefan@xsteve.at> ;;; Copyright © 2015 Stefan Reichör <stefan@xsteve.at>
;;; Copyright © 2016 Raimon Grau <raimonster@gmail.com>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -187,3 +188,25 @@ needed/wanted real-time traffic statistics of multiple network
interfaces, with a simple and efficient view on the command line. It is interfaces, with a simple and efficient view on the command line. It is
intended as a substitute for the PPPStatus and EthStatus projects.") intended as a substitute for the PPPStatus and EthStatus projects.")
(license license:gpl2+))) (license license:gpl2+)))
(define-public nload
(package
(name "nload")
(version "0.7.4")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/nload/nload-"
version ".tar.gz"))
(sha256
(base32
"1rb9skch2kgqzigf19x8bzk211jdfjfdkrcvaqyj89jy2pkm3h61"))))
(build-system gnu-build-system)
(inputs `(("ncurses" ,ncurses)))
(home-page "http://www.roland-riegel.de/nload/")
(synopsis "Realtime console network usage monitor")
(description
"Nload is a console application which monitors network traffic and
bandwidth usage in real time. It visualizes the in- and outgoing traffic using
two graphs and provides additional info like total amount of transfered data
and min/max network usage.")
(license license:gpl2+)))

View File

@ -0,0 +1,37 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/beae8783b8c2
# HG changeset patch
# User Paul Adenot <paul@paul.cx>
# Date 1456422965 0
# Node ID beae8783b8c2c672da12a95c70ae663cbd0d5016
# Parent 3a606f8182c82480f8f350b622ab55a170ec1eb6
Bug 1179484. r=roc
MozReview-Commit-ID: HNaYLyMe3sM
diff --git a/dom/media/webaudio/MediaStreamAudioDestinationNode.cpp b/dom/media/webaudio/MediaStreamAudioDestinationNode.cpp
--- a/dom/media/webaudio/MediaStreamAudioDestinationNode.cpp
+++ b/dom/media/webaudio/MediaStreamAudioDestinationNode.cpp
@@ -69,16 +69,20 @@ MediaStreamAudioDestinationNode::MediaSt
ChannelInterpretation::Speakers)
, mDOMStream(DOMAudioNodeMediaStream::CreateTrackUnionStream(GetOwner(),
this))
{
TrackUnionStream* tus = static_cast<TrackUnionStream*>(mDOMStream->GetStream());
MOZ_ASSERT(tus == mDOMStream->GetStream()->AsProcessedStream());
tus->SetTrackIDFilter(FilterAudioNodeStreamTrack);
+ if (aContext->Graph() != tus->Graph()) {
+ return;
+ }
+
MediaStreamDestinationEngine* engine = new MediaStreamDestinationEngine(this, tus);
mStream = aContext->Graph()->CreateAudioNodeStream(engine, MediaStreamGraph::INTERNAL_STREAM);
mPort = tus->AllocateInputPort(mStream, 0);
nsIDocument* doc = aContext->GetParentObject()->GetExtantDoc();
if (doc) {
mDOMStream->CombineWithPrincipal(doc->NodePrincipal());
}

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,356 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/c1d67bd4c993
# HG changeset patch
# User Timothy Nikkel <tnikkel@gmail.com>
# Date 1454023801 21600
# Node ID c1d67bd4c993b9e344c68954e6f0392c82b81e38
# Parent 530559abe159d3c23f078d673d30ff03d9c244e2
Bug 1224979 - Check if we compute usable filters for the downscaler, and if not put the downscaler in error state so it's not used. r=edwin, a=al
diff --git a/image/Downscaler.cpp b/image/Downscaler.cpp
new file mode 100644
--- /dev/null
+++ b/image/Downscaler.cpp
@@ -0,0 +1,340 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "Downscaler.h"
+
+#include <algorithm>
+#include <ctime>
+#include "gfxPrefs.h"
+#include "image_operations.h"
+#include "mozilla/SSE.h"
+#include "convolver.h"
+#include "skia/include/core/SkTypes.h"
+
+using std::max;
+using std::swap;
+
+namespace mozilla {
+namespace image {
+
+Downscaler::Downscaler(const nsIntSize& aTargetSize)
+ : mTargetSize(aTargetSize)
+ , mOutputBuffer(nullptr)
+ , mXFilter(MakeUnique<skia::ConvolutionFilter1D>())
+ , mYFilter(MakeUnique<skia::ConvolutionFilter1D>())
+ , mWindowCapacity(0)
+ , mHasAlpha(true)
+ , mFlipVertically(false)
+{
+ MOZ_ASSERT(gfxPrefs::ImageDownscaleDuringDecodeEnabled(),
+ "Downscaling even though downscale-during-decode is disabled?");
+ MOZ_ASSERT(mTargetSize.width > 0 && mTargetSize.height > 0,
+ "Invalid target size");
+}
+
+Downscaler::~Downscaler()
+{
+ ReleaseWindow();
+}
+
+void
+Downscaler::ReleaseWindow()
+{
+ if (!mWindow) {
+ return;
+ }
+
+ for (int32_t i = 0; i < mWindowCapacity; ++i) {
+ delete[] mWindow[i];
+ }
+
+ mWindow = nullptr;
+ mWindowCapacity = 0;
+}
+
+nsresult
+Downscaler::BeginFrame(const nsIntSize& aOriginalSize,
+ const Maybe<nsIntRect>& aFrameRect,
+ uint8_t* aOutputBuffer,
+ bool aHasAlpha,
+ bool aFlipVertically /* = false */)
+{
+ MOZ_ASSERT(aOutputBuffer);
+ MOZ_ASSERT(mTargetSize != aOriginalSize,
+ "Created a downscaler, but not downscaling?");
+ MOZ_ASSERT(mTargetSize.width <= aOriginalSize.width,
+ "Created a downscaler, but width is larger");
+ MOZ_ASSERT(mTargetSize.height <= aOriginalSize.height,
+ "Created a downscaler, but height is larger");
+ MOZ_ASSERT(aOriginalSize.width > 0 && aOriginalSize.height > 0,
+ "Invalid original size");
+
+ mFrameRect = aFrameRect.valueOr(nsIntRect(nsIntPoint(), aOriginalSize));
+ MOZ_ASSERT(mFrameRect.x >= 0 && mFrameRect.y >= 0 &&
+ mFrameRect.width >= 0 && mFrameRect.height >= 0,
+ "Frame rect must have non-negative components");
+ MOZ_ASSERT(nsIntRect(0, 0, aOriginalSize.width, aOriginalSize.height)
+ .Contains(mFrameRect),
+ "Frame rect must fit inside image");
+ MOZ_ASSERT_IF(!nsIntRect(0, 0, aOriginalSize.width, aOriginalSize.height)
+ .IsEqualEdges(mFrameRect),
+ aHasAlpha);
+
+ mOriginalSize = aOriginalSize;
+ mScale = gfxSize(double(mOriginalSize.width) / mTargetSize.width,
+ double(mOriginalSize.height) / mTargetSize.height);
+ mOutputBuffer = aOutputBuffer;
+ mHasAlpha = aHasAlpha;
+ mFlipVertically = aFlipVertically;
+
+ ReleaseWindow();
+
+ auto resizeMethod = skia::ImageOperations::RESIZE_LANCZOS3;
+
+ skia::resize::ComputeFilters(resizeMethod,
+ mOriginalSize.width, mTargetSize.width,
+ 0, mTargetSize.width,
+ mXFilter.get());
+
+ if (mXFilter->max_filter() <= 0 || mXFilter->num_values() != mTargetSize.width) {
+ NS_WARNING("Failed to compute filters for image downscaling");
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
+
+ skia::resize::ComputeFilters(resizeMethod,
+ mOriginalSize.height, mTargetSize.height,
+ 0, mTargetSize.height,
+ mYFilter.get());
+
+ if (mYFilter->max_filter() <= 0 || mYFilter->num_values() != mTargetSize.height) {
+ NS_WARNING("Failed to compute filters for image downscaling");
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
+
+ // Allocate the buffer, which contains scanlines of the original image.
+ // pad by 15 to handle overreads by the simd code
+ size_t bufferLen = mOriginalSize.width * sizeof(uint32_t) + 15;
+ mRowBuffer.reset(new (fallible) uint8_t[bufferLen]);
+ if (MOZ_UNLIKELY(!mRowBuffer)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
+
+ // Zero buffer to keep valgrind happy.
+ memset(mRowBuffer.get(), 0, bufferLen);
+
+ // Allocate the window, which contains horizontally downscaled scanlines. (We
+ // can store scanlines which are already downscale because our downscaling
+ // filter is separable.)
+ mWindowCapacity = mYFilter->max_filter();
+ mWindow.reset(new (fallible) uint8_t*[mWindowCapacity]);
+ if (MOZ_UNLIKELY(!mWindow)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
+
+ bool anyAllocationFailed = false;
+ // pad by 15 to handle overreads by the simd code
+ const int rowSize = mTargetSize.width * sizeof(uint32_t) + 15;
+ for (int32_t i = 0; i < mWindowCapacity; ++i) {
+ mWindow[i] = new (fallible) uint8_t[rowSize];
+ anyAllocationFailed = anyAllocationFailed || mWindow[i] == nullptr;
+ }
+
+ if (MOZ_UNLIKELY(anyAllocationFailed)) {
+ // We intentionally iterate through the entire array even if an allocation
+ // fails, to ensure that all the pointers in it are either valid or nullptr.
+ // That in turn ensures that ReleaseWindow() can clean up correctly.
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
+
+ ResetForNextProgressivePass();
+
+ return NS_OK;
+}
+
+void
+Downscaler::SkipToRow(int32_t aRow)
+{
+ if (mCurrentInLine < aRow) {
+ ClearRow();
+ do {
+ CommitRow();
+ } while (mCurrentInLine < aRow);
+ }
+}
+
+void
+Downscaler::ResetForNextProgressivePass()
+{
+ mPrevInvalidatedLine = 0;
+ mCurrentOutLine = 0;
+ mCurrentInLine = 0;
+ mLinesInBuffer = 0;
+
+ if (mFrameRect.IsEmpty()) {
+ // Our frame rect is zero size; commit rows until the end of the image.
+ SkipToRow(mOriginalSize.height - 1);
+ } else {
+ // If we have a vertical offset, commit rows to shift us past it.
+ SkipToRow(mFrameRect.y);
+ }
+}
+
+static void
+GetFilterOffsetAndLength(UniquePtr<skia::ConvolutionFilter1D>& aFilter,
+ int32_t aOutputImagePosition,
+ int32_t* aFilterOffsetOut,
+ int32_t* aFilterLengthOut)
+{
+ MOZ_ASSERT(aOutputImagePosition < aFilter->num_values());
+ aFilter->FilterForValue(aOutputImagePosition,
+ aFilterOffsetOut,
+ aFilterLengthOut);
+}
+
+void
+Downscaler::ClearRow(uint32_t aStartingAtCol)
+{
+ MOZ_ASSERT(int64_t(mOriginalSize.width) > int64_t(aStartingAtCol));
+ uint32_t bytesToClear = (mOriginalSize.width - aStartingAtCol)
+ * sizeof(uint32_t);
+ memset(mRowBuffer.get() + (aStartingAtCol * sizeof(uint32_t)),
+ 0, bytesToClear);
+}
+
+void
+Downscaler::CommitRow()
+{
+ MOZ_ASSERT(mOutputBuffer, "Should have a current frame");
+ MOZ_ASSERT(mCurrentInLine < mOriginalSize.height, "Past end of input");
+
+ if (mCurrentOutLine < mTargetSize.height) {
+ int32_t filterOffset = 0;
+ int32_t filterLength = 0;
+ GetFilterOffsetAndLength(mYFilter, mCurrentOutLine,
+ &filterOffset, &filterLength);
+
+ int32_t inLineToRead = filterOffset + mLinesInBuffer;
+ MOZ_ASSERT(mCurrentInLine <= inLineToRead, "Reading past end of input");
+ if (mCurrentInLine == inLineToRead) {
+ skia::ConvolveHorizontally(mRowBuffer.get(), *mXFilter,
+ mWindow[mLinesInBuffer++], mHasAlpha,
+ supports_sse2());
+ }
+
+ MOZ_ASSERT(mCurrentOutLine < mTargetSize.height,
+ "Writing past end of output");
+
+ while (mLinesInBuffer == filterLength) {
+ DownscaleInputLine();
+
+ if (mCurrentOutLine == mTargetSize.height) {
+ break; // We're done.
+ }
+
+ GetFilterOffsetAndLength(mYFilter, mCurrentOutLine,
+ &filterOffset, &filterLength);
+ }
+ }
+
+ mCurrentInLine += 1;
+
+ // If we're at the end of the part of the original image that has data, commit
+ // rows to shift us to the end.
+ if (mCurrentInLine == (mFrameRect.y + mFrameRect.height)) {
+ SkipToRow(mOriginalSize.height - 1);
+ }
+}
+
+bool
+Downscaler::HasInvalidation() const
+{
+ return mCurrentOutLine > mPrevInvalidatedLine;
+}
+
+DownscalerInvalidRect
+Downscaler::TakeInvalidRect()
+{
+ if (MOZ_UNLIKELY(!HasInvalidation())) {
+ return DownscalerInvalidRect();
+ }
+
+ DownscalerInvalidRect invalidRect;
+
+ // Compute the target size invalid rect.
+ if (mFlipVertically) {
+ // We need to flip it. This will implicitly flip the original size invalid
+ // rect, since we compute it by scaling this rect.
+ invalidRect.mTargetSizeRect =
+ IntRect(0, mTargetSize.height - mCurrentOutLine,
+ mTargetSize.width, mCurrentOutLine - mPrevInvalidatedLine);
+ } else {
+ invalidRect.mTargetSizeRect =
+ IntRect(0, mPrevInvalidatedLine,
+ mTargetSize.width, mCurrentOutLine - mPrevInvalidatedLine);
+ }
+
+ mPrevInvalidatedLine = mCurrentOutLine;
+
+ // Compute the original size invalid rect.
+ invalidRect.mOriginalSizeRect = invalidRect.mTargetSizeRect;
+ invalidRect.mOriginalSizeRect.ScaleRoundOut(mScale.width, mScale.height);
+
+ return invalidRect;
+}
+
+void
+Downscaler::DownscaleInputLine()
+{
+ typedef skia::ConvolutionFilter1D::Fixed FilterValue;
+
+ MOZ_ASSERT(mOutputBuffer);
+ MOZ_ASSERT(mCurrentOutLine < mTargetSize.height,
+ "Writing past end of output");
+
+ int32_t filterOffset = 0;
+ int32_t filterLength = 0;
+ MOZ_ASSERT(mCurrentOutLine < mYFilter->num_values());
+ auto filterValues =
+ mYFilter->FilterForValue(mCurrentOutLine, &filterOffset, &filterLength);
+
+ int32_t currentOutLine = mFlipVertically
+ ? mTargetSize.height - (mCurrentOutLine + 1)
+ : mCurrentOutLine;
+ MOZ_ASSERT(currentOutLine >= 0);
+
+ uint8_t* outputLine =
+ &mOutputBuffer[currentOutLine * mTargetSize.width * sizeof(uint32_t)];
+ skia::ConvolveVertically(static_cast<const FilterValue*>(filterValues),
+ filterLength, mWindow.get(), mXFilter->num_values(),
+ outputLine, mHasAlpha, supports_sse2());
+
+ mCurrentOutLine += 1;
+
+ if (mCurrentOutLine == mTargetSize.height) {
+ // We're done.
+ return;
+ }
+
+ int32_t newFilterOffset = 0;
+ int32_t newFilterLength = 0;
+ GetFilterOffsetAndLength(mYFilter, mCurrentOutLine,
+ &newFilterOffset, &newFilterLength);
+
+ int diff = newFilterOffset - filterOffset;
+ MOZ_ASSERT(diff >= 0, "Moving backwards in the filter?");
+
+ // Shift the buffer. We're just moving pointers here, so this is cheap.
+ mLinesInBuffer -= diff;
+ mLinesInBuffer = max(mLinesInBuffer, 0);
+ for (int32_t i = 0; i < mLinesInBuffer; ++i) {
+ swap(mWindow[i], mWindow[filterLength - mLinesInBuffer + i]);
+ }
+}
+
+
+
+} // namespace image
+} // namespace mozilla

