download.lst | 8
external/curl/zlib.patch.0 | 10
external/libgpg-error/UnpackedTarball_libgpg-error.mk | 1
external/libgpg-error/libgpg-error_gawk5.patch | 114 ++++
external/libgpg-error/w32-build-fixes.patch | 2
external/nss/UnpackedTarball_nss.mk | 3
external/nss/clang-cl.patch.0 | 14
external/nss/nss-chromium-nss-static.patch | 487 ------------------
external/nss/nss-more-static.patch | 39 -
external/nss/nss.fix-freebl-add-lcc-support.patch.1 | 11
external/nss/nss.patch | 13
sc/source/ui/docshell/externalrefmgr.cxx | 54 +
scripting/source/protocolhandler/scripthandler.cxx | 9
scripting/source/pyprov/pythonscript.py | 16
sfx2/source/doc/objmisc.cxx | 24
sw/inc/anchoredobject.hxx | 1
sw/source/core/inc/layouter.hxx | 4
sw/source/core/layout/anchoredobject.cxx | 9
sw/source/core/layout/fly.cxx | 2
sw/source/core/layout/layouter.cxx | 15
sw/source/core/layout/objstmpconsiderwrapinfl.cxx | 27
sw/source/core/layout/objstmpconsiderwrapinfl.hxx | 1
sw/source/core/layout/ssfrm.cxx | 5
sw/source/filter/ww8/ww8par.hxx | 2
sw/source/filter/ww8/ww8par2.cxx | 47 +
vcl/headless/svpgdi.cxx | 10
26 files changed, 302 insertions(+), 626 deletions(-)
New commits:
commit aeba9118533e4e1fb7753cade26ca3d4b4ae4804
Author: Caolán McNamara <caol...@redhat.com>
AuthorDate: Mon Aug 12 20:32:54 2019 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Thu Aug 22 13:44:34 2019 +0200
construct final url from parsed output
Change-Id: Ifd733625a439685ad307603eb2b00bf463eb9ca9
Reviewed-on: https://gerrit.libreoffice.org/77373
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sberg...@redhat.com>
(cherry picked from commit 87959e5deea6d33cd35dbb3b8423056f9566710e)
Reviewed-on: https://gerrit.libreoffice.org/77377
(cherry picked from commit c03acb9b8a97254cfcf7c45ef920b93b7f1dd344)
diff --git a/scripting/source/pyprov/pythonscript.py
b/scripting/source/pyprov/pythonscript.py
index 7b788d65ddb9..fb28fe6f03bd 100644
--- a/scripting/source/pyprov/pythonscript.py
+++ b/scripting/source/pyprov/pythonscript.py
@@ -224,7 +224,13 @@ class MyUriHelper:
sStorageUri = sStorageUri.replace( "|", "/" )
# path to the .py file, relative to the base
- sFileUri = sStorageUri[0:sStorageUri.find("$")]
+ funcNameStart = sStorageUri.find("$")
+ if funcNameStart != -1:
+ sFileUri = sStorageUri[0:funcNameStart]
+ sFuncName = sStorageUri[funcNameStart+1:]
+ else:
+ sFileUri = sStorageUri
+
xFileUri = self.m_uriRefFac.parse(sFileUri)
if not xFileUri:
message = "pythonscript: invalid relative uri '" + sFileUri+
"'"
@@ -241,7 +247,9 @@ class MyUriHelper:
log.debug( message )
raise RuntimeException( message )
- ret = sBaseUri + sStorageUri
+ ret = sAbsScriptUri
+ if funcNameStart != -1:
+ ret = ret + "$" + sFuncName
log.debug( "converting scriptURI="+scriptURI + " to storageURI=" +
ret )
return ret
except UnoException as e:
commit 9d288795e69056bbc2fb2c4df53ab6ee9f518e4d
Author: Caolán McNamara <caol...@redhat.com>
AuthorDate: Wed Aug 7 12:58:01 2019 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Thu Aug 22 13:44:34 2019 +0200
expand pyuno path separators
Change-Id: Ic97649ed6d4be595b308922c7bdc880cbb60b239
Reviewed-on: https://gerrit.libreoffice.org/77102
Reviewed-by: Michael Stahl <michael.st...@cib.de>
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sberg...@redhat.com>
(cherry picked from commit 75903a0298218f89a199a5ac151ee0166f4469d7)
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index 13d338f3b14e..a508aea86e12 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -1363,7 +1363,8 @@ bool SfxObjectShell::UnTrustedScript(const OUString&
rScriptURL)
if (!sfUri.is())
return false;
- OUString sScript = sfUri->getName();
+ // pyuno encodes path separator as |
+ OUString sScript = sfUri->getName().replace('|', '/');
// check if any path portion matches LibreLogo and ban it if it does
sal_Int32 nIndex = 0;
commit 83aea1bee5145cf6a86dc99573bb83114f201e1a
Author: Stephan Bergmann <sberg...@redhat.com>
AuthorDate: Tue Aug 6 13:29:22 2019 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Thu Aug 22 13:44:34 2019 +0200
Properly obtain location
Change-Id: I9fb0d883a3623394343cd54ef61e5610544198c8
Reviewed-on: https://gerrit.libreoffice.org/77019
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sberg...@redhat.com>
(cherry picked from commit a9cde2557242a0c343d99533f3ee032599c66f42)
Reviewed-on: https://gerrit.libreoffice.org/77023
Reviewed-by: Caolán McNamara <caol...@redhat.com>
Tested-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit 28c6af3ddc283ca9c5712359a9abcb385c1575b4)
diff --git a/scripting/source/protocolhandler/scripthandler.cxx
b/scripting/source/protocolhandler/scripthandler.cxx
index 6aaa2055bd90..b95c4d45032b 100644
--- a/scripting/source/protocolhandler/scripthandler.cxx
+++ b/scripting/source/protocolhandler/scripthandler.cxx
@@ -47,6 +47,7 @@
#include <com/sun/star/uno/XComponentContext.hpp>
#include <com/sun/star/uri/XUriReference.hpp>
+#include <com/sun/star/uri/XVndSunStarScriptUrlReference.hpp>
#include <com/sun/star/uri/UriReferenceFactory.hpp>
#include <memory>
@@ -133,8 +134,12 @@ void SAL_CALL
ScriptProtocolHandler::dispatchWithNotification(
{
try
{
- bool bIsDocumentScript = ( aURL.Complete.indexOf( "document" )
!=-1 );
- // TODO: isn't this somewhat strange? This should be a test
for a location=document parameter, shouldn't it?
+ css::uno::Reference<css::uri::XUriReferenceFactory> urifac(
+ css::uri::UriReferenceFactory::create(m_xContext));
+ css::uno::Reference<css::uri::XVndSunStarScriptUrlReference> uri(
+ urifac->parse(aURL.Complete), css::uno::UNO_QUERY_THROW);
+ auto const loc = uri->getParameter("location");
+ bool bIsDocumentScript = loc == "document";
if ( bIsDocumentScript )
{
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index a66eeefc1d45..13d338f3b14e 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -1386,19 +1386,22 @@ ErrCode SfxObjectShell::CallXScript( const Reference<
XInterface >& _rxScriptCon
SAL_INFO("sfx", "in CallXScript" );
ErrCode nErr = ERRCODE_NONE;
- bool bIsDocumentScript = ( _rScriptURL.indexOf( "location=document" ) >= 0
);
- // TODO: we should parse the URL, and check whether there is a
parameter with this name.
- // Otherwise, we might find too much.
