ma1 pushed to branch mullvad-browser-115.17.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser
Commits:
-
6bd54722
by Randell Jesup at 2024-10-24T17:12:05+02:00
-
5ad1eeda
by Valentin Gosu at 2024-10-24T17:12:06+02:00
-
79901fa5
by Andrew McCreight at 2024-10-24T17:12:08+02:00
-
a689cf5a
by Paul Zuehlcke at 2024-10-24T17:12:09+02:00
-
1d53f0f1
by Andrew McCreight at 2024-10-24T17:12:11+02:00
-
36a1ad53
by Kagami Sascha Rosylight at 2024-10-24T17:12:12+02:00
8 changed files:
- dom/console/Console.cpp
- dom/media/systemservices/CamerasChild.cpp
- dom/push/PushCrypto.sys.mjs
- netwerk/cache2/CacheFileIOManager.cpp
- netwerk/streamconv/converters/nsMultiMixedConv.cpp
- netwerk/streamconv/converters/nsMultiMixedConv.h
- toolkit/content/widgets/popupnotification.js
- toolkit/themes/shared/popupnotification.css
Changes:
... | ... | @@ -802,6 +802,7 @@ NS_IMPL_CYCLE_COLLECTION_UNLINK_BEGIN(Console) |
802 | 802 | NS_IMPL_CYCLE_COLLECTION_UNLINK(mDumpFunction)
|
803 | 803 | NS_IMPL_CYCLE_COLLECTION_UNLINK_WEAK_REFERENCE
|
804 | 804 | tmp->Shutdown();
|
805 | + tmp->mArgumentStorage.clearAndFree();
|
|
805 | 806 | NS_IMPL_CYCLE_COLLECTION_UNLINK_END
|
806 | 807 | |
807 | 808 | NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN(Console)
|
... | ... | @@ -331,7 +331,7 @@ int CamerasChild::AllocateCapture(CaptureEngine aCapEngine, |
331 | 331 | LOG(("%s", __PRETTY_FUNCTION__));
|
332 | 332 | nsCString unique_id(unique_idUTF8);
|
333 | 333 | nsCOMPtr<nsIRunnable> runnable =
|
334 | - mozilla::NewRunnableMethod<CaptureEngine, nsCString, const uint64_t&>(
|
|
334 | + mozilla::NewRunnableMethod<CaptureEngine, nsCString, uint64_t>(
|
|
335 | 335 | "camera::PCamerasChild::SendAllocateCapture", this,
|
336 | 336 | &CamerasChild::SendAllocateCapture, aCapEngine, unique_id, aWindowID);
|
337 | 337 | LockAndDispatch<> dispatcher(this, __func__, runnable, -1, mReplyInteger);
|
... | ... | @@ -108,6 +108,8 @@ function getEncryptionParams(encryptField) { |
108 | 108 | // aes128gcm scheme.
|
109 | 109 | function getCryptoParamsFromPayload(payload) {
|
110 | 110 | if (payload.byteLength < 21) {
|
111 | + // The value 21 is from https://datatracker.ietf.org/doc/html/rfc8188#section-2.1
|
|
112 | + // | salt (16) | rs (4) | idlen (1) | keyid (idlen) |
|
|
111 | 113 | throw new CryptoError("Truncated header", BAD_CRYPTO);
|
112 | 114 | }
|
113 | 115 | let rs =
|
... | ... | @@ -115,8 +117,16 @@ function getCryptoParamsFromPayload(payload) { |
115 | 117 | (payload[17] << 16) |
|
116 | 118 | (payload[18] << 8) |
|
117 | 119 | payload[19];
|
120 | + if (rs < 18) {
|
|
121 | + // https://datatracker.ietf.org/doc/html/rfc8188#section-2.1
|
|
122 | + throw new CryptoError(
|
|
123 | + "Record sizes smaller than 18 are invalid",
|
|
124 | + BAD_RS_PARAM
|
|
125 | + );
|
|
126 | + }
|
|
118 | 127 | let keyIdLen = payload[20];
|
119 | 128 | if (keyIdLen != 65) {
|
129 | + // https://datatracker.ietf.org/doc/html/rfc8291/#section-4
|
|
120 | 130 | throw new CryptoError("Invalid sender public key", BAD_DH_PARAM);
|
121 | 131 | }
|
122 | 132 | if (payload.byteLength <= 21 + keyIdLen) {
|
... | ... | @@ -171,8 +181,12 @@ export function getCryptoParamsFromHeaders(headers) { |
171 | 181 | throw new CryptoError("Invalid salt parameter", BAD_SALT_PARAM);
|
172 | 182 | }
|
173 | 183 | var rs = enc.rs ? parseInt(enc.rs, 10) : 4096;
|
174 | - if (isNaN(rs)) {
|
|
175 | - throw new CryptoError("rs parameter must be a number", BAD_RS_PARAM);
|
|
184 | + if (isNaN(rs) || rs < 1 || rs > 68719476705) {
|
|
185 | + // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-encryption-encoding-03#section-3.1
|
|
186 | + throw new CryptoError(
|
|
187 | + "rs parameter must be a number greater than 1 and smaller than 2^36-31",
|
|
188 | + BAD_RS_PARAM
|
|
189 | + );
|
|
176 | 190 | }
|
177 | 191 | return {
|
178 | 192 | salt,
|
... | ... | @@ -791,6 +805,7 @@ class aes128gcmEncoder { |
791 | 805 | // Perform the actual encryption of the payload.
|
792 | 806 | async encrypt(key, nonce) {
|
793 | 807 | if (this.rs < 18) {
|
808 | + // https://datatracker.ietf.org/doc/html/rfc8188#section-2.1
|
|
794 | 809 | throw new CryptoError("recordsize is too small", BAD_RS_PARAM);
|
795 | 810 | }
|
796 | 811 | |
... | ... | @@ -869,6 +884,7 @@ class aes128gcmEncoder { |
869 | 884 | createHeader(key) {
|
870 | 885 | // layout is "salt|32-bit-int|8-bit-int|key"
|
871 | 886 | if (key.byteLength != 65) {
|
887 | + // https://datatracker.ietf.org/doc/html/rfc8291/#section-4
|
|
872 | 888 | throw new CryptoError("Invalid key length for header", BAD_DH_PARAM);
|
873 | 889 | }
|
874 | 890 | // the 2 ints
|
... | ... | @@ -4359,13 +4359,15 @@ class SizeOfHandlesRunnable : public Runnable { |
4359 | 4359 | public:
|
4360 | 4360 | SizeOfHandlesRunnable(mozilla::MallocSizeOf mallocSizeOf,
|
4361 | 4361 | CacheFileHandles const& handles,
|
4362 | - nsTArray<CacheFileHandle*> const& specialHandles)
|
|
4362 | + nsTArray<CacheFileHandle*> const& specialHandles,
|
|
4363 | + nsCOMPtr<nsITimer> const& metadataWritesTimer)
|
|
4363 | 4364 | : Runnable("net::SizeOfHandlesRunnable"),
|
4364 | 4365 | mMonitor("SizeOfHandlesRunnable.mMonitor"),
|
4365 | 4366 | mMonitorNotified(false),
|
4366 | 4367 | mMallocSizeOf(mallocSizeOf),
|
4367 | 4368 | mHandles(handles),
|
4368 | 4369 | mSpecialHandles(specialHandles),
|
4370 | + mMetadataWritesTimer(metadataWritesTimer),
|
|
4369 | 4371 | mSize(0) {}
|
4370 | 4372 | |
4371 | 4373 | size_t Get(CacheIOThread* thread) {
|
... | ... | @@ -4397,6 +4399,10 @@ class SizeOfHandlesRunnable : public Runnable { |
4397 | 4399 | for (uint32_t i = 0; i < mSpecialHandles.Length(); ++i) {
|
4398 | 4400 | mSize += mSpecialHandles[i]->SizeOfIncludingThis(mMallocSizeOf);
|
4399 | 4401 | }
|
4402 | + nsCOMPtr<nsISizeOf> sizeOf = do_QueryInterface(mMetadataWritesTimer);
|
|
4403 | + if (sizeOf) {
|
|
4404 | + mSize += sizeOf->SizeOfIncludingThis(mMallocSizeOf);
|
|
4405 | + }
|
|
4400 | 4406 | |
4401 | 4407 | mMonitorNotified = true;
|
4402 | 4408 | mon.Notify();
|
... | ... | @@ -4404,11 +4410,12 @@ class SizeOfHandlesRunnable : public Runnable { |
4404 | 4410 | }
|
4405 | 4411 | |
4406 | 4412 | private:
|
4407 | - mozilla::Monitor mMonitor MOZ_UNANNOTATED;
|
|
4413 | + mozilla::Monitor mMonitor;
|
|
4408 | 4414 | bool mMonitorNotified;
|
4409 | 4415 | mozilla::MallocSizeOf mMallocSizeOf;
|
4410 | 4416 | CacheFileHandles const& mHandles;
|
4411 | 4417 | nsTArray<CacheFileHandle*> const& mSpecialHandles;