View File

@ -0,0 +1,58 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/9719b71d72dd
# HG changeset patch
# User Byron Campen [:bwc] <docfaraday@gmail.com>
# Date 1454100887 21600
# Node ID 9719b71d72dd2a3c5ee12ace156af2a63d9595ac
# Parent b68673d974a10f65390f80b36d4307eb31e44669
Bug 1234578 - Assert if PCM is destroyed improperly. r=rjesup, a=sylvestre
diff --git a/media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.cpp b/media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.cpp
--- a/media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.cpp
+++ b/media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.cpp
@@ -712,16 +712,18 @@ PeerConnectionMedia::SelfDestruct_m()
{
CSFLogDebug(logTag, "%s: ", __FUNCTION__);
ASSERT_ON_THREAD(mMainThread);
mLocalSourceStreams.Clear();
mRemoteSourceStreams.Clear();
+ mMainThread = nullptr;
+
// Final self-destruct.
this->Release();
}
void
PeerConnectionMedia::ShutdownMediaTransport_s()
{
ASSERT_ON_THREAD(mSTSThread);
diff --git a/media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.h b/media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.h
--- a/media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.h
+++ b/media/webrtc/signaling/src/peerconnection/PeerConnectionMedia.h
@@ -210,17 +210,20 @@ class RemoteSourceStreamInfo : public So
std::vector<std::string> mTrackIdMap;
// True iff SetPullEnabled(true) has been called on the DOMMediaStream. This
// happens when offer/answer concludes.
bool mReceiving;
};
class PeerConnectionMedia : public sigslot::has_slots<> {
- ~PeerConnectionMedia() {}
+ ~PeerConnectionMedia()
+ {
+ MOZ_RELEASE_ASSERT(!mMainThread);
+ }
public:
explicit PeerConnectionMedia(PeerConnectionImpl *parent);
PeerConnectionImpl* GetPC() { return mParent; }
nsresult Init(const std::vector<NrIceStunServer>& stun_servers,
const std::vector<NrIceTurnServer>& turn_servers);
// WARNING: This destroys the object!

View File

@ -0,0 +1,60 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/2839062f84fb
# HG changeset patch
# User Jan de Mooij <jdemooij@mozilla.com>
# Date 1455119320 -3600
# Node ID 2839062f84fb6cba2781ea8d59150f13d4813ddc
# Parent 185b233ea03f3811404e3979b65ec86b29d13555
Bug 1242279 - r=bhackett1024 a=sylvestre
diff --git a/js/src/vm/TypeInference.cpp b/js/src/vm/TypeInference.cpp
--- a/js/src/vm/TypeInference.cpp
+++ b/js/src/vm/TypeInference.cpp
@@ -3961,16 +3961,22 @@ JSScript::maybeSweepTypes(AutoClearTypeI
unsigned num = TypeScript::NumTypeSets(this);
StackTypeSet* typeArray = types_->typeArray();
// Remove constraints and references to dead objects from stack type sets.
for (unsigned i = 0; i < num; i++)
typeArray[i].sweep(zone(), *oom);
+ if (oom->hadOOM()) {
+ // It's possible we OOM'd while copying freeze constraints, so they
+ // need to be regenerated.
+ hasFreezeConstraints_ = false;
+ }
+
// Update the recompile indexes in any IonScripts still on the script.
if (hasIonScript())
ionScript()->recompileInfoRef().shouldSweep(types);
}
void
TypeScript::destroy()
{
diff --git a/js/src/vm/TypeInference.h b/js/src/vm/TypeInference.h
--- a/js/src/vm/TypeInference.h
+++ b/js/src/vm/TypeInference.h
@@ -566,16 +566,19 @@ class AutoClearTypeInferenceStateOnOOM
: zone(zone), oom(false)
{}
~AutoClearTypeInferenceStateOnOOM();
void setOOM() {
oom = true;
}
+ bool hadOOM() const {
+ return oom;
+ }
};
/* Superclass common to stack and heap type sets. */
class ConstraintTypeSet : public TypeSet
{
public:
/* Chain of constraints which propagate changes out from this type set. */
TypeConstraint* constraintList;

View File

@ -0,0 +1,53 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/9dd60e798819
# HG changeset patch
# User Olli Pettay <bugs@pettay.fi>
# Date 1455204078 -3600
# Node ID 9dd60e798819fe2ebf1e5bd36aa9006ecd2f82c9
# Parent c1d67bd4c993b9e344c68954e6f0392c82b81e38
Bug 1244250 - r=mats, a=al
diff --git a/layout/style/nsAnimationManager.cpp b/layout/style/nsAnimationManager.cpp
--- a/layout/style/nsAnimationManager.cpp
+++ b/layout/style/nsAnimationManager.cpp
@@ -715,16 +715,17 @@ nsAnimationManager::FlushAnimations(Flus
}
DispatchEvents(); // may destroy us
}
void
nsAnimationManager::DoDispatchEvents()
{
+ nsRefPtr<nsAnimationManager> kungFuDeathGrip(this);
EventArray events;
mPendingEvents.SwapElements(events);
for (uint32_t i = 0, i_end = events.Length(); i < i_end; ++i) {
AnimationEventInfo &info = events[i];
EventDispatcher::Dispatch(info.mElement, mPresContext, &info.mEvent);
if (!mPresContext) {
break;
diff --git a/layout/style/nsTransitionManager.cpp b/layout/style/nsTransitionManager.cpp
--- a/layout/style/nsTransitionManager.cpp
+++ b/layout/style/nsTransitionManager.cpp
@@ -753,16 +753,17 @@ nsTransitionManager::FlushTransitions(Fl
}
}
}
if (didThrottle) {
mPresContext->Document()->SetNeedStyleFlush();
}
+ nsRefPtr<nsTransitionManager> kungFuDeathGrip(this);
for (uint32_t i = 0, i_end = events.Length(); i < i_end; ++i) {
TransitionEventInfo &info = events[i];
EventDispatcher::Dispatch(info.mElement, mPresContext, &info.mEvent);
if (!mPresContext) {
break;
}
}

View File

@ -0,0 +1,32 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/1dd0ca8e70bd
# HG changeset patch
# User Nicolas B. Pierron <nicolas.b.pierron@mozilla.com>
# Date 1456161361 0
# Node ID 1dd0ca8e70bd77b6fd93f36cc4e9c2cebfe8ba0a
# Parent 95ff874886905ef46a7bbc760981d15ad0831096
Bug 1221872 - ValueNumbering: Set the dominator index of fixup blocks when they are created. r=sunfish, a=ritu
diff --git a/js/src/jit/ValueNumbering.cpp b/js/src/jit/ValueNumbering.cpp
--- a/js/src/jit/ValueNumbering.cpp
+++ b/js/src/jit/ValueNumbering.cpp
@@ -433,16 +433,17 @@ ValueNumberer::fixupOSROnlyLoop(MBasicBl
MBasicBlock* fake = MBasicBlock::NewAsmJS(graph_, block->info(),
nullptr, MBasicBlock::NORMAL);
if (fake == nullptr)
return false;
graph_.insertBlockBefore(block, fake);
fake->setImmediateDominator(fake);
fake->addNumDominated(1);
+ fake->setDomIndex(fake->id());
// Create zero-input phis to use as inputs for any phis in |block|.
// Again, this is a little odd, but it's the least-odd thing we can do
// without significant complexity.
for (MPhiIterator iter(block->phisBegin()), end(block->phisEnd()); iter != end; ++iter) {
MPhi* phi = *iter;
MPhi* fakePhi = MPhi::New(graph_.alloc(), phi->type());
fake->addPhi(fakePhi);

