Unverified Commit e0e6bfd7 authored by Georg Koppen's avatar Georg Koppen
Browse files

Applying patch for bug 24052

parent eec1680f
From c5d1bb91512f9dd20e0f54c6f3e6979588cf9f56 Mon Sep 17 00:00:00 2001
From: Georg Koppen <gk@torproject.org>
Date: Fri, 27 Oct 2017 20:40:57 +0000
Subject: [PATCH] Bug 24052: Streamline handling of file:// resources
We should make sure restrictions regarding loading of file:// resources
are adhered to more strictly, at least on *nix platforms.
This is a workaround for
https://bugzilla.mozilla.org/show_bug.cgi?id=1412081.
diff --git a/netwerk/base/nsIOService.cpp b/netwerk/base/nsIOService.cpp
index 0da79c18ae41..0cc67da7b18f 100644
--- a/netwerk/base/nsIOService.cpp
+++ b/netwerk/base/nsIOService.cpp
@@ -789,12 +789,20 @@ nsIOService::NewChannelFromURIWithProxyFlagsInternal(nsIURI* aURI,
// if calling newChannel2() fails we try to fall back to
// creating a new channel by calling NewChannel().
if (NS_FAILED(rv)) {
+#ifdef XP_UNIX
+ if (rv == NS_ERROR_FILE_TARGET_DOES_NOT_EXIST) {
+ return rv;
+ } else {
+#endif
rv = handler->NewChannel(aURI, getter_AddRefs(channel));
NS_ENSURE_SUCCESS(rv, rv);
// The protocol handler does not implement NewChannel2, so
// maybe we need to wrap the channel (see comment in MaybeWrap
// function).
channel = nsSecCheckWrapChannel::MaybeWrap(channel, aLoadInfo);
+#ifdef XP_UNIX
+ }
+#endif
}
}
diff --git a/netwerk/protocol/file/nsFileProtocolHandler.cpp b/netwerk/protocol/file/nsFileProtocolHandler.cpp
index e55cb9d47460..c24c928b6f02 100644
--- a/netwerk/protocol/file/nsFileProtocolHandler.cpp
+++ b/netwerk/protocol/file/nsFileProtocolHandler.cpp
@@ -188,6 +188,13 @@ nsFileProtocolHandler::NewChannel2(nsIURI* uri,
nsILoadInfo* aLoadInfo,
nsIChannel** result)
{
+#ifdef XP_UNIX
+ if (aLoadInfo && aLoadInfo->TriggeringPrincipal()) {
+ if (aLoadInfo->TriggeringPrincipal()->GetIsCodebasePrincipal()) {
+ return NS_ERROR_FILE_TARGET_DOES_NOT_EXIST;
+ }
+ }
+#endif
nsFileChannel *chan = new nsFileChannel(uri);
if (!chan)
return NS_ERROR_OUT_OF_MEMORY;
--
2.14.2
......@@ -86,6 +86,10 @@ fi
export CC='gcc -m32'
[% END -%]
[% IF c("var/linux") || c("var/osx") %]
patch -p1 < $rootdir/24052.patch
[% END -%]
rm -f configure
rm -f js/src/configure
make -f client.mk configure CONFIGURE_ARGS="--with-tor-browser-version=[% c("var/torbrowser_version") %] --with-distribution-id=org.torproject --enable-update-channel=[% c("var/torbrowser_update_channel") %] --enable-bundled-fonts"
......
......@@ -81,6 +81,8 @@ input_files:
enable: '[% c("var/linux") %]'
- filename: fix-info-plist.py
enable: '[% c("var/osx") %]'
- filename: 24052.patch
enable: '[% c("var/linux") || c("var/osx") %]'
- URL: https://people.torproject.org/~gk/mirrors/sources/msvcr100.dll
sha256sum: 8793353461826fbd48f25ea8b835be204b758ce7510db2af631b28850355bd18
enable: '[% c("var/windows") %]'
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment