September 2017 - tbb-commits - lists.torproject.org

[tor-browser/tor-browser-52.3.0esr-7.5-2] Bug 366945 - Disable middlemouse.contentLoadURL by default on UNIX and Android, r=gijs
by gk＠torproject.org 22 Sep '17

22 Sep '17

commit 993944794e48e93074842e127ec1b9b6c34c1ef8 Author: Kiril Vladimiroff <kiril(a)vladimiroff.org> Date: Tue Sep 5 15:03:16 2017 +0300 Bug 366945 - Disable middlemouse.contentLoadURL by default on UNIX and Android, r=gijs MozReview-Commit-ID: FXniFjoU9RJ --HG-- extra : rebase_source : 6fb36272b7779c52854e7e952725e528b7c9346a --- modules/libpref/init/all.js | 2 -- 1 file changed, 2 deletions(-) diff --git a/modules/libpref/init/all.js b/modules/libpref/init/… [View More]

1 0

[tor-browser/tor-browser-52.3.0esr-7.5-2] fixup! bug 23104 - Add a default line height compensation
by gk＠torproject.org 22 Sep '17

22 Sep '17

commit 125ac5c7c4259be3d0bfa9da6fe5a6466ee975cb Author: Georg Koppen <gk(a)torproject.org> Date: Fri Sep 22 06:59:35 2017 +0000 fixup! bug 23104 - Add a default line height compensation --- tbb-tests/test_tor_bug23104.html | 1 - 1 file changed, 1 deletion(-) diff --git a/tbb-tests/test_tor_bug23104.html b/tbb-tests/test_tor_bug23104.html index c2e4a51f1f75..77d7d190d7c8 100644 --- a/tbb-tests/test_tor_bug23104.html +++ b/tbb-tests/test_tor_bug23104.html @@ -49,4 +49,3 @@ … [View More]

1 0

[tor-browser/tor-browser-52.3.0esr-7.5-2] bug 23104 - Add a default line height compensation
by gk＠torproject.org 22 Sep '17

22 Sep '17

commit 323d2525fcd2de963a2e291eab91d5ca9ea7ac9b Author: igt0 <igt0-tor(a)gmail.com> Date: Sat Sep 16 16:50:17 2017 -0300 bug 23104 - Add a default line height compensation Many fonts have issues with their vertical metrics. they are used to influence the height of ascenders and depth of descenders. Gecko uses it to calculate the line height (font height + ascender + descender), however because of that idiosyncratic behavior across multiple operating … [View More]systems, it can be used to identify the user's OS. The solution proposed in the patch uses a default factor to be multiplied with the font size, simulating the concept of ascender and descender. This way all operating systems will have the same line height. --- layout/generic/ReflowInput.cpp | 6 +++++ tbb-tests/mochitest.ini | 1 + tbb-tests/test_tor_bug23104.html | 52 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 59 insertions(+) diff --git a/layout/generic/ReflowInput.cpp b/layout/generic/ReflowInput.cpp index 42f4a24b5314..e219ae032cc6 100644 --- a/layout/generic/ReflowInput.cpp +++ b/layout/generic/ReflowInput.cpp @@ -30,6 +30,7 @@ #include "CounterStyleManager.h" #include <algorithm> #include "mozilla/dom/HTMLInputElement.h" +#include "nsContentUtils.h" #ifdef DEBUG #undef NOISY_VERTICAL_ALIGN @@ -2768,6 +2769,11 @@ GetNormalLineHeight(nsFontMetrics* aFontMetrics) nscoord externalLeading = aFontMetrics->ExternalLeading(); nscoord internalLeading = aFontMetrics->InternalLeading(); nscoord emHeight = aFontMetrics->EmHeight(); + + if (nsContentUtils::ShouldResistFingerprinting()) { + return NSToCoordRound(emHeight * NORMAL_LINE_HEIGHT_FACTOR); + } + switch (GetNormalLineHeightCalcControl()) { case eIncludeExternalLeading: normalLineHeight = emHeight+ internalLeading + externalLeading; diff --git a/tbb-tests/mochitest.ini b/tbb-tests/mochitest.ini index 3d2e7c9db803..fca972a51211 100644 --- a/tbb-tests/mochitest.ini +++ b/tbb-tests/mochitest.ini @@ -10,3 +10,4 @@ support-files = [test_tor_bug2875.html] [test_tor_bug4755.html] [test_tor_bug5856.html] +[test_tor_bug23104.html] diff --git a/tbb-tests/test_tor_bug23104.html b/tbb-tests/test_tor_bug23104.html new file mode 100644 index 000000000000..c2e4a51f1f75 --- /dev/null +++ b/tbb-tests/test_tor_bug23104.html @@ -0,0 +1,52 @@ +<!DOCTYPE HTML> +<meta charset="UTF-8"> +<html> +<head> + <title>Test for Tor Bug #23104: CSS line-height reveals the platform Tor browser is running</title> + <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="application/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <style type="text/css"> + span { + background-color: #000; + color: #fff; + font-size: 16.5px; + } + </style> +</head> +<body> +<span id="test1">Test1</span> +<span id="test2">كلمة</span> +<span id="test3">ação</span> +<script type="application/javascript;version=1.7"> + +let setPref = function* (key, value) { + return new Promise(function(resolve, reject) { + SpecialPowers.pushPrefEnv({"set": [[key, value]]}, resolve); + }); +} + +function getStyle(el, styleprop) { + el = document.getElementById(el); + return document.defaultView.getComputedStyle(el, null).getPropertyValue(styleprop); +} + +function validateElement(elementName, isFingerprintResistent) { + var fontSize = getStyle(elementName, 'font-size'); + var lineHeight = getStyle(elementName, 'line-height'); + var validationCb = isFingerprintResistent ? is : isnot; + validationCb(parseFloat(lineHeight), Math.ceil(parseFloat(fontSize)) * 1.2, 'Line Height validation'); +} + +add_task(function* () { + for (let resistFingerprintingValue of [true, false]) { + yield setPref("privacy.resistFingerprinting", resistFingerprintingValue); + for (let elementId of ['test1', 'test2', 'test3']) { + validateElement(elementId, resistFingerprintingValue); + } + } +}); + +</script> +</body> +</html> + [View Less]

1 0

[tor-browser-build/master] Bug 16010: Enabling the sandbox on Windows
by gk＠torproject.org 21 Sep '17