View File

@ -0,0 +1,103 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/6f4d51302387
# HG changeset patch
# User Andrew McCreight <continuation@gmail.com>
# Date 1456273423 28800
# Node ID 6f4d5130238790fa5810c76ffeb9eccc65efa8c9
# Parent 70f6c59d9d73a5edefd216b48ca74a931da12cf1
Bug 1249685 - Use more nsCOMPtrs for stack variables in DOM code. r=smaug, a=ritu
diff --git a/dom/base/nsRange.cpp b/dom/base/nsRange.cpp
--- a/dom/base/nsRange.cpp
+++ b/dom/base/nsRange.cpp
@@ -1985,17 +1985,17 @@ nsRange::CutContents(DocumentFragment**
rv = closestAncestor ? PrependChild(closestAncestor, nodeToResult)
: PrependChild(commonCloneAncestor, nodeToResult);
NS_ENSURE_SUCCESS(rv, rv);
NS_ENSURE_STATE(!guard.Mutated(parent ? 2 : 1) ||
ValidateCurrentNode(this, iter));
} else if (nodeToResult) {
nsMutationGuard guard;
nsCOMPtr<nsINode> node = nodeToResult;
- nsINode* parent = node->GetParentNode();
+ nsCOMPtr<nsINode> parent = node->GetParentNode();
if (parent) {
mozilla::ErrorResult error;
parent->RemoveChild(*node, error);
NS_ENSURE_FALSE(error.Failed(), error.ErrorCode());
}
NS_ENSURE_STATE(!guard.Mutated(1) ||
ValidateCurrentNode(this, iter));
}
diff --git a/dom/base/nsTreeSanitizer.cpp b/dom/base/nsTreeSanitizer.cpp
--- a/dom/base/nsTreeSanitizer.cpp
+++ b/dom/base/nsTreeSanitizer.cpp
@@ -1423,18 +1423,18 @@ nsTreeSanitizer::SanitizeChildren(nsINod
mAllowStyles,
false);
}
node = node->GetNextNonChildNode(aRoot);
continue;
}
if (MustFlatten(ns, localName)) {
RemoveAllAttributes(node);
- nsIContent* next = node->GetNextNode(aRoot);
- nsIContent* parent = node->GetParent();
+ nsCOMPtr<nsIContent> next = node->GetNextNode(aRoot);
+ nsCOMPtr<nsIContent> parent = node->GetParent();
nsCOMPtr<nsIContent> child; // Must keep the child alive during move
ErrorResult rv;
while ((child = node->GetFirstChild())) {
parent->InsertBefore(*child, node, rv);
if (rv.Failed()) {
break;
}
}
diff --git a/dom/html/HTMLSelectElement.cpp b/dom/html/HTMLSelectElement.cpp
--- a/dom/html/HTMLSelectElement.cpp
+++ b/dom/html/HTMLSelectElement.cpp
@@ -624,17 +624,17 @@ HTMLSelectElement::Add(nsGenericHTMLElem
{
if (!aBefore) {
Element::AppendChild(aElement, aError);
return;
}
// Just in case we're not the parent, get the parent of the reference
// element
- nsINode* parent = aBefore->Element::GetParentNode();
+ nsCOMPtr<nsINode> parent = aBefore->Element::GetParentNode();
if (!parent || !nsContentUtils::ContentIsDescendantOf(parent, this)) {
// NOT_FOUND_ERR: Raised if before is not a descendant of the SELECT
// element.
aError.Throw(NS_ERROR_DOM_NOT_FOUND_ERR);
return;
}
// If the before parameter is not null, we are equivalent to the
diff --git a/dom/html/HTMLTableElement.cpp b/dom/html/HTMLTableElement.cpp
--- a/dom/html/HTMLTableElement.cpp
+++ b/dom/html/HTMLTableElement.cpp
@@ -516,18 +516,18 @@ HTMLTableElement::InsertRow(int32_t aInd
if (rowCount > 0) {
if (refIndex == rowCount || aIndex == -1) {
// we set refIndex to the last row so we can get the last row's
// parent we then do an AppendChild below if (rowCount<aIndex)
refIndex = rowCount - 1;
}
- Element* refRow = rows->Item(refIndex);
- nsINode* parent = refRow->GetParentNode();
+ RefPtr<Element> refRow = rows->Item(refIndex);
+ nsCOMPtr<nsINode> parent = refRow->GetParentNode();
// create the row
nsRefPtr<mozilla::dom::NodeInfo> nodeInfo;
nsContentUtils::NameChanged(mNodeInfo, nsGkAtoms::tr,
getter_AddRefs(nodeInfo));
newRow = NS_NewHTMLTableRowElement(nodeInfo.forget());

View File

@ -0,0 +1,32 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/a5c4c18849b4
# HG changeset patch
# User Christoph Kerschbaumer <mozilla@christophkerschbaumer.com>
# Date 1456157874 28800
# Node ID a5c4c18849b486ef8693e20421b69239a2cbe574
# Parent e93aeb25e2a44df8d22f5a065b4410620e2c8730
Bug 1243178: CSP - Skip sending reports for non http schemes (r=dveditz) a=ritu
diff --git a/dom/security/nsCSPContext.cpp b/dom/security/nsCSPContext.cpp
--- a/dom/security/nsCSPContext.cpp
+++ b/dom/security/nsCSPContext.cpp
@@ -798,16 +798,17 @@ nsCSPContext::SendReports(nsISupports* a
(NS_SUCCEEDED(reportURI->SchemeIs("https", &isHttpScheme)) && isHttpScheme);
if (!isHttpScheme) {
const char16_t* params[] = { reportURIs[r].get() };
CSP_LogLocalizedStr(NS_LITERAL_STRING("reportURInotHttpsOrHttp2").get(),
params, ArrayLength(params),
aSourceFile, aScriptSample, aLineNum, 0,
nsIScriptError::errorFlag, "CSP", mInnerWindowID);
+ continue;
}
// make sure this is an anonymous request (no cookies) so in case the
// policy URI is injected, it can't be abused for CSRF.
nsLoadFlags flags;
rv = reportChannel->GetLoadFlags(&flags);
NS_ENSURE_SUCCESS(rv, rv);
flags |= nsIRequest::LOAD_ANONYMOUS;

View File

@ -0,0 +1,55 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/185b233ea03f
# HG changeset patch
# User Henri Sivonen <hsivonen@hsivonen.fi>
# Date 1455100746 -7200
# Node ID 185b233ea03f3811404e3979b65ec86b29d13555
# Parent 271e3a5a53d96871141e89271f611033b512e3e4
Bug 1246014. r=wchen. a=sylvestre
diff --git a/parser/html/javasrc/TreeBuilder.java b/parser/html/javasrc/TreeBuilder.java
--- a/parser/html/javasrc/TreeBuilder.java
+++ b/parser/html/javasrc/TreeBuilder.java
@@ -4437,17 +4437,17 @@ public abstract class TreeBuilder<T> imp
return TreeBuilder.NOT_FOUND_ON_STACK;
}
private void clearStackBackTo(int eltPos) throws SAXException {
int eltGroup = stack[eltPos].getGroup();
while (currentPtr > eltPos) { // > not >= intentional
if (stack[currentPtr].ns == "http://www.w3.org/1999/xhtml"
&& stack[currentPtr].getGroup() == TEMPLATE
- && (eltGroup == TABLE || eltGroup == TBODY_OR_THEAD_OR_TFOOT|| eltGroup == TR || eltGroup == HTML)) {
+ && (eltGroup == TABLE || eltGroup == TBODY_OR_THEAD_OR_TFOOT|| eltGroup == TR || eltPos == 0)) {
return;
}
pop();
}
}
private void resetTheInsertionMode() {
StackNode<T> node;
diff --git a/parser/html/nsHtml5TreeBuilder.cpp b/parser/html/nsHtml5TreeBuilder.cpp
--- a/parser/html/nsHtml5TreeBuilder.cpp
+++ b/parser/html/nsHtml5TreeBuilder.cpp
@@ -3301,17 +3301,17 @@ nsHtml5TreeBuilder::findLastInTableScope
return NS_HTML5TREE_BUILDER_NOT_FOUND_ON_STACK;
}
void
nsHtml5TreeBuilder::clearStackBackTo(int32_t eltPos)
{
int32_t eltGroup = stack[eltPos]->getGroup();
while (currentPtr > eltPos) {
- if (stack[currentPtr]->ns == kNameSpaceID_XHTML && stack[currentPtr]->getGroup() == NS_HTML5TREE_BUILDER_TEMPLATE && (eltGroup == NS_HTML5TREE_BUILDER_TABLE || eltGroup == NS_HTML5TREE_BUILDER_TBODY_OR_THEAD_OR_TFOOT || eltGroup == NS_HTML5TREE_BUILDER_TR || eltGroup == NS_HTML5TREE_BUILDER_HTML)) {
+ if (stack[currentPtr]->ns == kNameSpaceID_XHTML && stack[currentPtr]->getGroup() == NS_HTML5TREE_BUILDER_TEMPLATE && (eltGroup == NS_HTML5TREE_BUILDER_TABLE || eltGroup == NS_HTML5TREE_BUILDER_TBODY_OR_THEAD_OR_TFOOT || eltGroup == NS_HTML5TREE_BUILDER_TR || !eltPos)) {
return;
}
pop();
}
}
void
nsHtml5TreeBuilder::resetTheInsertionMode()

View File

@ -0,0 +1,33 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/e93aeb25e2a4
# HG changeset patch
# User Andrew McCreight <continuation@gmail.com>
# Date 1455891967 28800
# Node ID e93aeb25e2a44df8d22f5a065b4410620e2c8730
# Parent 221de852fda32714a9e484774ceafafb450ea73c
Bug 1249377 - Hold a strong reference to |root| in nsHTMLDocument::SetBody. r=bz, a=sylvestre
diff --git a/dom/html/nsHTMLDocument.cpp b/dom/html/nsHTMLDocument.cpp
--- a/dom/html/nsHTMLDocument.cpp
+++ b/dom/html/nsHTMLDocument.cpp
@@ -1044,17 +1044,17 @@ nsHTMLDocument::SetBody(nsIDOMHTMLElemen
ErrorResult rv;
SetBody(static_cast<nsGenericHTMLElement*>(newBody.get()), rv);
return rv.ErrorCode();
}
void
nsHTMLDocument::SetBody(nsGenericHTMLElement* newBody, ErrorResult& rv)
{
- Element* root = GetRootElement();
+ nsCOMPtr<Element> root = GetRootElement();
// The body element must be either a body tag or a frameset tag. And we must
// have a html root tag, otherwise GetBody will not return the newly set
// body.
if (!newBody || !(newBody->Tag() == nsGkAtoms::body ||
newBody->Tag() == nsGkAtoms::frameset) ||
!root || !root->IsHTML() ||
root->Tag() != nsGkAtoms::html) {

