[tbb-commits] [tor-browser-bundle/maint-7.0] Apply follow-up patch for bug 24052

Fri Nov 3 15:49:28 UTC 2017

commit a5388a804d47d7d4fb157beb351ebef9897e8a2b
Author: Georg Koppen <gk at torproject.org>
Date:   Wed Nov 1 20:35:18 2017 +0000

    Apply follow-up patch for bug 24052
---
 gitian/descriptors/linux/gitian-firefox.yml |  2 ++
 gitian/descriptors/mac/gitian-firefox.yml   |  2 ++
 gitian/patches/24052_2.patch                | 29 +++++++++++++++++++++++++++++
 3 files changed, 33 insertions(+)

diff --git a/gitian/descriptors/linux/gitian-firefox.yml b/gitian/descriptors/linux/gitian-firefox.yml
index 766bf99..967a981 100644
--- a/gitian/descriptors/linux/gitian-firefox.yml
+++ b/gitian/descriptors/linux/gitian-firefox.yml
@@ -37,6 +37,7 @@ files:
 - "dzip.sh"
 - "versions"
 - "24052.patch"
+- "24052_2.patch"
 script: |
   source versions
   INSTDIR="$HOME/install"
@@ -90,6 +91,7 @@ script: |
 
   cd tor-browser
   patch -p1 < ../24052.patch
+  patch -p1 < ../24052_2.patch
   # run get-moz-build-date before removing .git, which is used to get the year
   chmod +x ~/build/get-moz-build-date
   eval $(~/build/get-moz-build-date $(cat browser/config/version.txt))
diff --git a/gitian/descriptors/mac/gitian-firefox.yml b/gitian/descriptors/mac/gitian-firefox.yml
index f47afc8..a38fc0b 100644
--- a/gitian/descriptors/mac/gitian-firefox.yml
+++ b/gitian/descriptors/mac/gitian-firefox.yml
@@ -25,6 +25,7 @@ files:
 - "fix-info-plist.py"
 - "versions"
 - "24052.patch"
+- "24052_2.patch"
 script: |
   INSTDIR="$HOME/install/"
   source versions
@@ -38,6 +39,7 @@ script: |
 
   cd tor-browser
   patch -p1 < ../24052.patch
+  patch -p1 < ../24052_2.patch
   # Extracting all the necessary tools
   tar xaf ../MacOSX10.7.sdk.tar.gz
   tar xaf ../cctools.tar.gz
diff --git a/gitian/patches/24052_2.patch b/gitian/patches/24052_2.patch
new file mode 100644
index 0000000..0060428
--- /dev/null
+++ b/gitian/patches/24052_2.patch
@@ -0,0 +1,29 @@
+From e2c1240ad25f4edcc7d3828b29f6aeb953a24a2e Mon Sep 17 00:00:00 2001
+From: Arthur Edelstein <arthuredelstein at gmail.com>
+Date: Wed, 1 Nov 2017 02:33:18 -0700
+Subject: [PATCH] Bug 24052: Handle redirects by blocking them early
+
+This is the second part of the workaround for
+https://bugzilla.mozilla.org/show_bug.cgi?id=1412081.
+
+diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
+index 0e570e8cb57d..b38be48bf0c9 100644
+--- a/netwerk/protocol/http/nsHttpChannel.cpp
++++ b/netwerk/protocol/http/nsHttpChannel.cpp
+@@ -5419,6 +5419,13 @@ nsHttpChannel::AsyncProcessRedirection(uint32_t redirectType)
+         return NS_ERROR_CORRUPTED_CONTENT;
+     }
+ 
++    bool isRedirectToFile = false;
++    rv = mRedirectURI->SchemeIs("file", &isRedirectToFile);
++    if (!NS_FAILED(rv) && isRedirectToFile) {
++        LOG(("Attempted to redirect from a remote page to a file:// URI."));
++        return NS_ERROR_FAILURE;
++    }
++
+     if (mApplicationCache) {
+         // if we are redirected to a different origin check if there is a fallback
+         // cache entry to fall back to. we don't care about file strict
+-- 
+2.14.2
+



