SOURCES: mozilla-firefox-1.0.6-GLSA105396.patch (NEW) - CAN-2005-2...

glen glen at pld-linux.org
Wed Sep 21 12:16:08 CEST 2005 

Author: glen                         Date: Wed Sep 21 10:16:08 2005 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- CAN-2005-2871, patch taken from gentoo portage

---- Files affected:
SOURCES:
   mozilla-firefox-1.0.6-GLSA105396.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: SOURCES/mozilla-firefox-1.0.6-GLSA105396.patch
diff -u /dev/null SOURCES/mozilla-firefox-1.0.6-GLSA105396.patch:1.1
--- /dev/null	Wed Sep 21 12:16:08 2005
+++ SOURCES/mozilla-firefox-1.0.6-GLSA105396.patch	Wed Sep 21 12:16:03 2005
@@ -0,0 +1,104 @@
+Index: nsStandardURL.cpp
+===================================================================
+RCS file: /cvs/mozilla/netwerk/base/src/nsStandardURL.cpp,v
+retrieving revision 1.60.16.2
+diff -p -u -1 -2 -r1.60.16.2 nsStandardURL.cpp
+--- 1/netwerk/base/src/nsStandardURL.cpp	17 Feb 2005 23:40:53 -0000	1.60.16.2
++++ 2/netwerk/base/src/nsStandardURL.cpp	9 Sep 2005 16:34:46 -0000
+@@ -403,24 +403,25 @@ nsStandardURL::AppendToBuf(char *buf, PR
+ //  4- update url segment positions and lengths
+ nsresult
+ nsStandardURL::BuildNormalizedSpec(const char *spec)
+ {
+     // Assumptions: all member URLSegments must be relative the |spec| argument
+     // passed to this function.
+ 
+     // buffers for holding escaped url segments (these will remain empty unless
+     // escaping is required).
+     nsCAutoString encUsername;
+     nsCAutoString encPassword;
+     nsCAutoString encHost;
++    PRBool useEncHost;
+     nsCAutoString encDirectory;
+     nsCAutoString encBasename;
+     nsCAutoString encExtension;
+     nsCAutoString encParam;
+     nsCAutoString encQuery;
+     nsCAutoString encRef;
+ 
+     //
+     // escape each URL segment, if necessary, and calculate approximate normalized
+     // spec length.
+     //
+     PRInt32 approxLen = 3; // includes room for "://"
+@@ -440,34 +441,36 @@ nsStandardURL::BuildNormalizedSpec(const
+         approxLen += encoder.EncodeSegmentCount(spec, mBasename,  esc_FileBaseName,  encBasename);
+         approxLen += encoder.EncodeSegmentCount(spec, mExtension, esc_FileExtension, encExtension);
+         approxLen += encoder.EncodeSegmentCount(spec, mParam,     esc_Param,         encParam);
+         approxLen += encoder.EncodeSegmentCount(spec, mQuery,     esc_Query,         encQuery);
+         approxLen += encoder.EncodeSegmentCount(spec, mRef,       esc_Ref,           encRef);
+     }
+ 
+     // do not escape the hostname, if IPv6 address literal, mHost will
+     // already point to a [ ] delimited IPv6 address literal.
+     // However, perform Unicode normalization on it, as IDN does.
+     mHostEncoding = eEncoding_ASCII;
+     if (mHost.mLen > 0) {
++        useEncHost = PR_FALSE;
+         const nsCSubstring& tempHost =
+             Substring(spec + mHost.mPos, spec + mHost.mPos + mHost.mLen);
+         if (IsASCII(tempHost))
+             approxLen += mHost.mLen;
+         else {
+             mHostEncoding = eEncoding_UTF8;
+             if (gIDNService &&
+-                NS_SUCCEEDED(gIDNService->Normalize(tempHost, encHost)))
++                NS_SUCCEEDED(gIDNService->Normalize(tempHost, encHost))) {
+                 approxLen += encHost.Length();
+-            else {
++                useEncHost = PR_TRUE;
++            } else {
+                 encHost.Truncate();
+                 approxLen += mHost.mLen;
+             }
+         }
+     }
+ 
+     //
+     // generate the normalized URL string
+     //
+     mSpec.SetLength(approxLen + 32);
+     char *buf;
+     mSpec.BeginWriting(buf);
+@@ -483,25 +486,30 @@ nsStandardURL::BuildNormalizedSpec(const
+     mAuthority.mPos = i;
+ 
+     // append authority
+     if (mUsername.mLen > 0) {
+         i = AppendSegmentToBuf(buf, i, spec, mUsername, &encUsername);
+         if (mPassword.mLen >= 0) {
+             buf[i++] = ':';
+             i = AppendSegmentToBuf(buf, i, spec, mPassword, &encPassword);
+         }
+         buf[i++] = '@';
+     }
+     if (mHost.mLen > 0) {
+-        i = AppendSegmentToBuf(buf, i, spec, mHost, &encHost);
++        if (useEncHost) {
++            mHost.mPos = i;
++            mHost.mLen = encHost.Length();
++            i = AppendToBuf(buf, i, encHost.get(), mHost.mLen);
++        } else
++            i = AppendSegmentToBuf(buf, i, spec, mHost);
+         net_ToLowerCase(buf + mHost.mPos, mHost.mLen);
+         if (mPort != -1 && mPort != mDefaultPort) {
+             nsCAutoString portbuf;
+             portbuf.AppendInt(mPort);
+             buf[i++] = ':';
+             i = AppendToBuf(buf, i, portbuf.get(), portbuf.Length());
+         }
+     }
+ 
+     // record authority length
+     mAuthority.mLen = i - mAuthority.mPos;
+ 
================================================================

More information about the pld-cvs-commit mailing list