View File

@ -0,0 +1,107 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/221de852fda3
# HG changeset patch
# User Randell Jesup <rjesup@jesup.org>
# Date 1455862087 18000
# Node ID 221de852fda32714a9e484774ceafafb450ea73c
# Parent b03db72e32f6e3acdc9f8705371cb222d7e6c456
Bug 1240760: Update DataChannel::Close() r=mcmanus, a=ritu
MozReview-Commit-ID: 7nN9h3M3O8w
diff --git a/netwerk/sctp/datachannel/DataChannel.cpp b/netwerk/sctp/datachannel/DataChannel.cpp
--- a/netwerk/sctp/datachannel/DataChannel.cpp
+++ b/netwerk/sctp/datachannel/DataChannel.cpp
@@ -1771,17 +1771,17 @@ DataChannelConnection::HandleStreamReset
}
NS_DispatchToMainThread(new DataChannelOnMessageAvailable(
DataChannelOnMessageAvailable::ON_CHANNEL_CLOSED, this,
channel));
mStreams[channel->mStream] = nullptr;
LOG(("Disconnected DataChannel %p from connection %p",
(void *) channel.get(), (void *) channel->mConnection.get()));
- channel->Destroy();
+ channel->DestroyLocked();
// At this point when we leave here, the object is a zombie held alive only by the DOM object
} else {
LOG(("Can't find incoming channel %d",i));
}
}
}
}
@@ -2498,17 +2498,17 @@ DataChannelConnection::CloseInt(DataChan
mStreams[channel->mStream] = nullptr;
} else {
SendOutgoingStreamReset();
}
}
aChannel->mState = CLOSING;
if (mState == CLOSED) {
// we're not going to hang around waiting
- channel->Destroy();
+ channel->DestroyLocked();
}
// At this point when we leave here, the object is a zombie held alive only by the DOM object
}
void DataChannelConnection::CloseAll()
{
LOG(("Closing all channels (connection %p)", (void*) this));
// Don't need to lock here
@@ -2552,23 +2552,25 @@ DataChannel::~DataChannel()
// wrong, nothing bad happens. A worst it's a leak.
NS_ASSERTION(mState == CLOSED || mState == CLOSING, "unexpected state in ~DataChannel");
}
void
DataChannel::Close()
{
ENSURE_DATACONNECTION;
+ RefPtr<DataChannelConnection> connection(mConnection);
mConnection->Close(this);
}
// Used when disconnecting from the DataChannelConnection
void
-DataChannel::Destroy()
+DataChannel::DestroyLocked()
{
+ mConnection->mLock.AssertCurrentThreadOwns();
ENSURE_DATACONNECTION;
LOG(("Destroying Data channel %u", mStream));
MOZ_ASSERT_IF(mStream != INVALID_STREAM,
!mConnection->FindChannelByStream(mStream));
mStream = INVALID_STREAM;
mState = CLOSED;
mConnection = nullptr;
diff --git a/netwerk/sctp/datachannel/DataChannel.h b/netwerk/sctp/datachannel/DataChannel.h
--- a/netwerk/sctp/datachannel/DataChannel.h
+++ b/netwerk/sctp/datachannel/DataChannel.h
@@ -331,19 +331,20 @@ public:
{
NS_ASSERTION(mConnection,"NULL connection");
}
private:
~DataChannel();
public:
- void Destroy(); // when we disconnect from the connection after stream RESET
+ NS_INLINE_DECL_THREADSAFE_REFCOUNTING(DataChannel)
- NS_INLINE_DECL_THREADSAFE_REFCOUNTING(DataChannel)
+ // when we disconnect from the connection after stream RESET
+ void DestroyLocked();
// Close this DataChannel. Can be called multiple times. MUST be called
// before destroying the DataChannel (state must be CLOSED or CLOSING).
void Close();
// Set the listener (especially for channels created from the other side)
void SetListener(DataChannelListener *aListener, nsISupports *aContext);

View File

@ -0,0 +1,54 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/a653013e7b50
# HG changeset patch
# User Peter Van der Beken <peterv@propagandism.org>
# Date 1454340035 -3600
# Node ID a653013e7b503912a32621e8da64a37171316588
# Parent 0d0d7e8292f7ecf5f1149d528c0524f04447c4ad
Bug 1243335 - report bad QName. r=sicking, a=sylvestre
diff --git a/dom/xslt/xslt/txInstructions.cpp b/dom/xslt/xslt/txInstructions.cpp
--- a/dom/xslt/xslt/txInstructions.cpp
+++ b/dom/xslt/xslt/txInstructions.cpp
@@ -93,16 +93,19 @@ txAttribute::txAttribute(nsAutoPtr<Expr>
txNamespaceMap* aMappings)
: mName(Move(aName)), mNamespace(Move(aNamespace)), mMappings(aMappings)
{
}
nsresult
txAttribute::execute(txExecutionState& aEs)
{
+ nsAutoPtr<txTextHandler> handler(
+ static_cast<txTextHandler*>(aEs.popResultHandler()));
+
nsAutoString name;
nsresult rv = mName->evaluateToString(aEs.getEvalContext(), name);
NS_ENSURE_SUCCESS(rv, rv);
const char16_t* colon;
if (!XMLUtils::isValidQName(name, &colon) ||
TX_StringEqualsAtom(name, nsGkAtoms::xmlns)) {
return NS_OK;
@@ -125,19 +128,16 @@ txAttribute::execute(txExecutionState& a
if (!nspace.IsEmpty()) {
nsId = txNamespaceManager::getNamespaceID(nspace);
}
}
else if (colon) {
nsId = mMappings->lookupNamespace(prefix);
}
- nsAutoPtr<txTextHandler> handler(
- static_cast<txTextHandler*>(aEs.popResultHandler()));
-
// add attribute if everything was ok
return nsId != kNameSpaceID_Unknown ?
aEs.mResultHandler->attribute(prefix, Substring(name, lnameStart),
nsId, handler->mValue) :
NS_OK;
}
txCallTemplate::txCallTemplate(const txExpandedName& aName)

View File

@ -0,0 +1,44 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/b4467681abd6
# HG changeset patch
# User Gijs Kruitbosch <gijskruitbosch@gmail.com>
# Date 1455276061 0
# Node ID b4467681abd676cd5575cbdf922927f8f54d2ad9
# Parent 8c1d40e45a72c6432e879137a0afa519dc6c9841
Bug 1245264 - r=bz, r=ritu
MozReview-Commit-ID: I0sVdritpD3
diff --git a/dom/base/nsLocation.cpp b/dom/base/nsLocation.cpp
--- a/dom/base/nsLocation.cpp
+++ b/dom/base/nsLocation.cpp
@@ -735,16 +735,27 @@ nsLocation::SetProtocol(const nsAString&
return rv;
}
rv = uri->SetScheme(NS_ConvertUTF16toUTF8(aProtocol));
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
+ nsAutoCString newSpec;
+ rv = uri->GetSpec(newSpec);
+ if (NS_FAILED(rv)) {
+ return rv;
+ }
+ // We may want a new URI class for the new URI, so recreate it:
+ rv = NS_NewURI(getter_AddRefs(uri), newSpec);
+ if (NS_FAILED(rv)) {
+ return rv;
+ }
+
return SetURI(uri);
}
void
nsLocation::GetUsername(nsAString& aUsername, ErrorResult& aError)
{
if (!CallerSubsumes()) {
aError.Throw(NS_ERROR_DOM_SECURITY_ERR);

View File

@ -0,0 +1,36 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/291c2f31c48c
# HG changeset patch
# User Nicholas Nethercote <nnethercote@mozilla.com>
# Date 1454650565 -39600
# Node ID 291c2f31c48c7e96b1884b55273355970fa0fc30
# Parent 11e6614756551cfd7291e73eefb90c52873a8480
Bug 1246054 - Fix an erroneous nsNPObjWrapper assertion. r=froydnj. a=ritu
diff --git a/dom/plugins/base/nsJSNPRuntime.cpp b/dom/plugins/base/nsJSNPRuntime.cpp
--- a/dom/plugins/base/nsJSNPRuntime.cpp
+++ b/dom/plugins/base/nsJSNPRuntime.cpp
@@ -1915,18 +1915,19 @@ nsNPObjWrapper::GetNewOrUsed(NPP npp, JS
// No existing JSObject, create one.
JS::Rooted<JSObject*> obj(cx, ::JS_NewObject(cx, js::Jsvalify(&sNPObjectJSWrapperClass)));
if (generation != sNPObjWrappers.Generation()) {
// Reload entry if the JS_NewObject call caused a GC and reallocated
// the table (see bug 445229). This is guaranteed to succeed.
- NS_ASSERTION(PL_DHashTableSearch(&sNPObjWrappers, npobj),
- "Hashtable didn't find what we just added?");
+ entry = static_cast<NPObjWrapperHashEntry*>
+ (PL_DHashTableSearch(&sNPObjWrappers, npobj));
+ NS_ASSERTION(entry, "Hashtable didn't find what we just added?");
}
if (!obj) {
// OOM? Remove the stale entry from the hash.
PL_DHashTableRawRemove(&sNPObjWrappers, entry);
return nullptr;