- if ( bIsDocumentScript && !lcl_isScriptAccessAllowed_nothrow(
_rxScriptContext ) )
- return ERRCODE_IO_ACCESSDENIED;
-
- if ( UnTrustedScript(_rScriptURL) )
- return ERRCODE_IO_ACCESSDENIED;
-
bool bCaughtException = false;
Any aException;
try
{
+ css::uno::Reference<css::uri::XUriReferenceFactory> urifac(
+
css::uri::UriReferenceFactory::create(comphelper::getProcessComponentContext()));
+ css::uno::Reference<css::uri::XVndSunStarScriptUrlReference> uri(
+ urifac->parse(_rScriptURL), css::uno::UNO_QUERY_THROW);
+ auto const loc = uri->getParameter("location");
+ bool bIsDocumentScript = loc == "document";
+ if ( bIsDocumentScript && !lcl_isScriptAccessAllowed_nothrow(
_rxScriptContext ) )
+ return ERRCODE_IO_ACCESSDENIED;
+
+ if ( UnTrustedScript(_rScriptURL) )
+ return ERRCODE_IO_ACCESSDENIED;
+
// obtain/create a script provider
Reference< provider::XScriptProvider > xScriptProvider;
Reference< provider::XScriptProviderSupplier > xSPS( _rxScriptContext,
UNO_QUERY );
commit a3ab318ab24043c594c1b3c184661fb4bef89ff7
Author: Stephan Bergmann <sberg...@redhat.com>
AuthorDate: Sat Aug 3 16:37:48 2019 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Thu Aug 22 13:44:34 2019 +0200
keep name percent-encoded
Change-Id: I470c4b24192c3e3c9b556a9bbb3b084359e0033b
Reviewed-on: https://gerrit.libreoffice.org/77006
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caol...@redhat.com>
Tested-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit 315c51731384230194af26b86a976bf5d06c9dcc)
diff --git a/scripting/source/pyprov/pythonscript.py
b/scripting/source/pyprov/pythonscript.py
index b85b4f6badb5..7b788d65ddb9 100644
--- a/scripting/source/pyprov/pythonscript.py
+++ b/scripting/source/pyprov/pythonscript.py
@@ -219,7 +219,9 @@ class MyUriHelper:
# path to the .py file + "$functionname, arguments, etc
xStorageUri = self.m_uriRefFac.parse(scriptURI)
- sStorageUri = xStorageUri.getName().replace( "|", "/" );
+ # getName will apply url-decoding to the name, so encode back
+ sStorageUri = xStorageUri.getName().replace("%", "%25")
+ sStorageUri = sStorageUri.replace( "|", "/" )
# path to the .py file, relative to the base
sFileUri = sStorageUri[0:sStorageUri.find("$")]
commit 876d96f8c8a8d29e69b00820d34d25e19abe0563
Author: nd101 <f...@nd.com.cn>
AuthorDate: Wed Jul 3 09:41:06 2019 +0800
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Thu Aug 22 13:44:34 2019 +0200
Fix libgpg-error compilation error with gawk5
This is an adaptation of upstream patch
https://github.com/gpg/libgpg-error/commit/7865041c77f4f7005282f10f9b6666b19072fbdf
plus a fix to Makefile.in
Change-Id: I5bf946cf93e5849b8a3428064ab86f6255be97da
Reviewed-on: https://gerrit.libreoffice.org/75022
Reviewed-by: Mike Kaganski <mike.kagan...@collabora.com>
Tested-by: Mike Kaganski <mike.kagan...@collabora.com>
(cherry picked from commit af3b993ebea2f653fabba981d4c22b9aa779b32a)
Reviewed-on: https://gerrit.libreoffice.org/75075
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@cib.de>
(cherry picked from commit 87215115618de0c12d287a300fc5fde993886089)
Reviewed-on: https://gerrit.libreoffice.org/76308
Reviewed-by: Thorsten Behrens <thorsten.behr...@cib.de>
Tested-by: Thorsten Behrens <thorsten.behr...@cib.de>
(cherry picked from commit 8edc7023a14d26a7a6201f154b5c0e8edb47b1d9)
diff --git a/external/libgpg-error/UnpackedTarball_libgpg-error.mk
b/external/libgpg-error/UnpackedTarball_libgpg-error.mk
index 822145c2f4ab..4dcef3f1465a 100644
--- a/external/libgpg-error/UnpackedTarball_libgpg-error.mk
+++ b/external/libgpg-error/UnpackedTarball_libgpg-error.mk
@@ -14,6 +14,7 @@ $(eval $(call
gb_UnpackedTarball_set_tarball,libgpg-error,$(LIBGPGERROR_TARBALL)
$(eval $(call gb_UnpackedTarball_set_patchlevel,libgpg-error,0))
$(eval $(call gb_UnpackedTarball_add_patches,libgpg-error, \
+ external/libgpg-error/libgpg-error_gawk5.patch \
$(if $(filter MSC,$(COM)),external/libgpg-error/w32-build-fixes.patch) \
$(if $(filter
MSC,$(COM)),external/libgpg-error/w32-build-fixes-2.patch.1) \
$(if $(filter
MSC,$(COM)),external/libgpg-error/w32-build-fixes-3.patch.1) \
diff --git a/external/libgpg-error/libgpg-error_gawk5.patch
b/external/libgpg-error/libgpg-error_gawk5.patch
new file mode 100644
index 000000000000..3be76a4538a8
--- /dev/null
+++ b/external/libgpg-error/libgpg-error_gawk5.patch
@@ -0,0 +1,114 @@
+--- src/Makefile.am
++++ src/Makefile.am~
+@@ -266,7 +266,7 @@
+
+ errnos-sym.h: Makefile mkstrtable.awk errnos.in
+ $(AWK) -f $(srcdir)/mkstrtable.awk -v textidx=2 -v nogettext=1 \
+- -v prefix=GPG_ERR_ -v namespace=errnos_ \
++ -v prefix=GPG_ERR_ -v pkg_namespace=errnos_ \
+ $(srcdir)/errnos.in >$@
+
+
+--- src/mkerrcodes.awk
++++ src/mkerrcodes.awk~
+@@ -81,7 +81,7 @@
+ }
+
+ !header {
+- sub (/\#.+/, "");
++ sub (/#.+/, "");
+ sub (/[ ]+$/, ""); # Strip trailing space and tab characters.
+
+ if (/^$/)
+--- src/mkerrcodes1.awk
++++ src/mkerrcodes1.awk~
+@@ -81,7 +81,7 @@
+ }
+
+ !header {
+- sub (/\#.+/, "");
++ sub (/#.+/, "");
+ sub (/[ ]+$/, ""); # Strip trailing space and tab characters.
+
+ if (/^$/)
+--- src/mkerrcodes2.awk
++++ src/mkerrcodes2.awk~
+@@ -91,7 +91,7 @@
+ }
+
+ !header {
+- sub (/\#.+/, "");
++ sub (/#.+/, "");
+ sub (/[ ]+$/, ""); # Strip trailing space and tab characters.
+
+ if (/^$/)
+--- src/mkerrnos.awk
++++ src/mkerrnos.awk~
+@@ -83,7 +83,7 @@
+ }
+
+ !header {
+- sub (/\#.+/, "");
++ sub (/#.+/, "");
+ sub (/[ ]+$/, ""); # Strip trailing space and tab characters.
+
+ if (/^$/)
+--- src/mkstrtable.awk
++++ src/mkstrtable.awk~
+@@ -77,7 +77,7 @@
+ #
+ # The variable prefix can be used to prepend a string to each message.
+ #
+-# The variable namespace can be used to prepend a string to each
++# The variable pkg_namespace can be used to prepend a string to each
+ # variable and macro name.
+
+ BEGIN {
+@@ -102,7 +102,7 @@
+ print "/* The purpose of this complex string table is to produce";
+ print " optimal code with a minimum of relocations. */";
+ print "";
+- print "static const char " namespace "msgstr[] = ";
++ print "static const char " pkg_namespace "msgstr[] = ";
+ header = 0;
+ }
+ else
+@@ -110,7 +110,7 @@
+ }
+
+ !header {
+- sub (/\#.+/, "");
++ sub (/#.+/, "");
+ sub (/[ ]+$/, ""); # Strip trailing space and tab characters.
+
+ if (/^$/)
+@@ -150,7 +150,7 @@
+ else
+ print " gettext_noop (\"" last_msgstr "\");";
+ print "";
+- print "static const int " namespace "msgidx[] =";
++ print "static const int " pkg_namespace "msgidx[] =";
+ print " {";
+ for (i = 0; i < coded_msgs; i++)
+ print " " pos[i] ",";
+@@ -158,7 +158,7 @@
+ print " };";
+ print "";
+ print "static GPG_ERR_INLINE int";
+- print namespace "msgidxof (int code)";
++ print pkg_namespace "msgidxof (int code)";
+ print "{";
+ print " return (0 ? 0";
+
+--- src/Makefile.in
++++ src/Makefile.in~
+@@ -1321,7 +1321,7 @@
+
+ errnos-sym.h: Makefile mkstrtable.awk errnos.in
+ $(AWK) -f $(srcdir)/mkstrtable.awk -v textidx=2 -v nogettext=1 \
+- -v prefix=GPG_ERR_ -v namespace=errnos_ \
++ -v prefix=GPG_ERR_ -v pkg_namespace=errnos_ \
+ $(srcdir)/errnos.in >$@
+
+ mkheader: mkheader.c Makefile
+
diff --git a/external/libgpg-error/w32-build-fixes.patch
b/external/libgpg-error/w32-build-fixes.patch
index e8a6b6145d46..96a62e32042c 100644
--- a/external/libgpg-error/w32-build-fixes.patch
+++ b/external/libgpg-error/w32-build-fixes.patch
@@ -136,7 +136,7 @@ diff -ru libgpg-error.orig/src/Makefile.in
libgpg-error/src/Makefile.in
errnos-sym.h: Makefile mkstrtable.awk errnos.in
@@ -1325,7 +1325,7 @@
- -v prefix=GPG_ERR_ -v namespace=errnos_ \
+ -v prefix=GPG_ERR_ -v pkg_namespace=errnos_ \
$(srcdir)/errnos.in >$@
-mkheader: mkheader.c Makefile
commit 61755b201e5d6359330aade1b8c7bb9e99ba3bea
Author: Michael Stahl <michael.st...@cib.de>
AuthorDate: Thu Jul 18 14:07:06 2019 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Thu Aug 22 13:44:34 2019 +0200
sw: fix use after free on tdf117215-1.odt
Move the fix from 6d0ea082889c89eb8b408779f2de08da7441ff54 to
SwFlyFrame::DestroyImpl() so we unregister every SwFlyFrame.