|
4418 | + nsCOMPtr<nsITimer> const& mMetadataWritesTimer;
|
|
4412 | 4419 | size_t mSize;
|
4413 | 4420 | };
|
4414 | 4421 | |
... | ... | @@ -4422,10 +4429,11 @@ size_t CacheFileIOManager::SizeOfExcludingThisInternal( |
4422 | 4429 | if (mIOThread) {
|
4423 | 4430 | n += mIOThread->SizeOfIncludingThis(mallocSizeOf);
|
4424 | 4431 | |
4425 | - // mHandles and mSpecialHandles must be accessed only on the I/O thread,
|
|
4426 | - // must sync dispatch.
|
|
4432 | + // mHandles, mSpecialHandles and mMetadataWritesTimer must be accessed
|
|
4433 | + // only on the I/O thread, must sync dispatch.
|
|
4427 | 4434 | RefPtr<SizeOfHandlesRunnable> sizeOfHandlesRunnable =
|
4428 | - new SizeOfHandlesRunnable(mallocSizeOf, mHandles, mSpecialHandles);
|
|
4435 | + new SizeOfHandlesRunnable(mallocSizeOf, mHandles, mSpecialHandles,
|
|
4436 | + mMetadataWritesTimer);
|
|
4429 | 4437 | n += sizeOfHandlesRunnable->Get(mIOThread);
|
4430 | 4438 | }
|
4431 | 4439 | |
... | ... | @@ -4434,9 +4442,6 @@ size_t CacheFileIOManager::SizeOfExcludingThisInternal( |
4434 | 4442 | sizeOf = do_QueryInterface(mCacheDirectory);
|
4435 | 4443 | if (sizeOf) n += sizeOf->SizeOfIncludingThis(mallocSizeOf);
|
4436 | 4444 | |
4437 | - sizeOf = do_QueryInterface(mMetadataWritesTimer);
|
|
4438 | - if (sizeOf) n += sizeOf->SizeOfIncludingThis(mallocSizeOf);
|
|
4439 | - |
|
4440 | 4445 | sizeOf = do_QueryInterface(mTrashTimer);
|
4441 | 4446 | if (sizeOf) n += sizeOf->SizeOfIncludingThis(mallocSizeOf);
|
4442 | 4447 |
... | ... | @@ -467,6 +467,12 @@ nsMultiMixedConv::OnStartRequest(nsIRequest* request) { |
467 | 467 | if (NS_SUCCEEDED(rv)) {
|
468 | 468 | mRootContentSecurityPolicy = csp;
|
469 | 469 | }
|
470 | + nsCString contentDisposition;
|
|
471 | + rv = httpChannel->GetResponseHeader("content-disposition"_ns,
|
|
472 | + contentDisposition);
|
|
473 | + if (NS_SUCCEEDED(rv)) {
|
|
474 | + mRootContentDisposition = contentDisposition;
|
|
475 | + }
|
|
470 | 476 | } else {
|
471 | 477 | // try asking the channel directly
|
472 | 478 | rv = mChannel->GetContentType(contentType);
|
... | ... | @@ -837,7 +843,11 @@ nsresult nsMultiMixedConv::SendStart() { |
837 | 843 | rv = mPartChannel->SetContentLength(mContentLength);
|
838 | 844 | if (NS_FAILED(rv)) return rv;
|
839 | 845 | |
840 | - mPartChannel->SetContentDisposition(mContentDisposition);
|
|
846 | + if (!mRootContentDisposition.IsEmpty()) {
|
|
847 | + mPartChannel->SetContentDisposition(mRootContentDisposition);
|
|
848 | + } else {
|
|
849 | + mPartChannel->SetContentDisposition(mContentDisposition);
|
|
850 | + }
|
|
841 | 851 | |
842 | 852 | // Each part of a multipart/replace response can be used
|
843 | 853 | // for the top level document. We must inform upper layers
|
... | ... | @@ -150,15 +150,17 @@ class nsMultiMixedConv : public nsIStreamConverter { |
150 | 150 | nsCOMPtr<nsIStreamListener> mFinalListener; // this guy gets the converted
|
151 | 151 | // data via his OnDataAvailable()
|
152 | 152 | |
153 | - nsCOMPtr<nsIChannel>
|
|
154 | - mChannel; // The channel as we get in in OnStartRequest call
|
|
155 | - RefPtr<nsPartChannel> mPartChannel; // the channel for the given part we're
|
|
156 | - // processing. one channel per part.