View File

@ -0,0 +1,530 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/271e3a5a53d9
# HG changeset patch
# User Henri Sivonen <hsivonen@hsivonen.fi>
# Date 1455014759 -7200
# Node ID 271e3a5a53d96871141e89271f611033b512e3e4
# Parent 9719b71d72dd2a3c5ee12ace156af2a63d9595ac
Bug 1228103. r=smaug. a=sylvestre
diff --git a/parser/htmlparser/nsExpatDriver.cpp b/parser/htmlparser/nsExpatDriver.cpp
--- a/parser/htmlparser/nsExpatDriver.cpp
+++ b/parser/htmlparser/nsExpatDriver.cpp
@@ -1127,22 +1127,28 @@ nsExpatDriver::ConsumeToken(nsScanner& a
XML_Size lastLineLength = XML_GetCurrentColumnNumber(mExpatParser);
if (lastLineLength <= consumed) {
// The length of the last line was less than what expat consumed, so
// there was at least one line break in the consumed data. Store the
// last line until the point where we stopped parsing.
nsScannerIterator startLastLine = currentExpatPosition;
startLastLine.advance(-((ptrdiff_t)lastLineLength));
- CopyUnicodeTo(startLastLine, currentExpatPosition, mLastLine);
+ if (!CopyUnicodeTo(startLastLine, currentExpatPosition, mLastLine)) {
+ return (mInternalState = NS_ERROR_OUT_OF_MEMORY);
+ }
}
else {
// There was no line break in the consumed data, append the consumed
// data.
- AppendUnicodeTo(oldExpatPosition, currentExpatPosition, mLastLine);
+ if (!AppendUnicodeTo(oldExpatPosition,
+ currentExpatPosition,
+ mLastLine)) {
+ return (mInternalState = NS_ERROR_OUT_OF_MEMORY);
+ }
}
}
mExpatBuffered += length - consumed;
if (BlockedOrInterrupted()) {
PR_LOG(GetExpatDriverLog(), PR_LOG_DEBUG,
("Blocked or interrupted parser (probably for loading linked "
diff --git a/parser/htmlparser/nsParser.cpp b/parser/htmlparser/nsParser.cpp
--- a/parser/htmlparser/nsParser.cpp
+++ b/parser/htmlparser/nsParser.cpp
@@ -1508,17 +1508,19 @@ nsParser::ResumeParse(bool allowIteratio
DidBuildModel(mStreamStatus);
return NS_OK;
}
} else {
CParserContext* theContext = PopContext();
if (theContext) {
theIterationIsOk = allowIteration && theContextIsStringBased;
if (theContext->mCopyUnused) {
- theContext->mScanner->CopyUnusedData(mUnusedInput);
+ if (!theContext->mScanner->CopyUnusedData(mUnusedInput)) {
+ mInternalState = NS_ERROR_OUT_OF_MEMORY;
+ }
}
delete theContext;
}
result = mInternalState;
aIsFinalChunk = mParserContext &&
mParserContext->mStreamListenerState == eOnStop;
diff --git a/parser/htmlparser/nsScanner.cpp b/parser/htmlparser/nsScanner.cpp
--- a/parser/htmlparser/nsScanner.cpp
+++ b/parser/htmlparser/nsScanner.cpp
@@ -379,17 +379,19 @@ nsresult nsScanner::Peek(nsAString& aStr
if (mCountRemaining < uint32_t(aNumChars + aOffset)) {
end = mEndPosition;
}
else {
end = start;
end.advance(aNumChars);
}
- CopyUnicodeTo(start, end, aStr);
+ if (!CopyUnicodeTo(start, end, aStr)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
return NS_OK;
}
/**
* Skip whitespace on scanner input stream
*
@@ -542,17 +544,19 @@ nsresult nsScanner::ReadTagIdentifier(ns
if (!found) {
++current;
}
}
// Don't bother appending nothing.
if (current != mCurrentPosition) {
- AppendUnicodeTo(mCurrentPosition, current, aString);
+ if (!AppendUnicodeTo(mCurrentPosition, current, aString)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
}
SetPosition(current);
if (current == end) {
result = kEOF;
}
//DoErrTest(aString);
@@ -597,26 +601,30 @@ nsresult nsScanner::ReadEntityIdentifier
default:
found = ('a'<=theChar && theChar<='z') ||
('A'<=theChar && theChar<='Z') ||
('0'<=theChar && theChar<='9');
break;
}
if(!found) {
- AppendUnicodeTo(mCurrentPosition, current, aString);
+ if (!AppendUnicodeTo(mCurrentPosition, current, aString)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
break;
}
}
++current;
}
SetPosition(current);
if (current == end) {
- AppendUnicodeTo(origin, current, aString);
+ if (!AppendUnicodeTo(origin, current, aString)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
return kEOF;
}
//DoErrTest(aString);
return result;
}
@@ -646,26 +654,30 @@ nsresult nsScanner::ReadNumber(nsString&
while(current != end) {
theChar=*current;
if(theChar) {
done = (theChar < '0' || theChar > '9') &&
((aBase == 16)? (theChar < 'A' || theChar > 'F') &&
(theChar < 'a' || theChar > 'f')
:true);
if(done) {
- AppendUnicodeTo(origin, current, aString);
+ if (!AppendUnicodeTo(origin, current, aString)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
break;
}
}
++current;
}
SetPosition(current);
if (current == end) {
- AppendUnicodeTo(origin, current, aString);
+ if (!AppendUnicodeTo(origin, current, aString)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
return kEOF;
}
//DoErrTest(aString);
return result;
}
@@ -712,37 +724,43 @@ nsresult nsScanner::ReadWhitespace(nsSca
char16_t thePrevChar = theChar;
theChar = (++current != end) ? *current : '\0';
if ((thePrevChar == '\r' && theChar == '\n') ||
(thePrevChar == '\n' && theChar == '\r')) {
theChar = (++current != end) ? *current : '\0'; // CRLF == LFCR => LF
haveCR = true;
} else if (thePrevChar == '\r') {
// Lone CR becomes CRLF; callers should know to remove extra CRs
- AppendUnicodeTo(origin, current, aString);
+ if (!AppendUnicodeTo(origin, current, aString)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
aString.writable().Append(char16_t('\n'));
origin = current;
haveCR = true;
}
}
break;
case ' ' :
case '\t':
theChar = (++current != end) ? *current : '\0';
break;
default:
done = true;
- AppendUnicodeTo(origin, current, aString);
+ if (!AppendUnicodeTo(origin, current, aString)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
break;
}
}
SetPosition(current);
if (current == end) {
- AppendUnicodeTo(origin, current, aString);
+ if (!AppendUnicodeTo(origin, current, aString)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
result = kEOF;
}
aHaveCR = haveCR;
return result;
}
//XXXbz callers of this have to manage their lone '\r' themselves if they want
@@ -846,34 +864,38 @@ nsresult nsScanner::ReadUntil(nsAString&
if(!(theChar & aEndCondition.mFilter)) {
// They were. Do a thorough check.
setcurrent = setstart;
while (*setcurrent) {
if (*setcurrent == theChar) {
if(addTerminal)
++current;
- AppendUnicodeTo(origin, current, aString);
+ if (!AppendUnicodeTo(origin, current, aString)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
SetPosition(current);
//DoErrTest(aString);
return NS_OK;
}
++setcurrent;
}
}
++current;
}
// If we are here, we didn't find any terminator in the string and
// current = mEndPosition
SetPosition(current);
- AppendUnicodeTo(origin, current, aString);
+ if (!AppendUnicodeTo(origin, current, aString)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
return kEOF;
}
nsresult nsScanner::ReadUntil(nsScannerSharedSubstring& aString,
const nsReadEndCondition& aEndCondition,
bool addTerminal)
{
if (!mSlidingBuffer) {
@@ -906,34 +928,38 @@ nsresult nsScanner::ReadUntil(nsScannerS
if(!(theChar & aEndCondition.mFilter)) {
// They were. Do a thorough check.
setcurrent = setstart;
while (*setcurrent) {
if (*setcurrent == theChar) {
if(addTerminal)
++current;
- AppendUnicodeTo(origin, current, aString);
+ if (!AppendUnicodeTo(origin, current, aString)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
SetPosition(current);
//DoErrTest(aString);
return NS_OK;
}
++setcurrent;
}
}
++current;
}
// If we are here, we didn't find any terminator in the string and
// current = mEndPosition
SetPosition(current);
- AppendUnicodeTo(origin, current, aString);
+ if (!AppendUnicodeTo(origin, current, aString)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
return kEOF;
}
nsresult nsScanner::ReadUntil(nsScannerIterator& aStart,
nsScannerIterator& aEnd,
const nsReadEndCondition &aEndCondition,
bool addTerminal)
{
@@ -1025,26 +1051,30 @@ nsresult nsScanner::ReadUntil(nsAString&
if (theChar == '\0') {
ReplaceCharacter(current, sInvalid);
theChar = sInvalid;
}
if (aTerminalChar == theChar) {
if(addTerminal)
++current;
- AppendUnicodeTo(origin, current, aString);
+ if (!AppendUnicodeTo(origin, current, aString)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
SetPosition(current);
return NS_OK;
}
++current;
}
// If we are here, we didn't find any terminator in the string and
// current = mEndPosition
- AppendUnicodeTo(origin, current, aString);
+ if (!AppendUnicodeTo(origin, current, aString)) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
SetPosition(current);
return kEOF;
}
void nsScanner::BindSubstring(nsScannerSubstring& aSubstring, const nsScannerIterator& aStart, const nsScannerIterator& aEnd)
{
aSubstring.Rebind(*mSlidingBuffer, aStart, aEnd);
@@ -1142,29 +1172,29 @@ bool nsScanner::AppendToBuffer(nsScanner
}
/**
* call this to copy bytes out of the scanner that have not yet been consumed
* by the tokenization process.
*
* @update gess 5/12/98
* @param aCopyBuffer is where the scanner buffer will be copied to
- * @return nada
+ * @return true if OK or false on OOM
*/
-void nsScanner::CopyUnusedData(nsString& aCopyBuffer) {
+bool nsScanner::CopyUnusedData(nsString& aCopyBuffer) {
if (!mSlidingBuffer) {
aCopyBuffer.Truncate();
- return;
+ return true;
}
nsScannerIterator start, end;
start = mCurrentPosition;
end = mEndPosition;
- CopyUnicodeTo(start, end, aCopyBuffer);
+ return CopyUnicodeTo(start, end, aCopyBuffer);
}
/**
* Retrieve the name of the file that the scanner is reading from.
* In some cases, it's just a given name, because the scanner isn't
* really reading from a file.
*
* @update gess 5/12/98
diff --git a/parser/htmlparser/nsScanner.h b/parser/htmlparser/nsScanner.h
--- a/parser/htmlparser/nsScanner.h
+++ b/parser/htmlparser/nsScanner.h
@@ -204,19 +204,19 @@ class nsScanner {
nsIRequest *aRequest);
/**
* Call this to copy bytes out of the scanner that have not yet been consumed
* by the tokenization process.
*
* @update gess 5/12/98
* @param aCopyBuffer is where the scanner buffer will be copied to
- * @return nada
+ * @return true if OK or false on OOM
*/
- void CopyUnusedData(nsString& aCopyBuffer);
+ bool CopyUnusedData(nsString& aCopyBuffer);
/**
* Retrieve the name of the file that the scanner is reading from.
* In some cases, it's just a given name, because the scanner isn't
* really reading from a file.
*
* @update gess 5/12/98
* @return
diff --git a/parser/htmlparser/nsScannerString.cpp b/parser/htmlparser/nsScannerString.cpp
--- a/parser/htmlparser/nsScannerString.cpp
+++ b/parser/htmlparser/nsScannerString.cpp
@@ -461,61 +461,63 @@ copy_multifragment_string( nsScannerIter
sink_traits::write(result, source_traits::read(first), distance);
NS_ASSERTION(distance > 0, "|copy_multifragment_string| will never terminate");
source_traits::advance(first, distance);
}
return result;
}
-void
+bool
CopyUnicodeTo( const nsScannerIterator& aSrcStart,
const nsScannerIterator& aSrcEnd,
nsAString& aDest )
{
nsAString::iterator writer;
if (!aDest.SetLength(Distance(aSrcStart, aSrcEnd), mozilla::fallible)) {
aDest.Truncate();
- return; // out of memory
+ return false; // out of memory
}
aDest.BeginWriting(writer);
nsScannerIterator fromBegin(aSrcStart);
copy_multifragment_string(fromBegin, aSrcEnd, writer);
+ return true;
}
-void
+bool
AppendUnicodeTo( const nsScannerIterator& aSrcStart,
const nsScannerIterator& aSrcEnd,
nsScannerSharedSubstring& aDest )
{
// Check whether we can just create a dependent string.
if (aDest.str().IsEmpty()) {
// We can just make |aDest| point to the buffer.
// This will take care of copying if the buffer spans fragments.
aDest.Rebind(aSrcStart, aSrcEnd);
- } else {
- // The dest string is not empty, so it can't be a dependent substring.
- AppendUnicodeTo(aSrcStart, aSrcEnd, aDest.writable());
+ return true;
}
+ // The dest string is not empty, so it can't be a dependent substring.
+ return AppendUnicodeTo(aSrcStart, aSrcEnd, aDest.writable());
}
-void
+bool
AppendUnicodeTo( const nsScannerIterator& aSrcStart,
const nsScannerIterator& aSrcEnd,
nsAString& aDest )
{
nsAString::iterator writer;
uint32_t oldLength = aDest.Length();
if (!aDest.SetLength(oldLength + Distance(aSrcStart, aSrcEnd), mozilla::fallible))
- return; // out of memory
+ return false; // out of memory
aDest.BeginWriting(writer).advance(oldLength);
nsScannerIterator fromBegin(aSrcStart);
copy_multifragment_string(fromBegin, aSrcEnd, writer);
+ return true;
}
bool
FindCharInReadable( char16_t aChar,
nsScannerIterator& aSearchStart,
const nsScannerIterator& aSearchEnd )
{
while ( aSearchStart != aSearchEnd )
diff --git a/parser/htmlparser/nsScannerString.h b/parser/htmlparser/nsScannerString.h
--- a/parser/htmlparser/nsScannerString.h
+++ b/parser/htmlparser/nsScannerString.h
@@ -539,43 +539,43 @@ nsScannerBufferList::Position::operator=
inline
size_t
Distance( const nsScannerIterator& aStart, const nsScannerIterator& aEnd )
{
typedef nsScannerBufferList::Position Position;
return Position::Distance(Position(aStart), Position(aEnd));
}
-void
+bool
CopyUnicodeTo( const nsScannerIterator& aSrcStart,
const nsScannerIterator& aSrcEnd,
nsAString& aDest );
inline
-void
+bool
CopyUnicodeTo( const nsScannerSubstring& aSrc, nsAString& aDest )
{
nsScannerIterator begin, end;
- CopyUnicodeTo(aSrc.BeginReading(begin), aSrc.EndReading(end), aDest);
+ return CopyUnicodeTo(aSrc.BeginReading(begin), aSrc.EndReading(end), aDest);
}
-void
+bool
AppendUnicodeTo( const nsScannerIterator& aSrcStart,
const nsScannerIterator& aSrcEnd,
nsAString& aDest );
inline
-void
+bool
AppendUnicodeTo( const nsScannerSubstring& aSrc, nsAString& aDest )
{
nsScannerIterator begin, end;
- AppendUnicodeTo(aSrc.BeginReading(begin), aSrc.EndReading(end), aDest);
+ return AppendUnicodeTo(aSrc.BeginReading(begin), aSrc.EndReading(end), aDest);
}
-void
+bool
AppendUnicodeTo( const nsScannerIterator& aSrcStart,
const nsScannerIterator& aSrcEnd,
nsScannerSharedSubstring& aDest );
bool
FindCharInReadable( char16_t aChar,
nsScannerIterator& aStart,
const nsScannerIterator& aEnd );

