guix/gnu/packages/patches/icecat-CVE-2015-4489.patch
Mark H Weaver c037a0f7ce gnu: icecat: Add fixes for CVE-2015-{4473,4482,4488,4489,4491,4492}.
WARNING: CVE-2015-4473 may not be fully addressed here, because I was unable
to backport some of the patches (for upstream bugs 1182711 and 1146213).  I
was also unable to backport CVE-2015-4484 (upstream bug 1171540) and
CVE-2015-4487 (upstream bug 1171603).  I was unable to find any commit in the
upstream repository that claims to address bug 1105914 (CVE-2015-4478).

* gnu/packages/patches/icecat-CVE-2015-4473-partial.patch,
  gnu/packages/patches/icecat-CVE-2015-4482.patch,
  gnu/packages/patches/icecat-CVE-2015-4488.patch,
  gnu/packages/patches/icecat-CVE-2015-4489.patch,
  gnu/packages/patches/icecat-CVE-2015-4491.patch,
  gnu/packages/patches/icecat-CVE-2015-4492.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
2015-08-12 20:37:44 -04:00

21 lines
878 B
Diff

Backported to icecat-31.8 from the upstream esr38 branch.
From 95231c1bca9c9495393b795513bea71a21a6ec2f Mon Sep 17 00:00:00 2001
From: Birunthan Mohanathas <birunthan@mohanathas.com>
Date: Tue, 21 Jul 2015 09:42:58 -0700
Subject: [PATCH] Bug 1182723 - Properly handle self-assignment in
nsTArray::operator=. r=mccr8, a=abillings
--- icecat-31.8.0/xpcom/glue/nsTArray.h.orig 2015-08-12 16:03:56.353746969 -0400
+++ icecat-31.8.0/xpcom/glue/nsTArray.h 2015-08-12 16:06:52.144553848 -0400
@@ -811,7 +811,9 @@
// array. It is optimized to reuse existing storage if possible.
// @param other The array object to copy.
self_type& operator=(const self_type& other) {
- ReplaceElementsAt(0, Length(), other.Elements(), other.Length());
+ if (this != &other) {
+ ReplaceElementsAt(0, Length(), other.Elements(), other.Length());
+ }
return *this;
}