21 Sep '17

commit 682966b5b0faf438e69f61092487a6ea99534525 Author: Georg Koppen <gk(a)torproject.org> Date: Tue Sep 19 14:32:36 2017 +0000 Bug 16010: Enabling the sandbox on Windows --- projects/firefox/mozconfig-windows-i686 | 3 --- 1 file changed, 3 deletions(-) diff --git a/projects/firefox/mozconfig-windows-i686 b/projects/firefox/mozconfig-windows-i686 index af30573..dfb3326 100644 --- a/projects/firefox/mozconfig-windows-i686 +++ b/projects/firefox/mozconfig-windows-i686 @@ -18,9 +18,… [View More]

1 0

[torbutton/master] Bug 23483: Donation banner on about:tor for 2017
by gk＠torproject.org 21 Sep '17

21 Sep '17

commit b3ff9863db338b2bd612f109e8bbce4c4af7cbd0 Author: Arthur Edelstein <arthuredelstein(a)gmail.com> Date: Mon Sep 18 16:42:07 2017 -0700 Bug 23483: Donation banner on about:tor for 2017 (Also removes a dot from aboutTor.donationBanner.slogan) --- src/chrome/content/aboutTor/aboutTor-content.js | 5 ++ src/chrome/content/aboutTor/aboutTor.xhtml | 19 +++- src/chrome/content/aboutTor/donation_banner.js | 105 ++++++++++++++++++++++ src/chrome/content/aboutTor/… [View More]onion-hand.png | Bin 0 -> 69055 bytes src/chrome/content/torbutton.js | 4 +- src/chrome/locale/en/aboutTor.properties | 2 +- src/chrome/skin/donation_banner.css | 113 ++++++++++++++++++++++++ src/modules/donation-banner.js | 112 +++++++++++++++++++++++ 8 files changed, 357 insertions(+), 3 deletions(-) diff --git a/src/chrome/content/aboutTor/aboutTor-content.js b/src/chrome/content/aboutTor/aboutTor-content.js index ec515bb..95e8abd 100644 --- a/src/chrome/content/aboutTor/aboutTor-content.js +++ b/src/chrome/content/aboutTor/aboutTor-content.js @@ -105,6 +105,11 @@ var AboutTorListener = { else body.removeAttribute("showmanual"); + if (aData.bannerData) + body.setAttribute("banner-data", aData.bannerData); + else + body.removeAttribute("banner-data"); + // Setting body.initialized="yes" displays the body, which must be done // at this point because our remaining initialization depends on elements // being visible so that their size and position are accurate. diff --git a/src/chrome/content/aboutTor/aboutTor.xhtml b/src/chrome/content/aboutTor/aboutTor.xhtml index 7ae4b8b..367f9a6 100644 --- a/src/chrome/content/aboutTor/aboutTor.xhtml +++ b/src/chrome/content/aboutTor/aboutTor.xhtml @@ -21,6 +21,8 @@ <title>&aboutTor.title;</title> <link rel="stylesheet" type="text/css" media="all" href="resource://torbutton/chrome/skin/aboutTor.css"/> + <link rel="stylesheet" type="text/css" media="all" + href="resource://torbutton/chrome/skin/donation_banner.css"/> <script type="text/javascript;version=1.7"> <![CDATA[ window.addEventListener("pageshow", function() { @@ -31,6 +33,21 @@ window.addEventListener("pageshow", function() { </script> </head> <body dir="&locale.dir;"> + <div id="banner"> + <div id="banner-contents-container"> + <div id="banner-tagline"><span></span></div> + <div id="banner-slogan"><span></span></div> + <a id="banner-donate-button-link" + href="https://www.torproject.org/donate/donate-tbb"> + <div id="banner-donate-button"> + <div id="banner-donate-button-inner"> + <span></span> + </div> + </div> + </a> + </div> + </div> + <div id="banner-spacer"></div> <div id="torstatus" class="top"> <div id="torstatus-version"/> <div id="torstatus-image"/> @@ -112,6 +129,6 @@ window.addEventListener("pageshow", function() { <p>&aboutTor.footer.label; <a href="&aboutTor.learnMore.link;">&aboutTor.learnMore.label;</a></p> </div> - + <script src="resource://torbutton/chrome/content/aboutTor/donation_banner.js"></script> </body> </html> diff --git a/src/chrome/content/aboutTor/donation_banner.js b/src/chrome/content/aboutTor/donation_banner.js new file mode 100644 index 0000000..1c95822 --- /dev/null +++ b/src/chrome/content/aboutTor/donation_banner.js @@ -0,0 +1,105 @@ +/* jshint esnext:true */ + +let sel = selector => document.querySelector(selector); + +// Shrink the font size if the text in the given element is overflowing. +let fitTextInElement = function (element) { + element.style.fontSize = "8px"; + let defaultWidth = element.scrollWidth, + defaultHeight = element.scrollHeight; + let bestSize; + for (let testSize = 8; testSize <= 40; testSize += 0.5) { + element.style.fontSize = `${testSize}px`; + if (element.scrollWidth <= defaultWidth && + element.scrollHeight <= defaultHeight) { + bestSize = testSize; + } else { + break; + } + } + element.style.fontSize = `${bestSize}px`; +}; + +// Increase padding at end to "squeeze" text, until just before +// it gets squeezed so much that it gets longer vertically. +let avoidWidows = function (element) { + element.style.paddingRight = "0px"; + let originalWidth = element.scrollWidth; + let originalHeight = element.scrollHeight; + let bestPadding; + for (let testPadding = 0; testPadding < originalWidth; testPadding += 0.5) { + element.style.paddingRight = `${testPadding}px`; + if (element.scrollHeight <= originalHeight) { + bestPadding = testPadding; + } else { + break; + } + } + element.style.paddingRight = `${bestPadding}px`; + if (window.getComputedStyle(element).direction === "rtl") { + element.style.paddingLeft = element.style.paddingRight; + element.style.paddingRight = "0px"; + } +}; + +// Resize the text inside banner to fit. +let updateTextSizes = function () { + fitTextInElement(sel("#banner-tagline")); + fitTextInElement(sel("#banner-slogan")); + fitTextInElement(sel("#banner-donate-button-inner")); + avoidWidows(sel("#banner-tagline span")); +}; + +// Returns a random integer x, such that 0 <= x < max +let randomInteger = max => Math.floor(max * Math.random()); + +// The main donation banner function. +let runDonationBanner = function ({ taglines, slogan, donate, shortLocale }) { + try { + sel("#banner-tagline span").innerText = taglines[randomInteger(taglines.length)]; + sel("#banner-slogan span").innerText = slogan; + let donateButtonText = sel("#banner-donate-button-inner span"); + let rtl = window.getComputedStyle(donateButtonText).direction === "rtl"; + donateButtonText.innerHTML = donate + " " + (rtl ? "◀" : "▶"); + sel("#banner").style.display = "flex"; + sel("#banner-spacer").style.display = "block"; + addEventListener("resize", updateTextSizes); + updateTextSizes(); + // Add a suffix corresponding to locale so we can send user + // to a correctly-localized donation page via redirect. + sel("#banner-donate-button-link").href += "-" + shortLocale; + sel("#torstatus-image").style.display = "none"; + } catch (e) { + // Something went wrong. + console.error(e); + sel("#banner").style.display = "none"; + sel("#bannerSpacer").style.display = "none"; + sel("#torstatus-image").style.display = "block"; + } +}; + +// Calls callback(attributeValue) when the specified attribute changes on +// target. Returns a zero-arg function that stops observing. +let observeAttribute = function (target, attributeName, callback) { + let observer = new MutationObserver(mutations => { + mutations.forEach(mutation => { + if (mutation.type === "attributes" && + mutation.attributeName === attributeName) { + callback(target.getAttribute(attributeName)); + } + }); + }); + observer.observe(target, { attributes: true }); + return () => observer.disconnect(); +}; + +// Start the donation banner if "toron" has been set to "yes". +let stopObserving = observeAttribute(document.body, "toron", value => { + stopObserving(); + if (value === "yes") { + let bannerDataJSON = document.body.getAttribute("banner-data"); + if (bannerDataJSON && bannerDataJSON.length > 0) { + runDonationBanner(JSON.parse(bannerDataJSON)); + } + } +}); diff --git a/src/chrome/content/aboutTor/onion-hand.png b/src/chrome/content/aboutTor/onion-hand.png new file mode 100644 index 0000000..00a5a41 Binary files /dev/null and b/src/chrome/content/aboutTor/onion-hand.png differ diff --git a/src/chrome/content/torbutton.js b/src/chrome/content/torbutton.js index db6b694..955f8eb 100644 --- a/src/chrome/content/torbutton.js +++ b/src/chrome/content/torbutton.js @@ -13,6 +13,7 @@ let { showDialog } = Cu.import("resource://torbutton/modules/utils.js", {}); let { unescapeTorString } = Cu.import("resource://torbutton/modules/utils.js", {}); let SecurityPrefs = Cu.import("resource://torbutton/modules/security-prefs.js", {}); let { bindPrefAndInit, observe } = Cu.import("resource://torbutton/modules/utils.js", {}); +let { bannerData } = Cu.import("resource://torbutton/modules/donation-banner.js", {}); const k_tb_last_browser_version_pref = "extensions.torbutton.lastBrowserVersion"; const k_tb_browser_update_needed_pref = "extensions.torbutton.updateNeeded"; @@ -450,7 +451,8 @@ var torbutton_abouttor_message_handler = { torOn: torbutton_tor_check_ok(), updateNeeded: torbutton_update_is_needed(), showManual: torbutton_show_torbrowser_manual(), - toolbarButtonXPos: torbutton_get_toolbarbutton_xpos() + toolbarButtonXPos: torbutton_get_toolbarbutton_xpos(), + bannerData: bannerData(), }; }, diff --git a/src/chrome/locale/en/aboutTor.properties b/src/chrome/locale/en/aboutTor.properties index 4436e21..d0d3a64 100644 --- a/src/chrome/locale/en/aboutTor.properties +++ b/src/chrome/locale/en/aboutTor.properties @@ -10,7 +10,7 @@ aboutTor.searchDDG.search.link=https://duckduckgo.com/ aboutTor.donationBanner.donate=Donate Now! -aboutTor.donationBanner.slogan=Tor: Powering Digital Resistance. +aboutTor.donationBanner.slogan=Tor: Powering Digital Resistance aboutTor.donationBanner.mozilla=Give today and Mozilla will match your gift! aboutTor.donationBanner.tagline1=Protecting Journalists, Whistleblowers, & Activists Since 2006 diff --git a/src/chrome/skin/donation_banner.css b/src/chrome/skin/donation_banner.css new file mode 100644 index 0000000..8580066 --- /dev/null +++ b/src/chrome/skin/donation_banner.css @@ -0,0 +1,113 @@ +#banner { + -khtml-user-select: none; /* Konqueror */ + -moz-user-select: none; /* Firefox */ + -ms-user-select: none; /* Internet Explorer/Edge */ + -webkit-touch-callout: none; /* iOS Safari */ + -webkit-user-select: none; /* Chrome/Safari/Opera */ + display: none; + height: 150px; + justify-content: center; + left: 0px; + margin-top: 0px; + min-width: 900px; + opacity: 1; + position: absolute; + user-select: none; + width: 100%; + z-index: 1; +} +#banner:before { + background-color: #406; + background-image: url('resource://torbutton/chrome/content/aboutTor/onion-hand.png'); + background-position: center; + background-size: cover; + content: ""; + height: 150px; + left: 0px; + position: absolute; + top: 0px; + width: 100%; +} +#banner:-moz-dir(rtl):before { + transform: scaleX(-1); +} +#banner-contents-container { + align-items: center; + height: 100%; + max-width: 700px; + position: relative; + width: 700px; +} +#banner-tagline { + align-items: center; + bottom: 60px; + color: white; + display: flex; + font-family: monospace; + font-size: 8px; + font-weight: bold; + left: 85px; + position: absolute; + right: 0px; + text-align: start; + text-transform: uppercase; + top: 10px; +} +#banner-tagline:-moz-dir(rtl) { + left: 0px; + right: 85px; +} +#banner-slogan { + align-items: start; + bottom: 0px; + color: #f8f8a0; + display: flex; + font-family: monospace; + font-weight: bold; + left: 85px; + position: absolute; + right: 285px; + text-align: start; + top: 100px; + white-space: nowrap; +} +#banner-slogan:-moz-dir(rtl) { + left: 285px; + right: 85px; +} +#banner-donate-button { + background-color: #13a513; + border: 0px; + bottom: 10px; + color: #fbf7ef; + font-family: sans-serif; + font-size: 12px; + font-weight: bold; + left: 430px; + letter-spacing: -0.00em; + position: absolute; + right: 0px; + top: 100px; +} +#banner-donate-button:-moz-dir(rtl) { + left: 0px; + right: 430px; +} +#banner-donate-button:hover { + background-color: #38bc38; +} +#banner-donate-button-inner { + bottom: 6px; + display: flex; + justify-content: center; + left: 8px; + position: absolute; + right: 8px; + top: 6px; +} +#banner-spacer { + display: none; + height: 150px; + position: relative; + top: 0; +} diff --git a/src/modules/donation-banner.js b/src/modules/donation-banner.js new file mode 100644 index 0000000..bb35e86 --- /dev/null +++ b/src/modules/donation-banner.js @@ -0,0 +1,112 @@ +/* jshint esversion:6 */ + +const Cu = Components.utils; + +// ### Import Mozilla Services +Cu.import("resource://gre/modules/Services.jsm"); + +// A list of locales for which the banner has been translated. +const kBannerLocales = [ + "bg", + "da", + "el", + "en", + "es", + "fr", + "fr_CA", + "is", + "it", + "nb", + "tr", +]; + +// A list of donation page locales (at least redirects should exist). +const kDonationPageLocales = [ + "ar", + "de", + "en", + "es", + "fa", + "fr", + "it", + "ja", + "ko", + "nl", + "pl", + "pt", + "ru", + "tr", + "vi", + "zh", +]; + +const kPropertiesURL = "chrome://torbutton/locale/aboutTor.properties"; +const gStringBundle = Services.strings.createBundle(kPropertiesURL); + +// Check if we should show the banner, depends on +// browser locale, current date, and how many times +// we have already shown the banner. +const shouldShowBanner = function ({ locale, shortLocale }) { + try { + // If our override test pref is true, then just show the banner regardless. + if (Services.prefs.getBoolPref("extensions.torbutton.testBanner", false)) { + return true; + } + // Don't show a banner if update is needed. + let updateNeeded = Services.prefs.getBoolPref("extensions.torbutton.updateNeeded"); + if (updateNeeded) { + return false; + } + // Only show banner when we have that locale and if a donation redirect exists. + if (kBannerLocales.indexOf(locale) === -1 || + kDonationPageLocales.indexOf(shortLocale) === -1) { + return false; + } + // Only show banner between 2017 Oct 23 and 2018 Jan 25. + let now = new Date(); + let start = new Date(2017, 9, 23); + let end = new Date(2018, 0, 26); + let shownCountPref = "extensions.torbutton.donation_banner2017.shown_count"; + if (now < start || now > end) { + // Clean up pref if not in use. + Services.prefs.clearUserPref(shownCountPref); + return false; + } + // Only show banner 50 times. + let count = 0; + if (Services.prefs.prefHasUserValue(shownCountPref)) { + count = Services.prefs.getIntPref(shownCountPref); + } + if (count >= 50) { + return false; + } + Services.prefs.setIntPref(shownCountPref, count+1); + return true; + } catch (e) { + return false; + } +}; + +// Read data needed for displaying banner on page. +var bannerData = function () { + // Read short locale. + let locale = Services.prefs.getCharPref("general.useragent.locale"); + let shortLocale = locale.match(/[a-zA-Z]+/)[0].toLowerCase(); + if (!shouldShowBanner({ locale, shortLocale })) { + return null; + } + // Load tag lines. + let taglines = []; + for (let index = 0; index < 5; ++index) { + let tagline = gStringBundle.GetStringFromName( + "aboutTor.donationBanner.tagline" + (index + 1)); + taglines.push(tagline); + } + // Read slogan and donate button text. + let slogan = gStringBundle.GetStringFromName("aboutTor.donationBanner.slogan"); + let donate = gStringBundle.GetStringFromName("aboutTor.donationBanner.donate"); + return JSON.stringify({ taglines, slogan, donate, shortLocale }); +}; + +// Export utility functions for external use. +var EXPORTED_SYMBOLS = ["bannerData"]; [View Less]