View File

@ -0,0 +1,37 @@
Copied from upstream:
https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/8c1d40e45a72
# HG changeset patch
# User Xidorn Quan <quanxunzhen@gmail.com>
# Date 1456199544 -28800
# Node ID 8c1d40e45a72c6432e879137a0afa519dc6c9841
# Parent 1dd0ca8e70bd77b6fd93f36cc4e9c2cebfe8ba0a
Bug 1248851 - r=sicking, a=ritu
diff --git a/dom/indexedDB/ActorsParent.cpp b/dom/indexedDB/ActorsParent.cpp
--- a/dom/indexedDB/ActorsParent.cpp
+++ b/dom/indexedDB/ActorsParent.cpp
@@ -14823,22 +14823,19 @@ ObjectStoreAddOrPutRequestOp::DoDatabase
}
snappy::RawCompress(uncompressed, uncompressedLength, compressed,
&compressedLength);
uint8_t* dataBuffer = reinterpret_cast<uint8_t*>(compressed);
size_t dataBufferLength = compressedLength;
- // If this call succeeds, | compressed | is now owned by the statement, and
- // we are no longer responsible for it.
rv = stmt->BindAdoptedBlobByName(NS_LITERAL_CSTRING("data"), dataBuffer,
dataBufferLength);
if (NS_WARN_IF(NS_FAILED(rv))) {
- moz_free(compressed);
return rv;
}
}
nsCOMPtr<nsIFile> fileDirectory;
nsCOMPtr<nsIFile> journalDirectory;
if (mFileManager) {

View File

@ -1,69 +0,0 @@
Since openjpeg doesn't seem to ship with a .pc file, provide an alternative.
--- a/ojp2_cppflags.sh 1970-01-01 01:00:00.000000000 +0100
+++ b/ojp2_cppflags.sh 2014-09-13 22:56:38.842418777 +0200
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+# Return the preprocessor flags to link against openjpeg.
+
+cpppath=$(echo ${NIX_STORE}/*-openjpeg-*/include/openjpeg-*)
+
+echo -I$cpppath
--- a/ojp2_ldflags.sh 1970-01-01 01:00:00.000000000 +0100
+++ b/ojp2_ldflags.sh 2014-09-13 22:56:38.842418777 +0200
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+# Return the linker flags to link against openjpeg.
+
+ldpath=$(echo ${NIX_STORE}/*-openjpeg-*/lib)
+
+echo -L$ldpath -lopenjp2
Make use of the above alternatives, compile with gcc.
--- a/Makerules 2014-09-14 09:13:40.729149860 +0200
+++ b/Makerules 2014-09-14 09:17:06.425156595 +0200
@@ -75,12 +75,14 @@
SYS_FREETYPE_CFLAGS = $(shell pkg-config --cflags freetype2)
SYS_FREETYPE_LIBS = $(shell pkg-config --libs freetype2)
-SYS_OPENJPEG_CFLAGS = $(shell pkg-config --cflags libopenjp2)
-SYS_OPENJPEG_LIBS = $(shell pkg-config --libs libopenjp2)
+SYS_OPENJPEG_CFLAGS = $(shell ./ojp2_cppflags.sh)
+SYS_OPENJPEG_LIBS = $(shell ./ojp2_ldflags.sh)
SYS_JBIG2DEC_LIBS = -ljbig2dec
SYS_JPEG_LIBS = -ljpeg
SYS_ZLIB_LIBS = -lz
+CC = gcc
+
endif
# The following section is an example of how to simply do cross-compilation
Remove the -x11 from the built binaries, since X11 is implied on GNU. (This
might change when Wayland gets more popular)
--- a/Makefile 2014-06-10 17:09:28.000000000 +0200
+++ b/Makefile 2014-09-14 09:57:10.381235299 +0200
@@ -255,7 +255,7 @@
$(LINK_CMD)
ifeq "$(HAVE_X11)" "yes"
-MUVIEW_X11 := $(OUT)/mupdf-x11
+MUVIEW_X11 := $(OUT)/mupdf
MUVIEW_X11_OBJ := $(addprefix $(OUT)/platform/x11/, x11_main.o x11_image.o pdfapp.o)
$(MUVIEW_X11_OBJ) : $(FITZ_HDR) $(PDF_HDR)
$(MUVIEW_X11) : $(MUPDF_LIB) $(THIRD_LIBS)
@@ -263,7 +263,7 @@
$(LINK_CMD) $(X11_LIBS)
ifeq "$(HAVE_CURL)" "yes"
-MUVIEW_X11_CURL := $(OUT)/mupdf-x11-curl
+MUVIEW_X11_CURL := $(OUT)/mupdf-curl
MUVIEW_X11_CURL_OBJ := $(addprefix $(OUT)/platform/x11/curl/, x11_main.o x11_image.o pdfapp.o curl_stream.o)
$(MUVIEW_X11_CURL_OBJ) : $(FITZ_HDR) $(PDF_HDR)
$(MUVIEW_X11_CURL) : $(MUPDF_LIB) $(THIRD_LIBS) $(CURL_LIB)

View File

@ -0,0 +1,44 @@
Upstream fix for CVE-2015-6749.
https://trac.xiph.org/ticket/2212
From 04815d3e1bfae3a6cdfb2c25358a5a72b61299f7 Mon Sep 17 00:00:00 2001
From: Mark Harris <mark.hsj@gmail.com>
Date: Sun, 30 Aug 2015 05:54:46 -0700
Subject: [PATCH] oggenc: Fix large alloca on bad AIFF input
Fixes #2212
---
oggenc/audio.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/oggenc/audio.c b/oggenc/audio.c
index 477da8c..4921fb9 100644
--- a/oggenc/audio.c
+++ b/oggenc/audio.c
@@ -245,8 +245,8 @@ static int aiff_permute_matrix[6][6] =
int aiff_open(FILE *in, oe_enc_opt *opt, unsigned char *buf, int buflen)
{
int aifc; /* AIFC or AIFF? */
- unsigned int len;
- unsigned char *buffer;
+ unsigned int len, readlen;
+ unsigned char buffer[22];
unsigned char buf2[8];
aiff_fmt format;
aifffile *aiff = malloc(sizeof(aifffile));
@@ -269,9 +269,9 @@ int aiff_open(FILE *in, oe_enc_opt *opt, unsigned char *buf, int buflen)
return 0; /* Weird common chunk */
}
- buffer = alloca(len);
-
- if(fread(buffer,1,len,in) < len)
+ readlen = len < sizeof(buffer) ? len : sizeof(buffer);
+ if(fread(buffer,1,readlen,in) < readlen ||
+ (len > readlen && !seek_forward(in, len-readlen)))
{
fprintf(stderr, _("Warning: Unexpected EOF in reading AIFF header\n"));
return 0;
--
2.5.0

View File

@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU ;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr> ;;; Copyright © 2013, 2015, 2016 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2014, 2015 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2014, 2015 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org> ;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
@ -410,26 +410,18 @@ extracting content or merging files.")
(define-public mupdf (define-public mupdf
(package (package
(name "mupdf") (name "mupdf")
(version "1.6") (version "1.8")
(source (source
(origin (origin
(method url-fetch) (method url-fetch)
(uri (string-append "http://mupdf.com/downloads/archive/" (uri (string-append "http://mupdf.com/downloads/archive/"
name "-" version "-source.tar.gz")) name "-" version "-source.tar.gz"))
(sha256 (sha256
(base32 "0qx51rj6alzcagcixm59rvdpm54w6syrwr4184v439jh14ryw4wq")) (base32 "01n26cy41lc2fjri63s4js23ixxb4nd37aafry3hz4i4id6wd8x2"))
(patches
(list (search-patch "mupdf-buildsystem-fix.patch")))
(modules '((guix build utils))) (modules '((guix build utils)))
(snippet (snippet
'(begin
;; Don't build the bundled-in third party libraries. ;; Don't build the bundled-in third party libraries.
(delete-file-recursively "thirdparty") '(delete-file-recursively "thirdparty"))))
;; Make the scripts for finding openjpeg build details executable.
(chmod "ojp2_cppflags.sh" #o0755)
(chmod "ojp2_ldflags.sh" #o0755)))))
(build-system gnu-build-system) (build-system gnu-build-system)
(inputs (inputs
`(("curl" ,curl) `(("curl" ,curl)
@ -444,22 +436,12 @@ extracting content or merging files.")
(native-inputs (native-inputs
`(("pkg-config" ,pkg-config))) `(("pkg-config" ,pkg-config)))
(arguments (arguments
;; Trying to run `$ make check' results in a no rule fault. '(#:tests? #f ; no check target
'(#:tests? #f #:make-flags (list "CC=gcc"
"XCFLAGS=-fpic"
#:modules ((guix build gnu-build-system) (string-append "prefix=" (assoc-ref %outputs "out")))
(guix build utils) #:phases (modify-phases %standard-phases
(srfi srfi-1)) (delete 'configure))))
#:phases (alist-replace
'build
(lambda _ (zero? (system* "make" "XCFLAGS=-fpic")))
(alist-replace
'install
(lambda* (#:key outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out")))
(zero? (system* "make" (string-append "prefix=" out)
"install"))))
(alist-delete 'configure %standard-phases)))))
(home-page "http://mupdf.com") (home-page "http://mupdf.com")
(synopsis "Lightweight PDF viewer and toolkit") (synopsis "Lightweight PDF viewer and toolkit")
(description (description

View File

@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU ;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2015 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2013, 2015 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -98,14 +99,14 @@ anywhere.")
(define-public samba (define-public samba
(package (package
(name "samba") (name "samba")
(version "4.3.3") (version "4.3.6")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "https://www.samba.org/samba/ftp/stable/samba-" (uri (string-append "https://www.samba.org/samba/ftp/stable/samba-"
version ".tar.gz")) version ".tar.gz"))
(sha256 (sha256
(base32 (base32
"1pvh78d5magc7lriyx7v9k7crlgxccmsy2mqn0j9xcnb78qj2bg6")))) "0929fpk2pq4v389naai519xvsm9bzpar4jlgjxwlx1cnn6jyql9j"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(arguments (arguments
'(#:phases '(#:phases

View File

@ -115,7 +115,7 @@ a server that supports the SSH-2 protocol.")
(define-public openssh (define-public openssh
(package (package
(name "openssh") (name "openssh")
(version "7.2p1") (version "7.2p2")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (let ((tail (string-append name "-" version ".tar.gz"))) (uri (let ((tail (string-append name "-" version ".tar.gz")))
@ -126,7 +126,7 @@ a server that supports the SSH-2 protocol.")
(string-append "http://ftp2.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/" (string-append "http://ftp2.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/"
tail)))) tail))))
(sha256 (base32 (sha256 (base32
"1hsa1f3641pdj57a55gmnvcya3wwww2fc2cvb77y95rm5xxw6g4p")))) "132lh9aanb0wkisji1d6cmsxi520m8nh7c7i9wi6m1s3l38q29x7"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(inputs `(("groff" ,groff) (inputs `(("groff" ,groff)
("openssl" ,openssl) ("openssl" ,openssl)
@ -336,7 +336,7 @@ especially over Wi-Fi, cellular, and long-distance links.")
(define-public dropbear (define-public dropbear
(package (package
(name "dropbear") (name "dropbear")
(version "2015.71") (version "2016.72")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append (uri (string-append
@ -344,7 +344,7 @@ especially over Wi-Fi, cellular, and long-distance links.")
name "-" version ".tar.bz2")) name "-" version ".tar.bz2"))
(sha256 (sha256
(base32 (base32
"1bw3lzmisn6gs6zy9vcqbfnicl437ydskqcayklpw60fkhb18qip")))) "10fnlaf6rm537v3rml1gnd58d42plv2q5cp7svbrysap69npc8wk"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(arguments `(#:tests? #f)) ; There is no "make check" or anything similar (arguments `(#:tests? #f)) ; There is no "make check" or anything similar
(inputs `(("zlib" ,zlib))) (inputs `(("zlib" ,zlib)))