==1550==ERROR: AddressSanitizer: heap-use-after-free on address
0x615000383f56 at pc 0x7efcd70d5ab9 bp 0x7ffeb7ac7c40 sp 0x7ffeb7ac7c38
WRITE of size 1 at 0x615000383f56 thread T0
0 SwAnchoredObject::SetTmpConsiderWrapInfluence(bool)
sw/source/core/layout/anchoredobject.cxx:743:32
1 SwObjsMarkedAsTmpConsiderWrapInfluence::Clear()
sw/source/core/layout/objstmpconsiderwrapinfl.cxx:53:23
2 SwLayouter::ClearObjsTmpConsiderWrapInfluence(SwDoc const&)
sw/source/core/layout/layouter.cxx:387:84
3 sw::DocumentLayoutManager::ClearSwLayouterEntries()
sw/source/core/doc/DocumentLayoutManager.cxx:497:5
4 sw::DocumentStateManager::SetModified()
sw/source/core/doc/DocumentStateManager.cxx:45:39
5 sw::DocumentContentOperationsManager::DeleteRangeImplImpl(SwPaM&)
sw/source/core/doc/DocumentContentOperationsManager.cxx:3942:36
0x615000383f56 is located 342 bytes inside of 504-byte region
[0x615000383e00,0x615000383ff8)
freed by thread T0 here:
1 SwFlyAtContentFrame::~SwFlyAtContentFrame()
sw/source/core/inc/flyfrms.hxx:159:7
2 SwFrame::DestroyFrame(SwFrame*) sw/source/core/layout/ssfrm.cxx:389:9
3 SwFrameFormat::DelFrames() sw/source/core/layout/atrfrm.cxx:2624:17
4 SwUndoFlyBase::DelFly(SwDoc*) sw/source/core/undo/undobj1.cxx:161:19
5 SwUndoDelLayFormat::SwUndoDelLayFormat(SwFrameFormat*)
sw/source/core/undo/undobj1.cxx:403:5
6 SwHistoryTextFlyCnt::SwHistoryTextFlyCnt(SwFrameFormat*)
sw/source/core/undo/rolbck.cxx:538:20
7 SwHistory::Add(SwFlyFrameFormat&, unsigned short&)
sw/source/core/undo/rolbck.cxx:1083:50
8 SwUndoSaveContent::DelContentIndex(SwPosition const&, SwPosition
const&, DelContentType) sw/source/core/undo/undobj.cxx:1020:39
9 SwUndoDelete::SwUndoDelete(SwPaM&, bool, bool)
sw/source/core/undo/undel.cxx:229:9
11 sw::DocumentContentOperationsManager::DeleteRangeImplImpl(SwPaM&)
sw/source/core/doc/DocumentContentOperationsManager.cxx:3939:55
Change-Id: Ia0c28c9d5792615cbb566e502374efd0f4056daf
Reviewed-on: https://gerrit.libreoffice.org/75857
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@cib.de>
(cherry picked from commit dea72ef111ee8a0b1b178f8cd48757514d5ca831)
Reviewed-on: https://gerrit.libreoffice.org/75941
Reviewed-by: Caolán McNamara <caol...@redhat.com>
Tested-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit 4b9324b93dcbd72c8c8949309d45790dd8f7d5fd)
Reviewed-on: https://gerrit.libreoffice.org/76306
Reviewed-by: Thorsten Behrens <thorsten.behr...@cib.de>
Tested-by: Thorsten Behrens <thorsten.behr...@cib.de>
(cherry picked from commit 00c4ae49aa88319660b9201e8e5d8393953fa1ed)
diff --git a/sw/source/core/layout/fly.cxx b/sw/source/core/layout/fly.cxx
index acd348b096a5..e2a4605e8d65 100644
--- a/sw/source/core/layout/fly.cxx
+++ b/sw/source/core/layout/fly.cxx
@@ -270,6 +270,8 @@ void SwFlyFrame::DestroyImpl()
if( GetFormat() && !GetFormat()->GetDoc()->IsInDtor() )
{
+ ClearTmpConsiderWrapInfluence(); // remove this from SwLayouter
+
// OD 2004-01-19 #110582#
Unchain();
diff --git a/sw/source/core/layout/ssfrm.cxx b/sw/source/core/layout/ssfrm.cxx
index ab584d14db31..43237173c224 100644
--- a/sw/source/core/layout/ssfrm.cxx
+++ b/sw/source/core/layout/ssfrm.cxx
@@ -512,7 +512,6 @@ void SwLayoutFrame::DestroyImpl()
const size_t nCnt = pFrame->GetDrawObjs()->size();
// #i28701#
SwAnchoredObject* pAnchoredObj = (*pFrame->GetDrawObjs())[0];
- pAnchoredObj->ClearTmpConsiderWrapInfluence();
if (SwFlyFrame* pFlyFrame =
dynamic_cast<SwFlyFrame*>(pAnchoredObj))
{
SwFrame::DestroyFrame(pFlyFrame);
@@ -520,6 +519,7 @@ void SwLayoutFrame::DestroyImpl()
}
else
{
+ pAnchoredObj->ClearTmpConsiderWrapInfluence();
SdrObject* pSdrObj = pAnchoredObj->DrawObj();
SwDrawContact* pContact =
static_cast<SwDrawContact*>(pSdrObj->GetUserCall());
commit 321ec9d9ba94096fe024aad47904068e877e4103
Author: Caolán McNamara <caol...@redhat.com>
AuthorDate: Thu Aug 9 12:32:01 2018 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Thu Aug 22 13:44:34 2019 +0200
forcepoint73 deleted SwAnchoredObject still referenced in
TmpConsiderWrapInfl
Reviewed-on: https://gerrit.libreoffice.org/58760
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caol...@redhat.com>
Tested-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit 6d0ea082889c89eb8b408779f2de08da7441ff54)
Change-Id: If255723834d049865fcf6fd0eac7768dfcbad2a1
Reviewed-on: https://gerrit.libreoffice.org/58768
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@cib.de>
(cherry picked from commit de765158b372d5f7bbb1b37c7d6be695ab6104ac)
diff --git a/sw/inc/anchoredobject.hxx b/sw/inc/anchoredobject.hxx
index 554fc6721902..ff8b59ca6ae7 100644
--- a/sw/inc/anchoredobject.hxx
+++ b/sw/inc/anchoredobject.hxx
@@ -467,6 +467,7 @@ class SW_DLLPUBLIC SwAnchoredObject
// accessors to member <mbTmpConsiderWrapInfluence>
void SetTmpConsiderWrapInfluence( const bool
_bTmpConsiderWrapInfluence );
bool IsTmpConsiderWrapInfluence() const { return
mbTmpConsiderWrapInfluence;}
+ void ClearTmpConsiderWrapInfluence();
/** method to determine, if the anchored object is overlapping with a
previous column
diff --git a/sw/source/core/inc/layouter.hxx b/sw/source/core/inc/layouter.hxx
index bf72d5d4591e..a3979cf4670a 100644
--- a/sw/source/core/inc/layouter.hxx
+++ b/sw/source/core/inc/layouter.hxx
@@ -128,6 +128,10 @@ public:
static void InsertObjForTmpConsiderWrapInfluence(
const SwDoc& _rDoc,
SwAnchoredObject& _rAnchoredObj );
+ static void RemoveObjForTmpConsiderWrapInfluence(
+ const SwDoc& _rDoc,
+ SwAnchoredObject& _rAnchoredObj );
+
// --> #i65250#
static bool MoveBwdSuppressed( const SwDoc& p_rDoc,
const SwFlowFrame& p_rFlowFrame,
diff --git a/sw/source/core/layout/anchoredobject.cxx
b/sw/source/core/layout/anchoredobject.cxx
index a88d36eba220..3a5447f583ab 100644
--- a/sw/source/core/layout/anchoredobject.cxx
+++ b/sw/source/core/layout/anchoredobject.cxx
@@ -746,7 +746,14 @@ void SwAnchoredObject::SetTmpConsiderWrapInfluence( const
bool _bTmpConsiderWrap
}
}
-
+void SwAnchoredObject::ClearTmpConsiderWrapInfluence()
+{
+ mbTmpConsiderWrapInfluence = false;
+ mbClearedEnvironment = false;
+ SetClearedEnvironment( false );
+ SwLayouter::RemoveObjForTmpConsiderWrapInfluence(
*(GetFrameFormat().GetDoc()),
+ *this );
+}
void SwAnchoredObject::SetTmpConsiderWrapInfluenceOfOtherObjs()
{
const SwSortedObjs* pObjs = GetAnchorFrame()->GetDrawObjs();
diff --git a/sw/source/core/layout/layouter.cxx
b/sw/source/core/layout/layouter.cxx
index 9ced7caa4747..10eba9979057 100644
--- a/sw/source/core/layout/layouter.cxx
+++ b/sw/source/core/layout/layouter.cxx
@@ -392,6 +392,7 @@ void SwLayouter::ClearObjsTmpConsiderWrapInfluence( const
SwDoc& _rDoc )
_rDoc.getIDocumentLayoutAccess().GetLayouter()->mpObjsTmpConsiderWrapInfl->Clear();
}
}
+
void SwLayouter::InsertObjForTmpConsiderWrapInfluence(
const SwDoc& _rDoc,
SwAnchoredObject& _rAnchoredObj )
@@ -410,6 +411,20 @@ void SwLayouter::InsertObjForTmpConsiderWrapInfluence(
_rDoc.getIDocumentLayoutAccess().GetLayouter()->mpObjsTmpConsiderWrapInfl->Insert(
_rAnchoredObj );
}
+void SwLayouter::RemoveObjForTmpConsiderWrapInfluence(
+ const SwDoc& _rDoc,
+ SwAnchoredObject& _rAnchoredObj )
+{
+ if ( !_rDoc.getIDocumentLayoutAccess().GetLayouter() )
+ return;
+
+ if (
!_rDoc.getIDocumentLayoutAccess().GetLayouter()->mpObjsTmpConsiderWrapInfl )
+ return;
+
+
_rDoc.getIDocumentLayoutAccess().GetLayouter()->mpObjsTmpConsiderWrapInfl->Remove(
_rAnchoredObj );
+}
+
+
void LOOPING_LOUIE_LIGHT( bool bCondition, const SwTextFrame& rTextFrame )
{
if ( bCondition )
diff --git a/sw/source/core/layout/objstmpconsiderwrapinfl.cxx
b/sw/source/core/layout/objstmpconsiderwrapinfl.cxx
index 01aa4d38a501..9c5a2240eeac 100644
--- a/sw/source/core/layout/objstmpconsiderwrapinfl.cxx
+++ b/sw/source/core/layout/objstmpconsiderwrapinfl.cxx
@@ -31,23 +31,18 @@
SwObjsMarkedAsTmpConsiderWrapInfluence::~SwObjsMarkedAsTmpConsiderWrapInfluence(
void SwObjsMarkedAsTmpConsiderWrapInfluence::Insert( SwAnchoredObject&
_rAnchoredObj )
{
+ auto it = std::find(maObjsTmpConsiderWrapInfl.begin(),
maObjsTmpConsiderWrapInfl.end(), &_rAnchoredObj);
+ if (it != maObjsTmpConsiderWrapInfl.end())
+ return;
+ maObjsTmpConsiderWrapInfl.push_back( &_rAnchoredObj );
+}
- bool bAlreadyInserted( false );
- std::vector< SwAnchoredObject* >::const_iterator aIter =
maObjsTmpConsiderWrapInfl.begin();
- for ( ; aIter != maObjsTmpConsiderWrapInfl.end(); ++aIter )
- {
- const SwAnchoredObject* pAnchoredObj = *aIter;
- if ( pAnchoredObj == &_rAnchoredObj )
- {
- bAlreadyInserted = true;
- break;
- }
- }
-
- if ( !bAlreadyInserted )
- {
- maObjsTmpConsiderWrapInfl.push_back( &_rAnchoredObj );
- }
+void SwObjsMarkedAsTmpConsiderWrapInfluence::Remove( SwAnchoredObject&
_rAnchoredObj )
+{
+ auto it = std::find(maObjsTmpConsiderWrapInfl.begin(),
maObjsTmpConsiderWrapInfl.end(), &_rAnchoredObj);
+ if (it == maObjsTmpConsiderWrapInfl.end())
+ return;
+ maObjsTmpConsiderWrapInfl.erase(it);
}
void SwObjsMarkedAsTmpConsiderWrapInfluence::Clear()
diff --git a/sw/source/core/layout/objstmpconsiderwrapinfl.hxx
b/sw/source/core/layout/objstmpconsiderwrapinfl.hxx
index fcf495e72a50..28b6acf9de1c 100644
--- a/sw/source/core/layout/objstmpconsiderwrapinfl.hxx
+++ b/sw/source/core/layout/objstmpconsiderwrapinfl.hxx
@@ -33,6 +33,7 @@ class SwObjsMarkedAsTmpConsiderWrapInfluence
~SwObjsMarkedAsTmpConsiderWrapInfluence();
void Insert( SwAnchoredObject& _rAnchoredObj );
+ void Remove( SwAnchoredObject& _rAnchoredObj );
void Clear();
};
diff --git a/sw/source/core/layout/ssfrm.cxx b/sw/source/core/layout/ssfrm.cxx
index 26b15e0e781f..ab584d14db31 100644
--- a/sw/source/core/layout/ssfrm.cxx
+++ b/sw/source/core/layout/ssfrm.cxx
@@ -512,9 +512,10 @@ void SwLayoutFrame::DestroyImpl()
const size_t nCnt = pFrame->GetDrawObjs()->size();
// #i28701#
SwAnchoredObject* pAnchoredObj = (*pFrame->GetDrawObjs())[0];
- if ( dynamic_cast< const SwFlyFrame *>( pAnchoredObj ) !=
nullptr )
+ pAnchoredObj->ClearTmpConsiderWrapInfluence();
+ if (SwFlyFrame* pFlyFrame =
dynamic_cast<SwFlyFrame*>(pAnchoredObj))
{
-
SwFrame::DestroyFrame(static_cast<SwFlyFrame*>(pAnchoredObj));
+ SwFrame::DestroyFrame(pFlyFrame);
assert(!pFrame->GetDrawObjs() || nCnt >
pFrame->GetDrawObjs()->size());
}
else
commit a38aea96aacf13aeb4b5698a6226dfeb3aee972e
Author: Eike Rathke <er...@redhat.com>
AuthorDate: Thu Jul 11 15:50:07 2019 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Thu Aug 22 13:44:34 2019 +0200
Postpone loading of all external references, including INDIRECT()
... which can be constructed with an arbitrary URI text string not
an svExternal* token type, until link updates are allowed.