1 0

[tor-browser/tor-browser-52.3.0esr-7.5-2] Bug 16010: Fixing sandbox compile issues
by gk＠torproject.org 21 Sep '17

21 Sep '17

commit 99e8c2c94986940de47d5f50a4b863cb6127df3d Author: Georg Koppen <gk(a)torproject.org> Date: Fri Aug 11 08:08:39 2017 +0000 Bug 16010: Fixing sandbox compile issues --- dom/media/gmp/rlz/GMPDeviceBinding.cpp | 2 +- js/xpconnect/src/XPCShellImpl.cpp | 2 +- security/sandbox/chromium-shim/base/win/sdkdecls.h | 2 +- .../sandbox/chromium/base/strings/utf_string_conversion_utils.cc | 4 ++-- security/… [View More]sandbox/chromium/base/threading/platform_thread_win.cc | 2 ++ security/sandbox/chromium/base/time/time_win.cc | 2 +- security/sandbox/chromium/base/win/pe_image.h | 2 +- security/sandbox/chromium/base/win/scoped_handle.h | 2 +- security/sandbox/chromium/sandbox/win/src/acl.h | 2 +- security/sandbox/chromium/sandbox/win/src/app_container.cc | 6 +++--- security/sandbox/chromium/sandbox/win/src/broker_services.cc | 2 +- security/sandbox/chromium/sandbox/win/src/crosscall_params.h | 3 +++ security/sandbox/chromium/sandbox/win/src/handle_closer.cc | 2 +- security/sandbox/chromium/sandbox/win/src/interception.cc | 8 ++++---- security/sandbox/chromium/sandbox/win/src/interception.h | 1 + security/sandbox/chromium/sandbox/win/src/interception_internal.h | 1 + security/sandbox/chromium/sandbox/win/src/resolver.cc | 2 +- security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc | 8 ++++++++ security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h | 2 ++ security/sandbox/chromium/sandbox/win/src/sandbox_rand.cc | 2 +- security/sandbox/chromium/sandbox/win/src/service_resolver.cc | 2 +- .../chromium/sandbox/win/src/sidestep/mini_disassembler_types.h | 6 +++--- security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc | 8 ++++++-- security/sandbox/chromium/sandbox/win/src/target_process.cc | 4 ++-- toolkit/xre/nsAppRunner.cpp | 2 +- 25 files changed, 50 insertions(+), 29 deletions(-) diff --git a/dom/media/gmp/rlz/GMPDeviceBinding.cpp b/dom/media/gmp/rlz/GMPDeviceBinding.cpp index c8aee2bcd898..f3e3747e04c2 100644 --- a/dom/media/gmp/rlz/GMPDeviceBinding.cpp +++ b/dom/media/gmp/rlz/GMPDeviceBinding.cpp @@ -62,7 +62,7 @@ GetStackAfterCurrentFrame(uint8_t** aOutTop, uint8_t** aOutBottom) { // "Top" of the free space on the stack is directly after the memory // holding our return address. - uint8_t* top = (uint8_t*)_AddressOfReturnAddress(); + uint8_t* top = (uint8_t*)__builtin_return_address(0);//_AddressOfReturnAddress(); // Look down the stack until we find the guard page... MEMORY_BASIC_INFORMATION memInfo = {0}; diff --git a/js/xpconnect/src/XPCShellImpl.cpp b/js/xpconnect/src/XPCShellImpl.cpp index d86b5c5d3e3d..bedcb9132fef 100644 --- a/js/xpconnect/src/XPCShellImpl.cpp +++ b/js/xpconnect/src/XPCShellImpl.cpp @@ -45,7 +45,7 @@ #include "mozilla/widget/AudioSession.h" #include <windows.h> #if defined(MOZ_SANDBOX) -#include "SandboxBroker.h" +#include "sandboxBroker.h" #endif #endif diff --git a/security/sandbox/chromium-shim/base/win/sdkdecls.h b/security/sandbox/chromium-shim/base/win/sdkdecls.h index e999ab967b72..127bfaabf5e9 100644 --- a/security/sandbox/chromium-shim/base/win/sdkdecls.h +++ b/security/sandbox/chromium-shim/base/win/sdkdecls.h @@ -115,7 +115,7 @@ QueryThreadCycleTime( #define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_RESERVED (0x00000003 << 28) #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_MASK (0x00000003ui64 << 32) #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_DEFER (0x00000000ui64 << 32) -#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON (0x00000001ui64 << 32) +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON (0x00000001uLL << 32) #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_OFF (0x00000002ui64 << 32) #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_RESERVED (0x00000003ui64 << 32) diff --git a/security/sandbox/chromium/base/strings/utf_string_conversion_utils.cc b/security/sandbox/chromium/base/strings/utf_string_conversion_utils.cc index 3101a6028883..710fbd83a358 100644 --- a/security/sandbox/chromium/base/strings/utf_string_conversion_utils.cc +++ b/security/sandbox/chromium/base/strings/utf_string_conversion_utils.cc @@ -122,7 +122,7 @@ void PrepareForUTF8Output(const CHAR* src, // Instantiate versions we know callers will need. template void PrepareForUTF8Output(const wchar_t*, size_t, std::string*); -template void PrepareForUTF8Output(const char16*, size_t, std::string*); +//template void PrepareForUTF8Output(const char16*, size_t, std::string*); template<typename STRING> void PrepareForUTF16Or32Output(const char* src, @@ -143,6 +143,6 @@ void PrepareForUTF16Or32Output(const char* src, // Instantiate versions we know callers will need. template void PrepareForUTF16Or32Output(const char*, size_t, std::wstring*); -template void PrepareForUTF16Or32Output(const char*, size_t, string16*); +//template void PrepareForUTF16Or32Output(const char*, size_t, string16*); } // namespace base diff --git a/security/sandbox/chromium/base/threading/platform_thread_win.cc b/security/sandbox/chromium/base/threading/platform_thread_win.cc index d5bd9bed08e7..9750d99ed5fe 100644 --- a/security/sandbox/chromium/base/threading/platform_thread_win.cc +++ b/security/sandbox/chromium/base/threading/platform_thread_win.cc @@ -38,11 +38,13 @@ void SetNameInternal(PlatformThreadId thread_id, const char* name) { info.dwThreadID = thread_id; info.dwFlags = 0; +#if 0 __try { RaiseException(kVCThreadNameException, 0, sizeof(info)/sizeof(DWORD), reinterpret_cast<DWORD_PTR*>(&info)); } __except(EXCEPTION_CONTINUE_EXECUTION) { } +#endif } struct ThreadParams { diff --git a/security/sandbox/chromium/base/time/time_win.cc b/security/sandbox/chromium/base/time/time_win.cc index dc968ad63980..96ec6e2592cb 100644 --- a/security/sandbox/chromium/base/time/time_win.cc +++ b/security/sandbox/chromium/base/time/time_win.cc @@ -356,7 +356,7 @@ TimeDelta RolloverProtectedNow() { // we keep last_seen_now stay correctly in sync. DWORD now = g_tick_function(); if (now < g_last_seen_now) - g_rollover_ms += 0x100000000I64; // ~49.7 days. + g_rollover_ms += 0x100000000LL; // ~49.7 days. g_last_seen_now = now; return TimeDelta::FromMilliseconds(now + g_rollover_ms); } diff --git a/security/sandbox/chromium/base/win/pe_image.h b/security/sandbox/chromium/base/win/pe_image.h index 4c36bcf850e6..66897186d075 100644 --- a/security/sandbox/chromium/base/win/pe_image.h +++ b/security/sandbox/chromium/base/win/pe_image.h @@ -17,7 +17,7 @@ // The Windows 8 SDK defines FACILITY_VISUALCPP in winerror.h. #undef FACILITY_VISUALCPP #endif -#include <DelayIMP.h> +#include <delayimp.h> namespace base { namespace win { diff --git a/security/sandbox/chromium/base/win/scoped_handle.h b/security/sandbox/chromium/base/win/scoped_handle.h index 404ab669385a..a5d9a5fe1c23 100644 --- a/security/sandbox/chromium/base/win/scoped_handle.h +++ b/security/sandbox/chromium/base/win/scoped_handle.h @@ -18,7 +18,7 @@ #include <intrin.h> #define BASE_WIN_GET_CALLER _ReturnAddress() #elif defined(COMPILER_GCC) -#define BASE_WIN_GET_CALLER __builtin_extract_return_addr(\\ +#define BASE_WIN_GET_CALLER __builtin_extract_return_addr(\ __builtin_return_address(0)) #endif diff --git a/security/sandbox/chromium/sandbox/win/src/acl.h b/security/sandbox/chromium/sandbox/win/src/acl.h index b5021e7be865..098bc576c75c 100644 --- a/security/sandbox/chromium/sandbox/win/src/acl.h +++ b/security/sandbox/chromium/sandbox/win/src/acl.h @@ -5,7 +5,7 @@ #ifndef SANDBOX_SRC_ACL_H_ #define SANDBOX_SRC_ACL_H_ -#include <AccCtrl.h> +#include <accctrl.h> #include <windows.h> #include "base/memory/scoped_ptr.h" diff --git a/security/sandbox/chromium/sandbox/win/src/app_container.cc b/security/sandbox/chromium/sandbox/win/src/app_container.cc index a51f09208239..a9919a1cac22 100644 --- a/security/sandbox/chromium/sandbox/win/src/app_container.cc +++ b/security/sandbox/chromium/sandbox/win/src/app_container.cc @@ -4,7 +4,7 @@ #include "sandbox/win/src/app_container.h" -#include <Sddl.h> +#include <sddl.h> #include <stddef.h> #include <vector> @@ -27,10 +27,10 @@ PSID ConvertSid(const base::string16& sid) { template <typename T> T BindFunction(const char* name) { HMODULE module = GetModuleHandle(sandbox::kKerneldllName); - void* function = GetProcAddress(module, name); + void* function = (void*)GetProcAddress(module, name); if (!function) { module = GetModuleHandle(sandbox::kKernelBasedllName); - function = GetProcAddress(module, name); + function = (void*)GetProcAddress(module, name); } return reinterpret_cast<T>(function); } diff --git a/security/sandbox/chromium/sandbox/win/src/broker_services.cc b/security/sandbox/chromium/sandbox/win/src/broker_services.cc index d6acb66fdd79..1ea5da796363 100644 --- a/security/sandbox/chromium/sandbox/win/src/broker_services.cc +++ b/security/sandbox/chromium/sandbox/win/src/broker_services.cc @@ -4,7 +4,7 @@ #include "sandbox/win/src/broker_services.h" -#include <AclAPI.h> +#include <aclapi.h> #include <stddef.h> #include "base/logging.h" diff --git a/security/sandbox/chromium/sandbox/win/src/crosscall_params.h b/security/sandbox/chromium/sandbox/win/src/crosscall_params.h index eb59c44239e2..dd1591304320 100644 --- a/security/sandbox/chromium/sandbox/win/src/crosscall_params.h +++ b/security/sandbox/chromium/sandbox/win/src/crosscall_params.h @@ -16,6 +16,9 @@ #include "sandbox/win/src/internal_types.h" #include "sandbox/win/src/sandbox_types.h" +#define __try if(true) +#define __except(x) else + // Increases |value| until there is no need for padding given an int64_t // alignment. Returns the increased value. inline uint32_t Align(uint32_t value) { diff --git a/security/sandbox/chromium/sandbox/win/src/handle_closer.cc b/security/sandbox/chromium/sandbox/win/src/handle_closer.cc index f2012b7e071f..670a64721537 100644 --- a/security/sandbox/chromium/sandbox/win/src/handle_closer.cc +++ b/security/sandbox/chromium/sandbox/win/src/handle_closer.cc @@ -145,7 +145,7 @@ bool HandleCloser::SetupHandleList(void* buffer, size_t buffer_bytes) { output = &list_entry->handle_type[0]; // Copy the typename and set the offset and count. - i->first._Copy_s(output, i->first.size(), i->first.size()); + i->first.copy(output, i->first.size()); *(output += i->first.size()) = L'\0'; output++; list_entry->offset_to_names = reinterpret_cast<char*>(output) - diff --git a/security/sandbox/chromium/sandbox/win/src/interception.cc b/security/sandbox/chromium/sandbox/win/src/interception.cc index f0a2a61fb379..9eec063f3888 100644 --- a/security/sandbox/chromium/sandbox/win/src/interception.cc +++ b/security/sandbox/chromium/sandbox/win/src/interception.cc @@ -23,7 +23,7 @@ #include "sandbox/win/src/service_resolver.h" #include "sandbox/win/src/target_interceptions.h" #include "sandbox/win/src/target_process.h" -#include "sandbox/win/src/wow64.h" +#include "sandbox/win/src/Wow64.h" namespace sandbox { @@ -265,7 +265,7 @@ bool InterceptionManager::SetupDllInfo(const InterceptionData& data, dll_info->record_bytes = required; dll_info->offset_to_functions = required; dll_info->num_functions = 0; - data.dll._Copy_s(dll_info->dll_name, data.dll.size(), data.dll.size()); + data.dll.copy(dll_info->dll_name, data.dll.size()); dll_info->dll_name[data.dll.size()] = L'\0'; return true; @@ -307,12 +307,12 @@ bool InterceptionManager::SetupInterceptionInfo(const InterceptionData& data, function->interceptor_address = data.interceptor_address; char* names = function->function; - data.function._Copy_s(names, name_bytes, name_bytes); + data.function.copy(names, name_bytes); names += name_bytes; *names++ = '\0'; // interceptor follows the function_name - data.interceptor._Copy_s(names, interceptor_bytes, interceptor_bytes); + data.interceptor.copy(names, interceptor_bytes); names += interceptor_bytes; *names++ = '\0'; diff --git a/security/sandbox/chromium/sandbox/win/src/interception.h b/security/sandbox/chromium/sandbox/win/src/interception.h index 4d1ee82ba399..850e4eef54c6 100644 --- a/security/sandbox/chromium/sandbox/win/src/interception.h +++ b/security/sandbox/chromium/sandbox/win/src/interception.h @@ -18,6 +18,7 @@ #include "base/macros.h" #include "base/strings/string16.h" #include "sandbox/win/src/sandbox_types.h" +#include "sandbox/win/src/interceptors.h" namespace sandbox { diff --git a/security/sandbox/chromium/sandbox/win/src/interception_internal.h b/security/sandbox/chromium/sandbox/win/src/interception_internal.h index 45a0557e5efe..7f9cd0d763f0 100644 --- a/security/sandbox/chromium/sandbox/win/src/interception_internal.h +++ b/security/sandbox/chromium/sandbox/win/src/interception_internal.h @@ -12,6 +12,7 @@ #include <stddef.h> #include "sandbox/win/src/sandbox_types.h" +#include "sandbox/win/src/interceptors.h" namespace sandbox { diff --git a/security/sandbox/chromium/sandbox/win/src/resolver.cc b/security/sandbox/chromium/sandbox/win/src/resolver.cc index d1719da51a57..508a305a140a 100644 --- a/security/sandbox/chromium/sandbox/win/src/resolver.cc +++ b/security/sandbox/chromium/sandbox/win/src/resolver.cc @@ -53,7 +53,7 @@ NTSTATUS ResolverThunk::ResolveInterceptor(const void* interceptor_module, if (!pe.VerifyMagic()) return STATUS_INVALID_IMAGE_FORMAT; - *address = pe.GetProcAddress(interceptor_name); + *address = (void*)pe.GetProcAddress(interceptor_name); if (!