|
|
153 | + // The channel as we get it in OnStartRequest call
|
|
154 | + nsCOMPtr<nsIChannel> mChannel;
|
|
155 | + // the channel for the given part we're
|
|
156 | + // processing. one channel per part.
|
|
157 | + RefPtr<nsPartChannel> mPartChannel;
|
|
157 | 158 | nsCOMPtr<nsISupports> mContext;
|
158 | 159 | nsCString mContentType;
|
159 | 160 | nsCString mContentDisposition;
|
160 | 161 | nsCString mContentSecurityPolicy;
|
161 | 162 | nsCString mRootContentSecurityPolicy;
|
163 | + nsCString mRootContentDisposition;
|
|
162 | 164 | uint64_t mContentLength{UINT64_MAX};
|
163 | 165 | uint64_t mTotalSent{0};
|
164 | 166 |
... | ... | @@ -15,7 +15,7 @@ |
15 | 15 | ".popup-notification-description": "popupid,id=descriptionid",
|
16 | 16 | ".popup-notification-description > span:first-of-type":
|
17 | 17 | "text=label,popupid",
|
18 | - ".popup-notification-description > b:first-of-type":
|
|
18 | + ".popup-notification-description > .popup-notification-description-name":
|
|
19 | 19 | "text=name,popupid",
|
20 | 20 | ".popup-notification-description > span:nth-of-type(2)":
|
21 | 21 | "text=endlabel,popupid",
|
... | ... | @@ -82,7 +82,7 @@ |
82 | 82 | <!-- These need to be on the same line to avoid creating
|
83 | 83 | whitespace between them (whitespace is added in the
|
84 | 84 | localization file, if necessary). -->
|
85 | - <description class="popup-notification-description"><html:span></html:span><html:b></html:b><html:span></html:span><html:b></html:b><html:span></html:span></description>
|
|
85 | + <description class="popup-notification-description"><html:span></html:span><html:b class="popup-notification-description-name"></html:b><html:span></html:span><html:b></html:b><html:span></html:span></description>
|
|
86 | 86 | <description class="popup-notification-hint-text"></description>
|
87 | 87 | </vbox>
|
88 | 88 | <toolbarbutton class="messageCloseButton close-icon popup-notification-closebutton tabbable" data-l10n-id="close-notification-message"></toolbarbutton>
|
... | ... | @@ -52,6 +52,16 @@ popupnotificationcontent { |
52 | 52 | flex: 1 auto;
|
53 | 53 | }
|
54 | 54 | |
55 | +/*
|
|
56 | + * Ensure that host names in PopupNotifications wrap. This targets the "name"
|
|
57 | + * element in the description container which is the "name" property of the
|
|
58 | + * PopupNotification. Name is what gets substituted from the l10n string using
|
|
59 | + * the placeholder <>.
|
|
60 | + */
|
|
61 | +.popup-notification-description-name {
|
|
62 | + word-break: break-all;
|
|
63 | +}
|
|
64 | + |
|
55 | 65 | .popup-notification-closebutton {
|
56 | 66 | margin-inline-end: -8px;
|
57 | 67 | margin-top: -8px;
|