Reviewed-on: https://gerrit.libreoffice.org/75422
Reviewed-by: Eike Rathke <er...@redhat.com>
Tested-by: Jenkins
(cherry picked from commit b824b23860b2cf533d4f2428d4a750bd72576181)
Reviewed-on: https://gerrit.libreoffice.org/76304
Reviewed-by: Thorsten Behrens <thorsten.behr...@cib.de>
Tested-by: Thorsten Behrens <thorsten.behr...@cib.de>
Change-Id: I2ce4de415ff99ace04c083c36c1383d76a4ef40d
(cherry picked from commit 31b1d2af8ce01804049168b7b0317d93d77a42d7)
diff --git a/sc/source/ui/docshell/externalrefmgr.cxx
b/sc/source/ui/docshell/externalrefmgr.cxx
index 4243973a5b08..df80b8db258d 100644
--- a/sc/source/ui/docshell/externalrefmgr.cxx
+++ b/sc/source/ui/docshell/externalrefmgr.cxx
@@ -133,11 +133,12 @@ struct UpdateFormulaCell
{
void operator() (ScFormulaCell* pCell) const
{
- // Check to make sure the cell really contains ocExternalRef.
+ // Check to make sure the cell really contains svExternal*.
// External names, external cell and range references all have a
- // ocExternalRef token.
+ // token of svExternal*. Additionally check for INDIRECT() that can be
+ // called with any constructed URI string.
ScTokenArray* pCode = pCell->GetCode();
- if (!pCode->HasExternalRef())
+ if (!pCode->HasExternalRef() && !pCode->HasOpCode(ocIndirect))
return;
if (pCode->GetCodeError() != FormulaError::NONE)
@@ -1661,6 +1662,17 @@ static std::unique_ptr<ScTokenArray>
lcl_fillEmptyMatrix(const ScRange& rRange)
return pArray;
}
+namespace {
+bool isLinkUpdateAllowedInDoc(const ScDocument& rDoc)
+{
+ SfxObjectShell* pDocShell = rDoc.GetDocumentShell();
+ if (!pDocShell)
+ return false;
+
+ return pDocShell->GetEmbeddedObjectContainer().getUserAllowsLinkUpdate();
+}
+}
+
ScExternalRefManager::ScExternalRefManager(ScDocument* pDoc) :
mpDoc(pDoc),
mbInReferenceMarking(false),
@@ -1950,8 +1962,19 @@ ScExternalRefCache::TokenRef
ScExternalRefManager::getSingleRefToken(
pSrcDoc = getSrcDocument(nFileId);
if (!pSrcDoc)
{
- // Source document not reachable. Throw a reference error.
- pToken.reset(new FormulaErrorToken(FormulaError::NoRef));
+ // Source document not reachable.
+#if 0
+ if (!isLinkUpdateAllowedInDoc(*mpDoc))
+ {
+ // Indicate with specific error.
+ pToken.reset(new
FormulaErrorToken(FormulaError::LinkFormulaNeedingCheck));
+ }
+ else
+#endif
+ {
+ // Throw a reference error.
+ pToken.reset(new FormulaErrorToken(FormulaError::NoRef));
+ }
return pToken;
}
@@ -2158,15 +2181,6 @@ void insertRefCellByIterator(
}
}
-bool IsLinkUpdateAllowedInDoc(const ScDocument& rDoc)
-{
- SfxObjectShell* pDocShell = rDoc.GetDocumentShell();
- if (!pDocShell)
- return false;
-
- return pDocShell->GetEmbeddedObjectContainer().getUserAllowsLinkUpdate();
-}
-
}
void ScExternalRefManager::insertRefCell(sal_uInt16 nFileId, const ScAddress&
rCell)
@@ -2377,8 +2391,8 @@ ScDocument*
ScExternalRefManager::getInMemorySrcDocument(sal_uInt16 nFileId)
if (!pFileName)
return nullptr;
- // Do not load document until it was allowed
- if (!IsLinkUpdateAllowedInDoc(*mpDoc))
+ // Do not load document until it was allowed.
+ if (!isLinkUpdateAllowedInDoc(*mpDoc))
return nullptr;
ScDocument* pSrcDoc = nullptr;
@@ -2487,6 +2501,10 @@ SfxObjectShellRef
ScExternalRefManager::loadSrcDocument(sal_uInt16 nFileId, OUSt
if (!isFileLoadable(aFile))
return nullptr;
+ // Do not load document until it was allowed.
+ if (!isLinkUpdateAllowedInDoc(*mpDoc))
+ return nullptr;
+
OUString aOptions = pFileData->maFilterOptions;
if ( !pFileData->maFilterName.isEmpty() )
rFilter = pFileData->maFilterName; // don't overwrite stored
filter with guessed filter
@@ -2625,9 +2643,9 @@ void ScExternalRefManager::maybeLinkExternalFile(
sal_uInt16 nFileId, bool bDefe
aOptions = pFileData->maFilterOptions;
}
- // Filter detection may access external links; defer it until we are
allowed
+ // Filter detection may access external links; defer it until we are
allowed.
if (!bDeferFilterDetection)
- bDeferFilterDetection = !IsLinkUpdateAllowedInDoc(*mpDoc);
+ bDeferFilterDetection = !isLinkUpdateAllowedInDoc(*mpDoc);
// If a filter was already set (for example, loading the cached table),
// don't call GetFilterName which has to access the source file.