(*address)) return STATUS_PROCEDURE_NOT_FOUND; diff --git a/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc b/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc index 62f2422ca432..408d544a55e4 100644 --- a/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc +++ b/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc @@ -13,6 +13,9 @@ #include "sandbox/win/src/sandbox_factory.h" #include "sandbox/win/src/target_services.h" +#define __try if(true) +#define __except(x) else + namespace sandbox { // This is the list of all imported symbols from ntdll.dll. @@ -645,6 +648,11 @@ void* operator new(size_t size, sandbox::AllocationType type, return result; } +void* operator new [](size_t size, sandbox::AllocationType type, + void* near_to) { + return operator new(size, type, near_to); +} + void operator delete(void* memory, sandbox::AllocationType type) { if (type == sandbox::NT_ALLOC) { // Use default flags. diff --git a/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h b/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h index 3e0238206768..d0bc4174ce46 100644 --- a/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h +++ b/security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h @@ -16,6 +16,8 @@ // Placement new and delete to be used from ntdll interception code. void* __cdecl operator new(size_t size, sandbox::AllocationType type, void* near_to = NULL); +void* __cdecl operator new[](size_t size, sandbox::AllocationType type, + void* near_to = NULL); void __cdecl operator delete(void* memory, sandbox::AllocationType type); // Add operator delete that matches the placement form of the operator new // above. This is required by compiler to generate code to call operator delete diff --git a/security/sandbox/chromium/sandbox/win/src/sandbox_rand.cc b/security/sandbox/chromium/sandbox/win/src/sandbox_rand.cc index b3f977374b33..92d3e721fcec 100644 --- a/security/sandbox/chromium/sandbox/win/src/sandbox_rand.cc +++ b/security/sandbox/chromium/sandbox/win/src/sandbox_rand.cc @@ -10,7 +10,7 @@ // "Community Additions" comment on MSDN here: // http://msdn.microsoft.com/en-us/library/windows/desktop/aa387694.aspx #define SystemFunction036 NTAPI SystemFunction036 -#include <NTSecAPI.h> +#include <ntsecapi.h> #undef SystemFunction036 namespace sandbox { diff --git a/security/sandbox/chromium/sandbox/win/src/service_resolver.cc b/security/sandbox/chromium/sandbox/win/src/service_resolver.cc index 92f21a7c2c95..0e63d704f4e0 100644 --- a/security/sandbox/chromium/sandbox/win/src/service_resolver.cc +++ b/security/sandbox/chromium/sandbox/win/src/service_resolver.cc @@ -29,7 +29,7 @@ NTSTATUS ServiceResolverThunk::ResolveTarget(const void* module, return STATUS_UNSUCCESSFUL; base::win::PEImage module_image(module); - *address = module_image.GetProcAddress(function_name); + *address = (void*)module_image.GetProcAddress(function_name); if (NULL == *address) { NOTREACHED_NT(); diff --git a/security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h b/security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h index 1c1062631340..ed45f22bf0ff 100644 --- a/security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h +++ b/security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h @@ -148,9 +148,9 @@ struct Opcode { // Description of the type of the dest, src and aux operands, // put together from an enOperandType flag and an enAddressingMethod // flag. - int flag_dest_; - int flag_source_; - int flag_aux_; + unsigned int flag_dest_; + unsigned int flag_source_; + unsigned flag_aux_; // We indicate the mnemonic for debugging purposes const char* mnemonic_; diff --git a/security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc b/security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc index d5da2fbe95a5..072be907146b 100644 --- a/security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc +++ b/security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc @@ -108,14 +108,14 @@ NTSTATUS SmartSidestepResolverThunk::Setup(const void* target_module, // to our internal smart interceptor. size_t standard_bytes = storage_bytes - offsetof(SmartThunk, sidestep); ret = SidestepResolverThunk::Setup(target_module, interceptor_module, - target_name, NULL, &SmartStub, + target_name, NULL, (void*)&SmartStub, &thunk->sidestep, standard_bytes, NULL); if (!NT_SUCCESS(ret)) return ret; // Fix the internal thunk to pass the whole buffer to the interceptor. SetInternalThunk(&thunk->sidestep.internal_thunk, GetInternalThunkSize(), - thunk_storage, &SmartStub); + thunk_storage, (void*)&SmartStub); if (storage_used) *storage_used = GetThunkSize(); @@ -148,6 +148,7 @@ size_t SmartSidestepResolverThunk::GetThunkSize() const { // [xxx] [saved ebx] [xxx] // [xxx] [saved ecx] [xxx] // [xxx] [saved edx] [xxx] +#if 0 __declspec(naked) void SmartSidestepResolverThunk::SmartStub() { __asm { @@ -189,6 +190,9 @@ void SmartSidestepResolverThunk::SmartStub() { ret // Jump to original function. } } +#else +void SmartSidestepResolverThunk::SmartStub() {} // FIXME !! +#endif bool SmartSidestepResolverThunk::IsInternalCall(const void* base, void* return_address) { diff --git a/security/sandbox/chromium/sandbox/win/src/target_process.cc b/security/sandbox/chromium/sandbox/win/src/target_process.cc index e27655e7ecfb..92be96cc4173 100644 --- a/security/sandbox/chromium/sandbox/win/src/target_process.cc +++ b/security/sandbox/chromium/sandbox/win/src/target_process.cc @@ -221,7 +221,7 @@ DWORD TargetProcess::Create(const wchar_t* exe_path, static_cast<PROCESS_INFORMATION_CLASS>(NtProcessInformationAccessToken), &process_access_token, sizeof(process_access_token)); if (!NT_SUCCESS(status)) { - win_result = ERROR_INVALID_TOKEN; + win_result = ::GetLastError(); //ERROR_INVALID_TOKEN; ::TerminateProcess(process_info.process_handle(), 0); // exit code return win_result; } @@ -244,7 +244,7 @@ ResultCode TargetProcess::TransferVariable(const char* name, void* address, if (NULL == module) return SBOX_ERROR_GENERIC; - child_var = ::GetProcAddress(module, name); + child_var = (void*)::GetProcAddress(module, name); ::FreeLibrary(module); if (NULL == child_var) diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 190fec19e520..bb469aa33100 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -213,7 +213,7 @@ #if defined(XP_LINUX) && !defined(ANDROID) #include "mozilla/SandboxInfo.h" #elif defined(XP_WIN) -#include "SandboxBroker.h" +#include "sandboxBroker.h" #endif #endif [View Less]