View File

@ -44,7 +44,6 @@
#:use-module (gnu packages python) #:use-module (gnu packages python)
#:use-module (gnu packages readline) #:use-module (gnu packages readline)
#:use-module (gnu packages ssh) #:use-module (gnu packages ssh)
#:use-module (gnu packages texlive)
#:use-module (gnu packages texinfo) #:use-module (gnu packages texinfo)
#:use-module (gnu packages tls) #:use-module (gnu packages tls)
#:use-module (gnu packages base) #:use-module (gnu packages base)

View File

@ -64,7 +64,7 @@
(sha256 (base32 (sha256 (base32
"1a3hpcg6x69ysqx432v6sk4alg0x34813cwk41frmvzprdajpyqy")))) "1a3hpcg6x69ysqx432v6sk4alg0x34813cwk41frmvzprdajpyqy"))))
(define-public texlive-bin (define texlive-bin
(package (package
(name "texlive-bin") (name "texlive-bin")
(version "2015") (version "2015")
@ -166,7 +166,7 @@ This package contains the binaries.")
(license (license:fsf-free "http://tug.org/texlive/copying.html")) (license (license:fsf-free "http://tug.org/texlive/copying.html"))
(home-page "http://www.tug.org/texlive/"))) (home-page "http://www.tug.org/texlive/")))
(define-public texlive-texmf (define texlive-texmf
(package (package
(name "texlive-texmf") (name "texlive-texmf")
(version "2015") (version "2015")

View File

@ -224,7 +224,7 @@ H.264 (MPEG-4 AVC) video streams.")
(define-public libass (define-public libass
(package (package
(name "libass") (name "libass")
(version "0.13.1") (version "0.13.2")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append (uri (string-append
@ -232,7 +232,7 @@ H.264 (MPEG-4 AVC) video streams.")
version "/libass-" version ".tar.xz")) version "/libass-" version ".tar.xz"))
(sha256 (sha256
(base32 (base32
"1rrz6is2blx8jqyydcz71y2f5f948blgx14jzi3an756fqc6p8sa")))) "1kpsw4zw95v4cjvild9wpk73dzavn1khsm3bm32kcz6amnkd166n"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(native-inputs (native-inputs
`(("pkg-config" ,pkg-config) `(("pkg-config" ,pkg-config)
@ -1304,7 +1304,7 @@ be used for realtime video capture via Linux-specific APIs.")
(define-public obs (define-public obs
(package (package
(name "obs") (name "obs")
(version "0.13.1") (version "0.13.2")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "https://github.com/jp9000/obs-studio" (uri (string-append "https://github.com/jp9000/obs-studio"
@ -1312,7 +1312,7 @@ be used for realtime video capture via Linux-specific APIs.")
(file-name (string-append name "-" version ".tar.gz")) (file-name (string-append name "-" version ".tar.gz"))
(sha256 (sha256
(base32 (base32
"1vsn4r3wzfdwjrn69kgx3c5wfx17i72nxdv298pq772fp4j2iy2r")))) "1awaqlhlzlqqnwqixw54z40hqcnr3fwlclq4vlsy2kvsfyqjfr2b"))))
(build-system cmake-build-system) (build-system cmake-build-system)
(arguments '(#:tests? #f)) ; no tests (arguments '(#:tests? #f)) ; no tests
(native-inputs (native-inputs

View File

@ -2,7 +2,7 @@
;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com> ;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
;;; Copyright © 2015 David Hashe <david.hashe@dhashe.com> ;;; Copyright © 2015 David Hashe <david.hashe@dhashe.com>
;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2015 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2015, 2016 Mark H Weaver <mhw@netris.org>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -53,14 +53,14 @@
(define-public webkitgtk (define-public webkitgtk
(package (package
(name "webkitgtk") (name "webkitgtk")
(version "2.10.7") (version "2.10.8")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "http://www.webkitgtk.org/releases/" (uri (string-append "http://www.webkitgtk.org/releases/"
name "-" version ".tar.xz")) name "-" version ".tar.xz"))
(sha256 (sha256
(base32 (base32
"0kl6a9v644vis69i0gpz88l82szi8zc842pzlqqxxpnn5v4643cr")))) "1a98z7fa8vxk7y2hlbnkl767908anyyxbwkyiar5gi037yr84dii"))))
(build-system cmake-build-system) (build-system cmake-build-system)
(arguments (arguments
'(#:tests? #f ; no tests '(#:tests? #f ; no tests

View File

@ -1,9 +1,10 @@
;;; GNU Guix --- Functional package management for GNU ;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr> ;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
;;; Copyright © 2015 Siniša Biđin <sinisa@bidin.eu> ;;; Copyright © 2015 Siniša Biđin <sinisa@bidin.eu>
;;; Copyright © 2015 Eric Bavier <bavier@member.fsf.org> ;;; Copyright © 2015, 2016 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2015 xd1le <elisp.vim@gmail.com> ;;; Copyright © 2015 xd1le <elisp.vim@gmail.com>
;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org> ;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
;;; Copyright © 2016 Danny Milosavljevic <dannym@scratchpost.org>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -21,7 +22,7 @@
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages wm) (define-module (gnu packages wm)
#:use-module (guix licenses) #:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages) #:use-module (guix packages)
#:use-module (gnu packages) #:use-module (gnu packages)
#:use-module (gnu packages linux) #:use-module (gnu packages linux)
@ -38,11 +39,14 @@
#:use-module (gnu packages xml) #:use-module (gnu packages xml)
#:use-module (gnu packages m4) #:use-module (gnu packages m4)
#:use-module (gnu packages docbook) #:use-module (gnu packages docbook)
#:use-module (gnu packages image)
#:use-module (gnu packages pcre) #:use-module (gnu packages pcre)
#:use-module (gnu packages gtk) #:use-module (gnu packages gtk)
#:use-module (gnu packages libevent) #:use-module (gnu packages libevent)
#:use-module (gnu packages fribidi)
#:use-module (gnu packages maths) #:use-module (gnu packages maths)
#:use-module (gnu packages web) #:use-module (gnu packages web)
#:use-module (gnu packages fontutils)
#:use-module (guix download) #:use-module (guix download)
#:use-module (guix git-download)) #:use-module (guix git-download))
@ -65,7 +69,7 @@ supports sections and (lists of) values (strings, integers, floats, booleans
or other sections), as well as some other features (such as or other sections), as well as some other features (such as
single/double-quoted strings, environment variable expansion, functions and single/double-quoted strings, environment variable expansion, functions and
nested include statements).") nested include statements).")
(license isc))) (license license:isc)))
(define-public bspwm (define-public bspwm
(package (package
@ -98,7 +102,7 @@ nested include statements).")
(synopsis "Tiling window manager based on binary space partitioning") (synopsis "Tiling window manager based on binary space partitioning")
(description "bspwm is a tiling window manager that represents windows as (description "bspwm is a tiling window manager that represents windows as
the leaves of a full binary tree.") the leaves of a full binary tree.")
(license bsd-2))) (license license:bsd-2)))
(define-public i3status (define-public i3status
(package (package
@ -135,7 +139,7 @@ update such a status line every second. This ensures that even under high
load, your status bar is updated correctly. Also, it saves a bit of energy by load, your status bar is updated correctly. Also, it saves a bit of energy by
not hogging your CPU as much as spawning the corresponding amount of shell not hogging your CPU as much as spawning the corresponding amount of shell
commands would.") commands would.")
(license bsd-3))) (license license:bsd-3)))
(define-public i3-wm (define-public i3-wm
(package (package
@ -182,7 +186,7 @@ commands would.")
(description "A tiling window manager, completely written (description "A tiling window manager, completely written
from scratch. i3 is primarily targeted at advanced users and from scratch. i3 is primarily targeted at advanced users and
developers.") developers.")
(license bsd-3))) (license license:bsd-3)))
(define-public xmonad (define-public xmonad
(package (package
@ -238,7 +242,7 @@ Custom layout algorithms, and other extensions, may be written by the user in
config files. Layouts are applied dynamically, and different layouts may be config files. Layouts are applied dynamically, and different layouts may be
used on each workspace. Xinerama is fully supported, allowing windows to be used on each workspace. Xinerama is fully supported, allowing windows to be
tiled on several screens.") tiled on several screens.")
(license bsd-3))) (license license:bsd-3)))
(define-public ghc-xmonad-contrib (define-public ghc-xmonad-contrib
(package (package
@ -267,7 +271,7 @@ tiled on several screens.")
(description (description
"Third party tiling algorithms, configurations, and scripts to Xmonad, a "Third party tiling algorithms, configurations, and scripts to Xmonad, a
tiling window manager for X.") tiling window manager for X.")
(license bsd-3))) (license license:bsd-3)))
(define-public evilwm (define-public evilwm
(package (package
@ -310,4 +314,54 @@ tiling window manager for X.")
"evilwm is a minimalist window manager based on aewm, extended to feature "evilwm is a minimalist window manager based on aewm, extended to feature
many keyboard controls with repositioning and maximize toggles, solid window many keyboard controls with repositioning and maximize toggles, solid window
drags, snap-to-border support, and virtual desktops.") drags, snap-to-border support, and virtual desktops.")
(license (x11-style "file:///README")))) (license (license:x11-style "file:///README"))))
(define-public fluxbox
(package
(name "fluxbox")
(version "1.3.7")
(synopsis "Small and fast window manager")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/fluxbox/"
version "/fluxbox-" version ".tar.xz"))
(sha256
(base32
"1h1f70y40qd225dqx937vzb4k2cz219agm1zvnjxakn5jkz7b37w"))))
(build-system gnu-build-system)
(arguments
`(#:make-flags '("CPPFLAGS=-U__TIME__") ;ugly, but for reproducibility
#:phases
(modify-phases %standard-phases
(add-after
'install 'install-xsession
(lambda _
(let ((xsessions (string-append %output "/share/xsessions")))
(mkdir-p xsessions)
(call-with-output-file
(string-append xsessions "/fluxbox.desktop")
(lambda (port)
(format port "~
[Desktop Entry]~@
Name=~a~@
Comment=~a~@
Exec=~a/bin/startfluxbox~@
Type=Application~%" ,name ,synopsis %output)))))))))
(native-inputs
`(("pkg-config" ,pkg-config)))
(inputs
`(("freetype" ,freetype)
("fribidi" ,fribidi)
("imlib2" ,imlib2)
("libx11" ,libx11)
("libxext" ,libxext)
("libxft" ,libxft)
("libxinerama" ,libxinerama)
("libxpm" ,libxpm)
("libxrandr" ,libxrandr)
("libxrender" ,libxrender)))
(description "Fluxbox is a window manager. It is light on resources
and easy to handle yet full of features to make an easy and fast desktop
experience.")
(home-page "http://fluxbox.org/")
(license license:expat)))