commit 21dc07d365e85d64621468e79a29aa8a481c115a
Author: Caolán McNamara <caol...@redhat.com>
AuthorDate: Sat Oct 27 19:45:34 2018 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Thu Aug 22 13:44:34 2019 +0200
ofz#11125 pass param len around
Change-Id: I4b382271df21c58de0e102af6e0b07a88a1d9610
Reviewed-on: https://gerrit.libreoffice.org/62448
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@cib.de>
(cherry picked from commit 6253b1a29c8c1bcd7fd9efb07ca1a12fb0fc1746)
diff --git a/sw/source/filter/ww8/ww8par.hxx b/sw/source/filter/ww8/ww8par.hxx
index c0a4b44c4c93..b2db0fe83b44 100644
--- a/sw/source/filter/ww8/ww8par.hxx
+++ b/sw/source/filter/ww8/ww8par.hxx
@@ -1033,7 +1033,7 @@ struct WW8TabBandDesc
static void setcelldefaults(WW8_TCell *pCells, short nCells);
void ReadDef(bool bVer67, const sal_uInt8* pS, short nLen);
void ProcessDirection(const sal_uInt8* pParams);
- void ProcessSprmTSetBRC(int nBrcVer, const sal_uInt8* pParamsTSetBRC);
+ void ProcessSprmTSetBRC(int nBrcVer, const sal_uInt8* pParamsTSetBRC,
sal_uInt16 nParamsLen);
void ProcessSprmTTableBorders(int nBrcVer, const sal_uInt8* pParams,
sal_uInt16 nParamsLen);
void ProcessSprmTDxaCol(const sal_uInt8* pParamsTDxaCol);
void ProcessSprmTDelete(const sal_uInt8* pParamsTDelete);
diff --git a/sw/source/filter/ww8/ww8par2.cxx b/sw/source/filter/ww8/ww8par2.cxx
index 1ab43e948b90..2bb1a638bc2c 100644
--- a/sw/source/filter/ww8/ww8par2.cxx
+++ b/sw/source/filter/ww8/ww8par2.cxx
@@ -1360,11 +1360,17 @@ void WW8TabBandDesc::ReadDef(bool bVer67, const
sal_uInt8* pS, short nLen)
}
}
-void WW8TabBandDesc::ProcessSprmTSetBRC(int nBrcVer, const sal_uInt8*
pParamsTSetBRC)
+void WW8TabBandDesc::ProcessSprmTSetBRC(int nBrcVer, const sal_uInt8*
pParamsTSetBRC, sal_uInt16 nParamsLen)
{
if( !pParamsTSetBRC || !pTCs ) // set one or more cell border(s)
return;
+ if (nParamsLen < 3)
+ {
+ SAL_WARN("sw.ww8", "table border property is too short");
+ return;
+ }
+
sal_uInt8 nitcFirst= pParamsTSetBRC[0];// first col to be changed
sal_uInt8 nitcLim = pParamsTSetBRC[1];// (last col to be changed)+1
sal_uInt8 nFlag = *(pParamsTSetBRC+2);
@@ -1383,11 +1389,33 @@ void WW8TabBandDesc::ProcessSprmTSetBRC(int nBrcVer,
const sal_uInt8* pParamsTSe
WW8_TCell* pAktTC = pTCs + nitcFirst;
WW8_BRCVer9 brcVer9;
if( nBrcVer == 6 )
+ {
+ if (nParamsLen < sizeof(WW8_BRCVer6) + 3)
+ {
+ SAL_WARN("sw.ww8", "table border property is too short");
+ return;
+ }
brcVer9 = WW8_BRCVer9(WW8_BRC(*reinterpret_cast<WW8_BRCVer6 const
*>(pParamsTSetBRC+3)));
+ }
else if( nBrcVer == 8 )
+ {
+ static_assert(sizeof (WW8_BRC) == 4, "this has to match the msword
size");
+ if (nParamsLen < sizeof(WW8_BRC) + 3)
+ {
+ SAL_WARN("sw.ww8", "table border property is too short");
+ return;
+ }
brcVer9 = WW8_BRCVer9(*reinterpret_cast<WW8_BRC const
*>(pParamsTSetBRC+3));
+ }
else
+ {
+ if (nParamsLen < sizeof(WW8_BRCVer9) + 3)
+ {
+ SAL_WARN("sw.ww8", "table border property is too short");
+ return;
+ }
brcVer9 = *reinterpret_cast<WW8_BRCVer9 const *>(pParamsTSetBRC+3);
+ }
for( int i = nitcFirst; i < nitcLim; ++i, ++pAktTC )
{
@@ -1400,7 +1428,6 @@ void WW8TabBandDesc::ProcessSprmTSetBRC(int nBrcVer,
const sal_uInt8* pParamsTSe
if( bChangeRight )
pAktTC->rgbrc[ WW8_RIGHT ] = brcVer9;
}
-
}
void WW8TabBandDesc::ProcessSprmTTableBorders(int nBrcVer, const sal_uInt8*
pParams, sal_uInt16 nParamsLen)
@@ -1920,7 +1947,8 @@ WW8TabDesc::WW8TabDesc(SwWW8ImplReader* pIoClass, WW8_CP
nStartCp) :
sal_uInt16 nTableBordersLen = 0;
const sal_uInt8* pTableBorders90 = nullptr;
sal_uInt16 nTableBorders90Len = 0;
- std::vector<const sal_uInt8*> aTSetBrcs, aTSetBrc90s;
+ // params, len
+ std::vector<std::pair<const sal_uInt8*, sal_uInt16>> aTSetBrcs,
aTSetBrc90s;
WW8_TablePos *pTabPos = nullptr;
// search end of a tab row
@@ -2023,10 +2051,10 @@ WW8TabDesc::WW8TabDesc(SwWW8ImplReader* pIoClass,
WW8_CP nStartCp) :
}
break;
case sprmTSetBrc:
- aTSetBrcs.push_back(pParams); // process at end
+ aTSetBrcs.emplace_back(pParams, nLen); // process at
end
break;
case sprmTSetBrc90:
- aTSetBrc90s.push_back(pParams); // process at end
+ aTSetBrc90s.emplace_back(pParams, nLen); // process at
end
break;
case sprmTDxaCol:
pNewBand->ProcessSprmTDxaCol(pParams);
@@ -2074,11 +2102,10 @@ WW8TabDesc::WW8TabDesc(SwWW8ImplReader* pIoClass,
WW8_CP nStartCp) :
else if (pTableBorders)
pNewBand->ProcessSprmTTableBorders(bOldVer ? 6 : 8,
pTableBorders, nTableBordersLen);
- std::vector<const sal_uInt8*>::const_iterator iter;
- for (iter = aTSetBrcs.begin(); iter != aTSetBrcs.end(); ++iter)
- pNewBand->ProcessSprmTSetBRC(bOldVer ? 6 : 8, *iter);
- for (iter = aTSetBrc90s.begin(); iter != aTSetBrc90s.end(); ++iter)
- pNewBand->ProcessSprmTSetBRC(9, *iter);
+ for (const auto& a : aTSetBrcs)
+ pNewBand->ProcessSprmTSetBRC(bOldVer ? 6 : 8, a.first,
a.second);
+ for (const auto& a : aTSetBrc90s)
+ pNewBand->ProcessSprmTSetBRC(9, a.first, a.second);
}
if( nTabeDxaNew < SHRT_MAX )
commit 527a9ac2a8d5322642d7e493505a922810a53add
Author: Caolán McNamara <caol...@redhat.com>
AuthorDate: Wed Aug 1 21:34:20 2018 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Thu Aug 22 13:44:34 2019 +0200
forcepoint#67 detect cairo surface creation failure
if e.g. too large
Reviewed-on: https://gerrit.libreoffice.org/58454
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@cib.de>
(cherry picked from commit 36bee88834f90818c5475b460c729186ef6c9229)
Change-Id: I7de8748a5ed695c1b3ddc8c1358414f3acd68c94
diff --git a/vcl/headless/svpgdi.cxx b/vcl/headless/svpgdi.cxx
index db62e92585a2..086a80bc2bae 100644
--- a/vcl/headless/svpgdi.cxx
+++ b/vcl/headless/svpgdi.cxx
@@ -1272,6 +1272,11 @@ void SvpSalGraphics::drawMask( const SalTwoRect& rTR,
/** creates an image from the given rectangle, replacing all black pixels
* with nMaskColor and make all other full transparent */
SourceHelper aSurface(rSalBitmap, true); // The mask is argb32
+ if (!aSurface.getSurface())
+ {
+ SAL_WARN("vcl.gdi", "unsupported SvpSalGraphics::drawMask case");
+ return;
+ }
sal_Int32 nStride;
unsigned char *mask_data = aSurface.getBits(nStride);
for (sal_Int32 y = rTR.mnSrcY ; y < rTR.mnSrcY + rTR.mnSrcHeight; ++y)
@@ -1589,6 +1594,11 @@ cairo_surface_t*
SvpSalGraphics::createCairoSurface(const BitmapBuffer *pBuffer)
nFormat,
pBuffer->mnWidth, pBuffer->mnHeight,
pBuffer->mnScanlineSize);
+ if (cairo_surface_status(target) != CAIRO_STATUS_SUCCESS)
+ {
+ cairo_surface_destroy(target);
+ return nullptr;
+ }
return target;
}
commit 0370e0b179336e0e63f4f284b9cf9bf86bcd9c73
Author: Jan-Marek Glogowski <glo...@fbihome.de>
AuthorDate: Fri Jul 12 15:01:41 2019 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Thu Aug 22 13:44:34 2019 +0200
NSS fix lcc support patch
This hangs the build process with current MSVC cl.exe. It even
hangs when just calling "cl -? >/dev/null". Probably
a cl.exe bug to detect redirection properly?
This adds stdin redirection to /dev/null, like in configure.ac checks.
Reviewed-on: https://gerrit.libreoffice.org/75495
Reviewed-by: Jan-Marek Glogowski <glo...@fbihome.de>
Reviewed-by: Tor Lillqvist <t...@collabora.com>
Tested-by: Tor Lillqvist <t...@collabora.com>
(cherry picked from commit b11ea5e9c37b19f0d60a4075146668954a7bf728)
Change-Id: Ie03c3103ac68cd131dc280755621a8ce0417314f
diff --git a/external/nss/UnpackedTarball_nss.mk
b/external/nss/UnpackedTarball_nss.mk
index f1c025093216..195e57197425 100644
--- a/external/nss/UnpackedTarball_nss.mk
+++ b/external/nss/UnpackedTarball_nss.mk
@@ -22,6 +22,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,nss,\
external/nss/nss.vs2015.patch) \
external/nss/ubsan.patch.0 \
external/nss/clang-cl.patch.0 \
+ external/nss/nss.fix-freebl-add-lcc-support.patch.1 \
$(if $(filter IOS,$(OS)), \
external/nss/nss-ios.patch) \
$(if $(filter MSC-INTEL,$(COM)-$(CPUNAME)), \
diff --git a/external/nss/nss.fix-freebl-add-lcc-support.patch.1
b/external/nss/nss.fix-freebl-add-lcc-support.patch.1
new file mode 100644
index 000000000000..3e3c06327dde
--- /dev/null
+++ b/external/nss/nss.fix-freebl-add-lcc-support.patch.1
@@ -0,0 +1,11 @@
+--- b/nss/lib/freebl/Makefile
++++ a/nss/lib/freebl/Makefile
+@@ -495,7 +495,7 @@
+ ifdef USE_64
+ # no __int128 at least up to lcc 1.23 (pretending to be gcc5)
+ # NB: CC_NAME is not defined here
+-ifneq ($(shell $(CC) -? 2>&1 >/dev/null | sed -e 's/:.*//;1q'),lcc)
++ifneq ($(shell $(CC) -? 2>&1 >/dev/null </dev/null | sed -e 's/:.*//;1q'),lcc)
+ ifdef CC_IS_CLANG
+ HAVE_INT128_SUPPORT = 1
+ DEFINES += -DHAVE_INT128_SUPPORT
commit e8376756138b6136c400aeabf8d0c218faaa87f9
Author: Michael Stahl <michael.st...@cib.de>
AuthorDate: Wed Jul 10 12:20:00 2019 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Thu Aug 22 13:44:33 2019 +0200
nss: upgrade to release 3.45
Fixes CVE-2019-11729 CVE-2019-11719 CVE-2019-11727, and the less
important CVE-2018-12384 and CVE-2018-12404 from intermediate releases.