1 0

[tor-browser/tor-browser-52.3.0esr-7.5-2] fixup! TB3: Tor Browser's official .mozconfigs.
by gk＠torproject.org 21 Sep '17

21 Sep '17

commit 6cafd21960e74a78317330c8559f643e4beac165 Author: Georg Koppen <gk(a)torproject.org> Date: Fri Aug 11 08:09:56 2017 +0000 fixup! TB3: Tor Browser's official .mozconfigs. Enabling sandbox compiling for Windows platform --- .mozconfig-mingw | 3 --- 1 file changed, 3 deletions(-) diff --git a/.mozconfig-mingw b/.mozconfig-mingw index af305737e647..dfb33264d8a9 100644 --- a/.mozconfig-mingw +++ b/.mozconfig-mingw @@ -18,9 +18,6 @@ ac_add_options --enable-tor-browser-… [View More]

1 0

[tor-browser/tor-browser-52.3.0esr-7.5-2] We don't take the SANDBOX_EXPORTS path and fix compile issues along our way
by gk＠torproject.org 21 Sep '17

21 Sep '17

commit 0b5dfeae5d09168e020acd2f630c5352674075ab Author: Georg Koppen <gk(a)torproject.org> Date: Mon Sep 18 19:06:56 2017 +0000 We don't take the SANDBOX_EXPORTS path and fix compile issues along our way --- security/sandbox/chromium/sandbox/win/src/interception.h | 4 ++-- security/sandbox/moz.build | 2 +- security/sandbox/win/src/sandboxbroker/moz.build | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/security/sandbox/… [View More]chromium/sandbox/win/src/interception.h b/security/sandbox/chromium/sandbox/win/src/interception.h index 850e4eef54c6..ceff4b62d1a0 100644 --- a/security/sandbox/chromium/sandbox/win/src/interception.h +++ b/security/sandbox/chromium/sandbox/win/src/interception.h @@ -268,7 +268,7 @@ class InterceptionManager { #define ADD_NT_INTERCEPTION(service, id, num_params) \ AddToPatchedFunctions(kNtdllName, #service, \ sandbox::INTERCEPTION_SERVICE_CALL, \ - MAKE_SERVICE_NAME(service), id) + (void*)MAKE_SERVICE_NAME(service), id) #define INTERCEPT_NT(manager, service, id, num_params) \ manager->ADD_NT_INTERCEPTION(service, id, num_params) @@ -279,7 +279,7 @@ class InterceptionManager { // we are guaranteed that our IAT has been initialized. #define INTERCEPT_EAT(manager, dll, function, id, num_params) \ manager->AddToPatchedFunctions(dll, #function, sandbox::INTERCEPTION_EAT, \ - MAKE_SERVICE_NAME(function), id) + (void*)MAKE_SERVICE_NAME(function), id) #endif // SANDBOX_EXPORTS } // namespace sandbox diff --git a/security/sandbox/moz.build b/security/sandbox/moz.build index 1420d6498af9..7b9cb01e4e87 100644 --- a/security/sandbox/moz.build +++ b/security/sandbox/moz.build @@ -154,7 +154,7 @@ elif CONFIG['OS_ARCH'] == 'WINNT': 'chromium/sandbox/win/src/Wow64.cc', ] - for var in ('UNICODE', '_UNICODE', 'NS_NO_XPCOM', 'SANDBOX_EXPORTS', + for var in ('UNICODE', '_UNICODE', 'NS_NO_XPCOM', '_CRT_RAND_S', 'CHROMIUM_SANDBOX_BUILD'): DEFINES[var] = True diff --git a/security/sandbox/win/src/sandboxbroker/moz.build b/security/sandbox/win/src/sandboxbroker/moz.build index 4a9d01cc5fa5..4df77d232f38 100644 --- a/security/sandbox/win/src/sandboxbroker/moz.build +++ b/security/sandbox/win/src/sandboxbroker/moz.build @@ -12,7 +12,7 @@ EXPORTS += [ 'sandboxBroker.h', ] -for var in ('UNICODE', '_UNICODE', 'SANDBOX_EXPORTS'): +for var in ('UNICODE', '_UNICODE'): DEFINES[var] = True LOCAL_INCLUDES += [ [View Less]

1 0

[tor-browser/tor-browser-52.3.0esr-7.5-2] fixup! Bug 16010: Fixing sandbox compile issues
by gk＠torproject.org 21 Sep '17

21 Sep '17

commit 2354d122644d82df54d655ece5b42bdfa4cf38f8 Author: Georg Koppen <gk(a)torproject.org> Date: Thu Sep 21 20:48:42 2017 +0000 fixup! Bug 16010: Fixing sandbox compile issues --- .../sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h b/security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h index … [View More]

1 0

[tor-browser/tor-browser-52.3.0esr-7.5-2] Bug 1320085 - Allow the getrlimit-equivalent subset of prlimit64. r=tedd
by gk＠torproject.org 21 Sep '17

21 Sep '17

commit bf2b5cefbaddca978d5c5eca3b54f0f0af5c8d32 Author: Jed Davis <jld(a)mozilla.com> Date: Mon Nov 28 12:05:28 2016 -0700 Bug 1320085 - Allow the getrlimit-equivalent subset of prlimit64. r=tedd This applies only to content processes, where we already allow getrlimit (but not setrlimit). The rule added here does not allow using prlimit64 to set any resource limits or interact with any other process. MozReview-Commit-ID: nMry3t6QPj --HG-- … [View More]

1 0