guix/gnu/packages/patches/icecat-CVE-2015-7214.patch
Mark H Weaver 3faf214a0b gnu: icecat: Add fixes for several security flaws.
* gnu/packages/patches/icecat-CVE-2015-7201-pt1.patch,
  gnu/packages/patches/icecat-CVE-2015-7201-pt2.patch,
  gnu/packages/patches/icecat-CVE-2015-7201-pt3.patch,
  gnu/packages/patches/icecat-CVE-2015-7205.patch,
  gnu/packages/patches/icecat-CVE-2015-7210.patch,
  gnu/packages/patches/icecat-CVE-2015-7212.patch,
  gnu/packages/patches/icecat-CVE-2015-7213-pt1.patch,
  gnu/packages/patches/icecat-CVE-2015-7213-pt2.patch,
  gnu/packages/patches/icecat-CVE-2015-7214.patch,
  gnu/packages/patches/icecat-CVE-2015-7222-pt1.patch,
  gnu/packages/patches/icecat-CVE-2015-7222-pt2.patch,
  gnu/packages/patches/icecat-CVE-2015-7222-pt3.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
2015-12-17 14:12:06 -05:00

47 lines
1.5 KiB
Diff

From 487799700b0b676c2c6b95ad33c8afb8dbd329d8 Mon Sep 17 00:00:00 2001
From: Bobby Holley <bobbyholley@gmail.com>
Date: Mon, 14 Dec 2015 15:36:20 -0500
Subject: [PATCH] Bug 1228950 - Disallow scheme sets on nsHostObjectURI. r=bz,
a=lizzard
---
dom/base/nsHostObjectURI.cpp | 9 +++++++++
dom/base/nsHostObjectURI.h | 2 ++
2 files changed, 11 insertions(+)
diff --git a/dom/base/nsHostObjectURI.cpp b/dom/base/nsHostObjectURI.cpp
index 94b02ff..57b0209 100644
--- a/dom/base/nsHostObjectURI.cpp
+++ b/dom/base/nsHostObjectURI.cpp
@@ -81,6 +81,15 @@ nsHostObjectURI::Write(nsIObjectOutputStream* aStream)
true);
}
+NS_IMETHODIMP
+nsHostObjectURI::SetScheme(const nsACString& aScheme)
+{
+ // Disallow setting the scheme, since that could cause us to be associated
+ // with a different protocol handler that doesn't expect us to be carrying
+ // around a principal with nsIURIWithPrincipal.
+ return NS_ERROR_FAILURE;
+}
+
// nsIURI methods:
nsresult
nsHostObjectURI::CloneInternal(nsSimpleURI::RefHandlingEnum aRefHandlingMode,
diff --git a/dom/base/nsHostObjectURI.h b/dom/base/nsHostObjectURI.h
index b468d5d..23ff7ab 100644
--- a/dom/base/nsHostObjectURI.h
+++ b/dom/base/nsHostObjectURI.h
@@ -34,6 +34,8 @@ public:
NS_DECL_NSISERIALIZABLE
NS_DECL_NSICLASSINFO
+ NS_IMETHOD SetScheme(const nsACString &aProtocol) override;
+
// Override CloneInternal() and EqualsInternal()
virtual nsresult CloneInternal(RefHandlingEnum aRefHandlingMode,
nsIURI** aClone) override;
--
2.6.3