Since NSS 3.44 it's possible to build as static libraries and for iOS;
drop the nss-chromium-nss-static.patch and nss-more-static.patch and
hope that it works.
Drop one hunk from nss.patch that looks fixed upstream.
Reviewed-on: https://gerrit.libreoffice.org/75344
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@cib.de>
(cherry picked from commit 6efc8a33f69bc7f4be45b7b81f67cd74c163b99e)
Change-Id: I7f37ac36f7f8dfd49d0bfb4a6185ca49d4f618a3
Reviewed-on: https://gerrit.libreoffice.org/75410
Reviewed-by: Michael Stahl <michael.st...@cib.de>
Tested-by: Michael Stahl <michael.st...@cib.de>
diff --git a/download.lst b/download.lst
index ce40ad5628f3..99de5a5e0f50 100644
--- a/download.lst
+++ b/download.lst
@@ -195,8 +195,8 @@ export MYTHES_SHA256SUM :=
1e81f395d8c851c3e4e75b568e20fa2fa549354e75ab397f9de4b
export MYTHES_TARBALL := a8c2c5b8f09e7ede322d5c602ff6a4b6-mythes-1.2.4.tar.gz
export NEON_SHA256SUM :=
db0bd8cdec329b48f53a6f00199c92d5ba40b0f015b153718d1b15d3d967fbca
export NEON_TARBALL := neon-0.30.2.tar.gz
-export NSS_SHA256SUM :=
f271ec73291fa3e4bd4b59109f8035cc3a192fc33886f40ed4f9ee4b31c746e9
-export NSS_TARBALL := nss-3.38-with-nspr-4.19.tar.gz
+export NSS_SHA256SUM :=
fae11751100510d26f16a245f0db9a5b3d638ab28ce0bccd50d4314f7e526ba1
+export NSS_TARBALL := nss-3.45-with-nspr-4.21.tar.gz
export ODFGEN_SHA256SUM :=
2c7b21892f84a4c67546f84611eccdad6259875c971e98ddb027da66ea0ac9c2
export ODFGEN_VERSION_MICRO := 6
export ODFGEN_TARBALL := libodfgen-0.1.$(ODFGEN_VERSION_MICRO).tar.bz2
diff --git a/external/nss/UnpackedTarball_nss.mk
b/external/nss/UnpackedTarball_nss.mk
index 98cfe73ab4aa..f1c025093216 100644
--- a/external/nss/UnpackedTarball_nss.mk
+++ b/external/nss/UnpackedTarball_nss.mk
@@ -23,8 +23,6 @@ $(eval $(call gb_UnpackedTarball_add_patches,nss,\
external/nss/ubsan.patch.0 \
external/nss/clang-cl.patch.0 \
$(if $(filter IOS,$(OS)), \
- external/nss/nss-chromium-nss-static.patch \
- external/nss/nss-more-static.patch \
external/nss/nss-ios.patch) \
$(if $(filter MSC-INTEL,$(COM)-$(CPUNAME)), \
external/nss/nss.cygwin64.in32bit.patch) \
diff --git a/external/nss/clang-cl.patch.0 b/external/nss/clang-cl.patch.0
index 684cf74d3ca6..111ec934d147 100644
--- a/external/nss/clang-cl.patch.0
+++ b/external/nss/clang-cl.patch.0
@@ -15,11 +15,11 @@
--- nspr/pr/include/prbit.h
+++ nspr/pr/include/prbit.h
@@ -14,7 +14,7 @@
- ** functions.
*/
#if defined(_WIN32) && (_MSC_VER >= 1300) && \
-- (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_ARM))
-+ (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_ARM)) && !defined
__clang__
+ (defined(_M_IX86) || defined(_M_X64) || defined(_M_ARM) || \
+- defined(_M_ARM64))
++ defined(_M_ARM64)) && !defined __clang__
# include <intrin.h>
# pragma intrinsic(_BitScanForward,_BitScanReverse)
__forceinline static int __prBitScanForward32(unsigned int val)
@@ -29,15 +29,15 @@
# define PR_HAVE_BUILTIN_BITSCAN32
-#elif ((__GNUC__ >= 4) || (__GNUC__ == 3 && __GNUC_MINOR__ >= 4)) && \
+#elif defined __GNUC__ && ((__GNUC__ >= 4) || (__GNUC__ == 3 &&
__GNUC_MINOR__ >= 4)) && \
- (defined(__i386__) || defined(__x86_64__) || defined(__arm__))
+ (defined(__i386__) || defined(__x86_64__) || defined(__arm__) || \
+ defined(__aarch64__))
# define pr_bitscan_ctz32(val) __builtin_ctz(val)
- # define pr_bitscan_clz32(val) __builtin_clz(val)
@@ -136,7 +136,7 @@
*/
#if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || \
-- defined(_M_X64) || defined(_M_ARM))
-+ defined(_M_X64) || defined(_M_ARM)) && !defined __clang__
+- defined(_M_X64) || defined(_M_ARM) || defined(_M_ARM64))
++ defined(_M_X64) || defined(_M_ARM) || defined(_M_ARM64)) && !defined
__clang__
#include <stdlib.h>
#pragma intrinsic(_rotl, _rotr)
#define PR_ROTATE_LEFT32(a, bits) _rotl(a, bits)
diff --git a/external/nss/nss-chromium-nss-static.patch
b/external/nss/nss-chromium-nss-static.patch
deleted file mode 100644
index 9d7a4e4352b1..000000000000
--- a/external/nss/nss-chromium-nss-static.patch
+++ /dev/null
@@ -1,487 +0,0 @@
-Based on
http://src.chromium.org/viewvc/chrome/trunk/deps/third_party/nss/patches/nss-static.patch
-
---- a/a/nss/lib/certhigh/certvfy.c Tue May 28 23:37:46 2013 +0200
-+++ a/a/nss/lib/certhigh/certvfy.c Fri May 31 17:44:06 2013 -0700
-@@ -13,9 +13,11 @@
- #include "certdb.h"
- #include "certi.h"
- #include "cryptohi.h"
-+#ifndef NSS_DISABLE_LIBPKIX
- #include "pkix.h"
- /*#include "pkix_sample_modules.h" */
- #include "pkix_pl_cert.h"
-+#endif /* NSS_DISABLE_LIBPKIX */
-
-
- #include "nsspki.h"
-@@ -24,6 +26,47 @@
- #include "pki3hack.h"
- #include "base.h"
-
-+#ifdef NSS_DISABLE_LIBPKIX
-+SECStatus
-+cert_VerifyCertChainPkix(
-+ CERTCertificate *cert,
-+ PRBool checkSig,
-+ SECCertUsage requiredUsage,
-+ PRTime time,
-+ void *wincx,
-+ CERTVerifyLog *log,
-+ PRBool *pSigerror,
-+ PRBool *pRevoked)
-+{
-+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-+ return SECFailure;
-+}
-+
-+SECStatus
-+CERT_SetUsePKIXForValidation(PRBool enable)
-+{
-+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-+ return SECFailure;
-+}
-+
-+PRBool
-+CERT_GetUsePKIXForValidation()
-+{
-+ return PR_FALSE;
-+}
-+
-+SECStatus CERT_PKIXVerifyCert(
-+ CERTCertificate *cert,
-+ SECCertificateUsage usages,
-+ CERTValInParam *paramsIn,
-+ CERTValOutParam *paramsOut,
-+ void *wincx)
-+{
-+ PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-+ return SECFailure;
-+}
-+#endif /* NSS_DISABLE_LIBPKIX */
-+
- /*
- * Check the validity times of a certificate
- */
---- a/a/nss/lib/ckfw/nssck.api Tue May 28 23:37:46 2013 +0200
-+++ a/a/nss/lib/ckfw/nssck.api Fri May 31 17:44:06 2013 -0700
-@@ -1752,7 +1752,7 @@
- }
- #endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
--static CK_RV CK_ENTRY
-+CK_RV CK_ENTRY
- __ADJOIN(MODULE_NAME,C_GetFunctionList)
- (
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-@@ -1830,7 +1830,7 @@
- __ADJOIN(MODULE_NAME,C_WaitForSlotEvent)
- };
-
--static CK_RV CK_ENTRY
-+CK_RV CK_ENTRY
- __ADJOIN(MODULE_NAME,C_GetFunctionList)
- (
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-@@ -1840,6 +1840,8 @@
- return CKR_OK;
- }
-
-+#define NSS_STATIC
-+#ifndef NSS_STATIC
- /* This one is always present */
- CK_RV CK_ENTRY
- C_GetFunctionList
-@@ -1849,6 +1850,7 @@
- {
- return __ADJOIN(MODULE_NAME,C_GetFunctionList)(ppFunctionList);
- }
-+#endif
-
- #undef __ADJOIN
-
---- a/a/nss/lib/freebl/rsa.c Tue May 28 23:37:46 2013 +0200
-+++ a/a/nss/lib/freebl/rsa.c Fri May 31 17:44:06 2013 -0700
-@@ -1559,6 +1559,14 @@
- RSA_Cleanup();
- }
-
-+#define NSS_STATIC
-+#ifdef NSS_STATIC
-+void
-+BL_Unload(void)
-+{
-+}
-+#endif
-+
- PRBool bl_parentForkedAfterC_Initialize;
-
- /*
---- a/a/nss/lib/freebl/shvfy.c Tue May 28 23:37:46 2013 +0200
-+++ a/a/nss/lib/freebl/shvfy.c Fri May 31 17:44:06 2013 -0700
-@@ -273,9 +273,22 @@
- return SECSuccess;
- }
-
-+/*
-+ * Define PSEUDO_FIPS if you can't do FIPS software integrity test (e.g.,
-+ * if you're using NSS as static libraries), but want to conform to the
-+ * rest of the FIPS requirements.