View File

@ -266,7 +266,8 @@ Kate stream.")
"vorbis-tools-" version ".tar.gz")) "vorbis-tools-" version ".tar.gz"))
(sha256 (sha256
(base32 (base32
"1g12bnh5ah08v529y72kfdz5lhvy75iaz7f9jskyby23m9dkk2d3")))) "1g12bnh5ah08v529y72kfdz5lhvy75iaz7f9jskyby23m9dkk2d3"))
(patches (list (search-patch "vorbis-tools-CVE-2015-6749.patch")))))
(build-system gnu-build-system) (build-system gnu-build-system)
(inputs `(("ao" ,ao) (inputs `(("ao" ,ao)
("curl" ,curl) ("curl" ,curl)

View File

@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU ;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -49,29 +49,45 @@
(id vulnerability-id) (id vulnerability-id)
(packages vulnerability-packages)) (packages vulnerability-packages))
(define %cve-feed-uri (define %now
(string->uri (current-date))
"https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-Modified.xml.gz")) (define %current-year
(date-year %now))
(define %past-year
(- %current-year 1))
(define %ttl (define (yearly-feed-uri year)
"Return the URI for the CVE feed for YEAR."
(string->uri
(string-append "https://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-"
(number->string year) ".xml.gz")))
(define %current-year-ttl
;; According to <https://nvd.nist.gov/download.cfm#CVE_FEED>, feeds are ;; According to <https://nvd.nist.gov/download.cfm#CVE_FEED>, feeds are
;; updated "approximately every two hours." ;; updated "approximately every two hours."
(* 3600 3)) (* 3600 3))
(define (call-with-cve-port proc) (define %past-year-ttl
;; Update the previous year's database more and more infrequently.
(* 3600 24 2 (date-month %now)))
(define (call-with-cve-port uri ttl proc)
"Pass PROC an input port from which to read the CVE stream." "Pass PROC an input port from which to read the CVE stream."
(let ((port (http-fetch/cached %cve-feed-uri #:ttl %ttl))) (let ((port (http-fetch/cached uri #:ttl ttl)))
(dynamic-wind (dynamic-wind
(const #t) (const #t)
(lambda () (lambda ()
(call-with-decompressed-port 'gzip port (call-with-decompressed-port 'gzip port
proc)) (lambda (port)
(setvbuf port _IOFBF 65536)
(proc port))))
(lambda () (lambda ()
(close-port port))))) (close-port port)))))
(define %cpe-package-rx (define %cpe-package-rx
;; For applications: "cpe:/a:VENDOR:PACKAGE:VERSION". ;; For applications: "cpe:/a:VENDOR:PACKAGE:VERSION", or sometimes
(make-regexp "^cpe:/a:([^:]+):([^:]+):([^:]+)")) ;; "cpe/a:VENDOR:PACKAGE:VERSION:PATCH-LEVEL".
(make-regexp "^cpe:/a:([^:]+):([^:]+):([^:]+)((:.+)?)"))
(define (cpe->package-name cpe) (define (cpe->package-name cpe)
"Converts the Common Platform Enumeration (CPE) string CPE to a package "Converts the Common Platform Enumeration (CPE) string CPE to a package
@ -80,7 +96,13 @@ CPE string."
(and=> (regexp-exec %cpe-package-rx (string-trim-both cpe)) (and=> (regexp-exec %cpe-package-rx (string-trim-both cpe))
(lambda (matches) (lambda (matches)
(cons (match:substring matches 2) (cons (match:substring matches 2)
(match:substring matches 3))))) (string-append (match:substring matches 3)
(match (match:substring matches 4)
("" "")
(patch-level
;; Drop the colon from things like
;; "cpe:/a:openbsd:openssh:6.8:p1".
(string-drop patch-level 1))))))))
(define %parse-vulnerability-feed (define %parse-vulnerability-feed
;; Parse the XML vulnerability feed from ;; Parse the XML vulnerability feed from
@ -135,12 +157,19 @@ vulnerability objects."
(define (current-vulnerabilities) (define (current-vulnerabilities)
"Return the current list of Common Vulnerabilities and Exposures (CVE) as "Return the current list of Common Vulnerabilities and Exposures (CVE) as
published by the US NIST." published by the US NIST."
(call-with-cve-port (define (read-vulnerabilities uri ttl)
(lambda (port) (call-with-cve-port uri ttl
;; XXX: The SSAX "error port" is used to send pointless warnings such as (lambda (port)
;; "warning: Skipping PI". Turn that off. ;; XXX: The SSAX "error port" is used to send pointless warnings such as
(parameterize ((current-ssax-error-port (%make-void-port "w"))) ;; "warning: Skipping PI". Turn that off.
(xml->vulnerabilities port))))) (parameterize ((current-ssax-error-port (%make-void-port "w")))
(xml->vulnerabilities port)))))
(append-map read-vulnerabilities
(list (yearly-feed-uri %past-year)
(yearly-feed-uri %current-year))
(list %past-year-ttl
%current-year-ttl)))
(define (vulnerabilities->lookup-proc vulnerabilities) (define (vulnerabilities->lookup-proc vulnerabilities)
"Return a lookup procedure built from VULNERABILITIES that takes a package "Return a lookup procedure built from VULNERABILITIES that takes a package
@ -174,4 +203,9 @@ a list of vulnerabilities affection the given package version."
'() '()
package table))) package table)))
;;; Local Variables:
;;; eval: (put 'call-with-cve-port 'scheme-indent-function 2)
;;; End:
;;; cve.scm ends here ;;; cve.scm ends here

View File

@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU ;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2014 Nikita Karetnikov <nikita@karetnikov.org> ;;; Copyright © 2014 Nikita Karetnikov <nikita@karetnikov.org>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
@ -32,6 +32,7 @@
#:use-module ((guix build utils) #:select (mkdir-p dump-port)) #:use-module ((guix build utils) #:select (mkdir-p dump-port))
#:use-module ((guix build download) #:use-module ((guix build download)
#:select (progress-proc uri-abbreviation #:select (progress-proc uri-abbreviation
open-connection-for-uri
store-path-abbreviation byte-count->string)) store-path-abbreviation byte-count->string))
#:use-module (ice-9 rdelim) #:use-module (ice-9 rdelim)
#:use-module (ice-9 regex) #:use-module (ice-9 regex)
@ -49,6 +50,7 @@
#:use-module (srfi srfi-34) #:use-module (srfi srfi-34)
#:use-module (srfi srfi-35) #:use-module (srfi srfi-35)
#:use-module (web uri) #:use-module (web uri)
#:use-module (web http)
#:use-module (web request) #:use-module (web request)
#:use-module (web response) #:use-module (web response)
#:use-module (guix http-client) #:use-module (guix http-client)
@ -171,7 +173,7 @@ to the caller without emitting an error message."
(let ((port (open-file (uri-path uri) (let ((port (open-file (uri-path uri)
(if buffered? "rb" "r0b")))) (if buffered? "rb" "r0b"))))
(values port (stat:size (stat port))))) (values port (stat:size (stat port)))))
((http) ((http https)
(guard (c ((http-get-error? c) (guard (c ((http-get-error? c)
(let ((code (http-get-error-code c))) (let ((code (http-get-error-code c)))
(if (and (= code 404) quiet-404?) (if (and (= code 404) quiet-404?)
@ -201,10 +203,13 @@ to the caller without emitting an error message."
(close-port port)))) (close-port port))))
(begin (begin
(when (or (not port) (port-closed? port)) (when (or (not port) (port-closed? port))
(set! port (open-socket-for-uri uri)) (set! port (open-connection-for-uri uri))
(unless buffered? (unless (or buffered? (not (file-port? port)))
(setvbuf port _IONBF))) (setvbuf port _IONBF)))
(http-fetch uri #:text? #f #:port port)))))))) (http-fetch uri #:text? #f #:port port))))))
(else
(leave (_ "unsupported substitute URI scheme: ~a~%")
(uri->string uri)))))
(define-record-type <cache-info> (define-record-type <cache-info>
(%make-cache-info url store-directory wants-mass-query?) (%make-cache-info url store-directory wants-mass-query?)
@ -475,8 +480,8 @@ may be #f, in which case it indicates that PATH is unavailable at CACHE-URL."
".narinfo"))) ".narinfo")))
(build-request (string->uri url) #:method 'GET))) (build-request (string->uri url) #:method 'GET)))
(define (http-multiple-get base-url proc seed requests) (define (http-multiple-get base-uri proc seed requests)
"Send all of REQUESTS to the server at BASE-URL. Call PROC for each "Send all of REQUESTS to the server at BASE-URI. Call PROC for each
response, passing it the request object, the response, a port from which to response, passing it the request object, the response, a port from which to
read the response body, and the previous result, starting with SEED, à la read the response body, and the previous result, starting with SEED, à la
'fold'. Return the final result." 'fold'. Return the final result."
@ -484,11 +489,23 @@ read the response body, and the previous result, starting with SEED, à la
(result seed)) (result seed))
;; (format (current-error-port) "connecting (~a requests left)..." ;; (format (current-error-port) "connecting (~a requests left)..."
;; (length requests)) ;; (length requests))
(let ((p (open-socket-for-uri base-url))) (let ((p (open-connection-for-uri base-uri)))
;; For HTTPS, P is not a file port and does not support 'setvbuf'.
(when (file-port? p)
(setvbuf p _IOFBF (expt 2 16)))
;; Send all of REQUESTS in a row. ;; Send all of REQUESTS in a row.
(setvbuf p _IOFBF (expt 2 16)) ;; XXX: Do our own caching to work around inefficiencies when
(for-each (cut write-request <> p) requests) ;; communicating over TLS: <http://bugs.gnu.org/22966>.
(force-output p) (let-values (((buffer get) (open-bytevector-output-port)))
;; On Guile > 2.0.9, inherit the HTTP proxying property from P.
(when (module-variable (resolve-interface '(web http))
'http-proxy-port?)
(set-http-proxy-port?! buffer (http-proxy-port? p)))
(for-each (cut write-request <> buffer) requests)
(put-bytevector p (get))
(force-output p))
;; Now start processing responses. ;; Now start processing responses.
(let loop ((requests requests) (let loop ((requests requests)
@ -567,10 +584,10 @@ if file doesn't exist, and the narinfo otherwise."
(define (do-fetch uri) (define (do-fetch uri)
(case (and=> uri uri-scheme) (case (and=> uri uri-scheme)
((http) ((http https)
(let ((requests (map (cut narinfo-request url <>) paths))) (let ((requests (map (cut narinfo-request url <>) paths)))
(update-progress!) (update-progress!)
(let ((result (http-multiple-get url (let ((result (http-multiple-get uri
handle-narinfo-response '() handle-narinfo-response '()
requests))) requests)))
(newline (current-error-port)) (newline (current-error-port))

View File

@ -410,6 +410,12 @@ interpreted."
(define (call-with-error-handling thunk) (define (call-with-error-handling thunk)
"Call THUNK within a user-friendly error handler." "Call THUNK within a user-friendly error handler."
(define (port-filename* port)
;; 'port-filename' returns #f for non-file ports, but it raises an
;; exception for file ports that are closed. Work around that.
(and (not (port-closed? port))
(port-filename port)))
(guard (c ((package-input-error? c) (guard (c ((package-input-error? c)
(let* ((package (package-error-package c)) (let* ((package (package-error-package c))
(input (package-error-invalid-input c)) (input (package-error-invalid-input c))
@ -440,9 +446,9 @@ interpreted."
(port (nar-error-port c))) (port (nar-error-port c)))
(if file (if file
(leave (_ "corrupt input while restoring '~a' from ~s~%") (leave (_ "corrupt input while restoring '~a' from ~s~%")
file (or (port-filename port) port)) file (or (port-filename* port) port))
(leave (_ "corrupt input while restoring archive from ~s~%") (leave (_ "corrupt input while restoring archive from ~s~%")
(or (port-filename port) port))))) (or (port-filename* port) port)))))
((nix-connection-error? c) ((nix-connection-error? c)
(leave (_ "failed to connect to `~a': ~a~%") (leave (_ "failed to connect to `~a': ~a~%")
(nix-connection-error-file c) (nix-connection-error-file c)