-+ */
-+#define NSS_STATIC
-+#ifdef NSS_STATIC
-+#define PSEUDO_FIPS
-+#endif
-+
- PRBool
- BLAPI_SHVerify(const char *name, PRFuncPtr addr)
- {
-+#ifdef PSEUDO_FIPS
-+ return PR_TRUE; /* a lie, hence *pseudo* FIPS */
-+#else
- PRBool result = PR_FALSE; /* if anything goes wrong,
- * the signature does not verify */
- /* find our shared library name */
-@@ -291,11 +303,15 @@
- }
-
- return result;
-+#endif /* PSEUDO_FIPS */
- }
-
- PRBool
- BLAPI_SHVerifyFile(const char *shName)
- {
-+#ifdef PSEUDO_FIPS
-+ return PR_TRUE; /* a lie, hence *pseudo* FIPS */
-+#else
- char *checkName = NULL;
- PRFileDesc *checkFD = NULL;
- PRFileDesc *shFD = NULL;
-@@ -492,6 +508,7 @@
- }
-
- return result;
-+#endif /* PSEUDO_FIPS */
- }
-
- PRBool
---- a/a/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.c Tue May
28 23:37:46 2013 +0200
-+++ a/a/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpcertstore.c Fri May
31 17:44:06 2013 -0700
-@@ -201,7 +201,11 @@
-
- typedef SECStatus (*pkix_DecodeCertsFunc)(char *certbuf, int certlen,
- CERTImportCertificateFunc f, void
*arg);
--
-+#define NSS_STATIC
-+#ifdef NSS_STATIC
-+extern SECStatus CERT_DecodeCertPackage(char* certbuf, int certlen,
-+ CERTImportCertificateFunc f, void*
arg);
-+#endif
-
- struct pkix_DecodeFuncStr {
- pkix_DecodeCertsFunc func; /* function pointer to the
-@@ -223,6 +226,11 @@
- */
- static PRStatus PR_CALLBACK pkix_getDecodeFunction(void)
- {
-+#ifdef NSS_STATIC
-+ pkix_decodeFunc.smimeLib = NULL;
-+ pkix_decodeFunc.func = CERT_DecodeCertPackage;
-+ return PR_SUCCESS;
-+#else
- pkix_decodeFunc.smimeLib =
- PR_LoadLibrary(SHLIB_PREFIX"smime3."SHLIB_SUFFIX);
- if (pkix_decodeFunc.smimeLib == NULL) {
-@@ -235,7 +243,7 @@
- return PR_FAILURE;
- }
- return PR_SUCCESS;
--
-+#endif
- }
-
- /*
---- a/a/nss/lib/nss/nssinit.c Tue May 28 23:37:46 2013 +0200
-+++ a/a/nss/lib/nss/nssinit.c Fri May 31 17:44:06 2013 -0700
-@@ -20,9 +20,11 @@
- #include "secerr.h"
- #include "nssbase.h"
- #include "nssutil.h"
-+#ifndef NSS_DISABLE_LIBPKIX
- #include "pkixt.h"
- #include "pkix.h"
- #include "pkix_tools.h"
-+#endif /* NSS_DISABLE_LIBPKIX */
-
- #include "pki3hack.h"
- #include "certi.h"
-@@ -530,8 +532,10 @@
- PRBool dontFinalizeModules)
- {
- SECStatus rv = SECFailure;
-+#ifndef NSS_DISABLE_LIBPKIX
- PKIX_UInt32 actualMinorVersion = 0;
- PKIX_Error *pkixError = NULL;
-+#endif
- PRBool isReallyInitted;
- char *configStrings = NULL;
- char *configName = NULL;
-@@ -685,6 +689,7 @@
- pk11sdr_Init();
- cert_CreateSubjectKeyIDHashTable();
-
-+#ifndef NSS_DISABLE_LIBPKIX
- pkixError = PKIX_Initialize
- (PKIX_FALSE, PKIX_MAJOR_VERSION, PKIX_MINOR_VERSION,
- PKIX_MINOR_VERSION, &actualMinorVersion, &plContext);
-@@ -697,6 +702,7 @@
- CERT_SetUsePKIXForValidation(PR_TRUE);
- }
- }
-+#endif /* NSS_DISABLE_LIBPKIX */
-
-
- }
-@@ -1081,7 +1087,9 @@
- cert_DestroyLocks();
- ShutdownCRLCache();
- OCSP_ShutdownGlobal();
-+#ifndef NSS_DISABLE_LIBPKIX
- PKIX_Shutdown(plContext);
-+#endif
- SECOID_Shutdown();
- status = STAN_Shutdown();
- cert_DestroySubjectKeyIDHashTable();
---- a/a/nss/lib/pk11wrap/pk11load.c Tue May 28 23:37:46 2013 +0200
-+++ a/a/nss/lib/pk11wrap/pk11load.c Fri May 31 17:44:06 2013 -0700
-@@ -318,6 +318,13 @@
- }
- }
-
-+#define NSS_STATIC
-+#ifdef NSS_STATIC
-+extern CK_RV NSC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList);
-+extern CK_RV FC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList);
-+extern char **NSC_ModuleDBFunc(unsigned long function,char *parameters, void
*args);
-+extern CK_RV builtinsC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList);
-+#else
- static const char* my_shlib_name =
- SHLIB_PREFIX"nss"SHLIB_VERSION"."SHLIB_SUFFIX;
- static const char* softoken_shlib_name =
-@@ -326,12 +332,14 @@
- static PRCallOnceType loadSoftokenOnce;
- static PRLibrary* softokenLib;
- static PRInt32 softokenLoadCount;
-+#endif /* NSS_STATIC */
-
- #include "prio.h"
- #include "prprf.h"
- #include <stdio.h>
- #include "prsystem.h"
-
-+#ifndef NSS_STATIC
- /* This function must be run only once. */
- /* determine if hybrid platform, then actually load the DSO. */
- static PRStatus
-@@ -348,6 +356,7 @@
- }
- return PR_FAILURE;
- }
-+#endif /* !NSS_STATIC */
-
- /*
- * load a new module into our address space and initialize it.
-@@ -366,6 +375,16 @@
-
- /* intenal modules get loaded from their internal list */
- if (mod->internal && (mod->dllName == NULL)) {
-+#ifdef NSS_STATIC
-+ if (mod->isFIPS) {
-+ entry = FC_GetFunctionList;
-+ } else {
-+ entry = NSC_GetFunctionList;
-+ }
-+ if (mod->isModuleDB) {
-+ mod->moduleDBFunc = NSC_ModuleDBFunc;
-+ }
-+#else
- /*
- * Loads softoken as a dynamic library,
- * even though the rest of NSS assumes this as the "internal" module.
-@@ -391,6 +410,7 @@
- mod->moduleDBFunc = (CK_C_GetFunctionList)
- PR_FindSymbol(softokenLib, "NSC_ModuleDBFunc");
- }
-+#endif
-
- if (mod->moduleDBOnly) {
- mod->loaded = PR_TRUE;
-@@ -401,6 +421,15 @@
- if (mod->dllName == NULL) {
- return SECFailure;
- }
-+#if defined(NSS_STATIC) && !defined(NSS_DISABLE_ROOT_CERTS)
-+ if (strstr(mod->dllName, "nssckbi") != NULL) {
-+ mod->library = NULL;
-+ PORT_Assert(!mod->moduleDBOnly);
-+ entry = builtinsC_GetFunctionList;
-+ PORT_Assert(!mod->isModuleDB);
-+ goto library_loaded;
-+ }
-+#endif
-
- /* load the library. If this succeeds, then we have to remember to
- * unload the library if anything goes wrong from here on out...
-@@ -423,6 +452,9 @@
- mod->moduleDBFunc = (void *)
- PR_FindSymbol(library, "NSS_ReturnModuleSpecData");
- }
-+#if defined(NSS_STATIC) && !defined(NSS_DISABLE_ROOT_CERTS)
-+library_loaded:
-+#endif
- if (mod->moduleDBFunc == NULL) mod->isModuleDB = PR_FALSE;
- if (entry == NULL) {
- if (mod->isModuleDB) {
-@@ -562,6 +594,7 @@
- * if not, we should change this to SECFailure and move it above the
- * mod->loaded = PR_FALSE; */
- if (mod->internal && (mod->dllName == NULL)) {
-+#ifndef NSS_STATIC
- if (0 == PR_ATOMIC_DECREMENT(&softokenLoadCount)) {
- if (softokenLib) {
- disableUnload = PR_GetEnv("NSS_DISABLE_UNLOAD");
-@@ -573,12 +606,18 @@
- }
- loadSoftokenOnce = pristineCallOnce;
- }
-+#endif
- return SECSuccess;
- }
-
- library = (PRLibrary *)mod->library;
- /* paranoia */
- if (library == NULL) {
-+#if defined(NSS_STATIC) && !defined(NSS_DISABLE_ROOT_CERTS)
-+ if (strstr(mod->dllName, "nssckbi") != NULL) {
-+ return SECSuccess;
-+ }
-+#endif
- return SECFailure;
- }
-
---- a/a/nss/lib/softoken/lgglue.c Tue May 28 23:37:46 2013 +0200
-+++ a/a/nss/lib/softoken/lgglue.c Fri May 31 17:44:06 2013 -0700
-@@ -23,6 +23,8 @@
- static LGAddSecmodFunc legacy_glue_addSecmod = NULL;
- static LGShutdownFunc legacy_glue_shutdown = NULL;
-
-+#define NSS_STATIC
-+#ifndef NSS_STATIC
- /*
- * The following 3 functions duplicate the work done by bl_LoadLibrary.
- * We should make bl_LoadLibrary a global and replace the call to
-@@ -160,6 +161,7 @@
-
- return lib;
- }
-+#endif /* STATIC LIBRARIES */
-
- /*
- * stub files for legacy db's to be able to encrypt and decrypt
-@@ -272,6 +274,21 @@
- return SECSuccess;
- }
-
-+#ifdef NSS_STATIC
-+#ifdef NSS_DISABLE_DBM
-+ return SECFailure;
-+#else
-+ lib = (PRLibrary *) 0x8;
-+
-+ legacy_glue_open = legacy_Open;
-+ legacy_glue_readSecmod = legacy_ReadSecmodDB;
-+ legacy_glue_releaseSecmod = legacy_ReleaseSecmodDBData;
-+ legacy_glue_deleteSecmod = legacy_DeleteSecmodDB;
-+ legacy_glue_addSecmod = legacy_AddSecmodDB;
-+ legacy_glue_shutdown = legacy_Shutdown;
-+ setCryptFunction = legacy_SetCryptFunctions;
-+#endif
-+#else
- lib = sftkdb_LoadLibrary(LEGACY_LIB_NAME);
- if (lib == NULL) {
- return SECFailure;
-@@ -297,11 +314,14 @@
- PR_UnloadLibrary(lib);
- return SECFailure;
- }
-+#endif /* NSS_STATIC */
-
- /* verify the loaded library if we are in FIPS mode */
- if (isFIPS) {
- if (!BLAPI_SHVerify(LEGACY_LIB_NAME,(PRFuncPtr)legacy_glue_open)) {
-+#ifndef NSS_STATIC
- PR_UnloadLibrary(lib);
-+#endif
- return SECFailure;
- }
- legacy_glue_libCheckSucceeded = PR_TRUE;
-@@ -418,10 +438,12 @@
- #endif
- crv = (*legacy_glue_shutdown)(parentForkedAfterC_Initialize);
- }
-+#ifndef NSS_STATIC
- disableUnload = PR_GetEnv("NSS_DISABLE_UNLOAD");
- if (!disableUnload) {
- PR_UnloadLibrary(legacy_glue_lib);
- }
-+#endif
- legacy_glue_lib = NULL;
- legacy_glue_open = NULL;
- legacy_glue_readSecmod = NULL;
---- a/a/nss/lib/softoken/lgglue.h Tue May 28 23:37:46 2013 +0200
-+++ a/a/nss/lib/softoken/lgglue.h Fri May 31 17:44:06 2013 -0700
-@@ -38,6 +38,25 @@
- typedef void (*LGSetForkStateFunc)(PRBool);
- typedef void (*LGSetCryptFunc)(LGEncryptFunc, LGDecryptFunc);
-
-+extern CK_RV legacy_Open(const char *dir, const char *certPrefix,
-+ const char *keyPrefix,
-+ int certVersion, int keyVersion, int flags,
-+ SDB **certDB, SDB **keyDB);
-+extern char ** legacy_ReadSecmodDB(const char *appName,
-+ const char *filename,
-+ const char *dbname, char *params, PRBool rw);
-+extern SECStatus legacy_ReleaseSecmodDBData(const char *appName,
-+ const char *filename,
-+ const char *dbname, char **params, PRBool rw);
-+extern SECStatus legacy_DeleteSecmodDB(const char *appName,
-+ const char *filename,
-+ const char *dbname, char *params, PRBool rw);
-+extern SECStatus legacy_AddSecmodDB(const char *appName,
-+ const char *filename,
-+ const char *dbname, char *params, PRBool rw);
-+extern SECStatus legacy_Shutdown(PRBool forked);
-+extern void legacy_SetCryptFunctions(LGEncryptFunc, LGDecryptFunc);
-+
- /*
- * Softoken Glue Functions
- */
---- a/a/nss/lib/util/secport.h Tue May 28 23:37:46 2013 +0200
-+++ a/a/nss/lib/util/secport.h Fri May 31 17:44:06 2013 -0700
-@@ -210,6 +210,8 @@
-
- extern int NSS_SecureMemcmp(const void *a, const void *b, size_t n);
-
-+#define NSS_STATIC
-+#ifndef NSS_STATIC
- /*
- * Load a shared library called "newShLibName" in the same directory as
- * a shared library that is already loaded, called existingShLibName.
-@@ -244,6 +245,7 @@
- PORT_LoadLibraryFromOrigin(const char* existingShLibName,
- PRFuncPtr staticShLibFunc,
- const char *newShLibName);
-+#endif /* NSS_STATIC */
-
- SEC_END_PROTOS
-
diff --git a/external/nss/nss-more-static.patch
b/external/nss/nss-more-static.patch
deleted file mode 100644
index 26948f0be24c..000000000000
--- a/external/nss/nss-more-static.patch
+++ /dev/null
@@ -1,39 +0,0 @@
---- a/a/nss/lib/freebl/loader.c
-+++ a/a/nss/lib/freebl/loader.c
-@@ -114,6 +114,7 @@
-
- #include "genload.c"
-
-+extern FREEBLGetVectorFn FREEBL_GetVector;
- /* This function must be run only once. */
- /* determine if hybrid platform, then actually load the DSO. */
- static PRStatus
-@@ -136,9 +136,9 @@
- return PR_FAILURE;
- }
-
-- handle = loader_LoadLibrary(name);
-- if (handle) {
-- PRFuncPtr address = PR_FindFunctionSymbol(handle, "FREEBL_GetVector");
-+ handle = 0;
-+ {
-+ PRFuncPtr address = FREEBL_GetVector;
- if (address) {
- FREEBLGetVectorFn *getVector = (FREEBLGetVectorFn *)address;
- const FREEBLVector *dsoVector = getVector();
-@@ -887,6 +887,7 @@
- void
- BL_Unload(void)
- {
-+#if 0
- /* This function is not thread-safe, but doesn't need to be, because it is
- * only called from functions that are also defined as not thread-safe,
- * namely C_Finalize in softoken, and the SSL bypass shutdown callback
called
-@@ -905,6 +905,7 @@
- }
- blLib = NULL;
- loadFreeBLOnce = pristineCallOnce;
-+#endif
- }
-
- /* ============== New for 3.003 =============================== */
diff --git a/external/nss/nss.patch b/external/nss/nss.patch
index 6219775c2d3c..c367bce9097b 100644
--- a/external/nss/nss.patch
+++ b/external/nss/nss.patch
@@ -153,16 +153,3 @@
#! gmake
#
# This Source Code Form is subject to the terms of the Mozilla Public
-@@ -89,10 +91,10 @@
- NSPR_CONFIGURE_ENV = CC=gcc CXX=g++
- endif
- ifdef CC
--NSPR_CONFIGURE_ENV = CC=$(CC)
-+NSPR_CONFIGURE_ENV = CC="$(CC) "
- endif
- ifdef CCC
--NSPR_CONFIGURE_ENV += CXX=$(CCC)
-+NSPR_CONFIGURE_ENV += CXX="$(CCC) "
- endif
- # Remove -arch definitions. NSPR can't handle that.
- NSPR_CONFIGURE_ENV := $(filter-out -arch x86_64,$(NSPR_CONFIGURE_ENV))
commit 491ed13ae72024b9accb005d2aeffa0e6c1199f5
Author: Michael Stahl <michael.st...@cib.de>
AuthorDate: Wed May 22 11:40:54 2019 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Thu Aug 22 13:44:33 2019 +0200
curl: upgrade to release 7.65.0
Fixes CVE-2019-5435. It looks like this is not a problem on 32-bit
Windows because fortunately we don't use /LARGEADDRESSAWARE flag
to set IMAGE_FILE_LARGE_ADDRESS_AWARE... but on 32-bit Linux
the user-space VM is 3GB so an exploit might be possible.
Apparently there's no code in LO that uses the CURLU_URLENCODE flag.
The other one, CVE-2019-5436, doesn't matter because we disable tftp.
Change-Id: I0d4f087befa5a3c4fb21ec36761dad68932425d9
Reviewed-on: https://gerrit.libreoffice.org/72732
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@cib.de>
(cherry picked from commit edb01616ac176401650c35d938c75c6c5558a47e)
diff --git a/download.lst b/download.lst
index 410215e48d77..ce40ad5628f3 100644
--- a/download.lst
+++ b/download.lst
@@ -29,8 +29,8 @@ export CPPUNIT_SHA256SUM :=
3d569869d27b48860210c758c4f313082103a5e58219a7669b52
export CPPUNIT_TARBALL := cppunit-1.14.0.tar.gz
export CT2N_SHA256SUM :=
71b238efd2734be9800af07566daea8d6685aeed28db5eb5fa0e6453f4d85de3
export CT2N_TARBALL :=
1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt
-export CURL_SHA256SUM :=
cb90d2eb74d4e358c1ed1489f8e3af96b50ea4374ad71f143fa4595e998d81b5
-export CURL_TARBALL := curl-7.64.0.tar.gz
+export CURL_SHA256SUM :=
7766d263929404f693905b5e5222aa0f2bdf8c66ab4b8758f0c0820a42b966cd
+export CURL_TARBALL := curl-7.65.0.tar.xz
export EBOOK_SHA256SUM :=
7e8d8ff34f27831aca3bc6f9cc532c2f90d2057c778963b884ff3d1e34dfe1f9
export EBOOK_TARBALL := libe-book-0.1.3.tar.xz
export EPOXY_SHA256SUM :=
1d8668b0a259c709899e1c4bab62d756d9002d546ce4f59c9665e2fc5f001a64
diff --git a/external/curl/zlib.patch.0 b/external/curl/zlib.patch.0
index b3e821039740..189e820d1afa 100644
--- a/external/curl/zlib.patch.0
+++ b/external/curl/zlib.patch.0
@@ -1,15 +1,5 @@
--- configure
+++ configure
-@@ -937,8 +937,8 @@
- ZLIB_LIBS
- HAVE_LIBZ_FALSE
- HAVE_LIBZ_TRUE
--HAVE_LIBZ
- PKGCONFIG
-+HAVE_LIBZ
- CURL_DISABLE_GOPHER
- CURL_DISABLE_SMTP
- CURL_DISABLE_SMB
@@ -20709,7 +20709,6 @@
clean_CPPFLAGS=$CPPFLAGS
clean_LDFLAGS=$LDFLAGS
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
