From 94d5cb15d27fdf30cd2fef189fde459999507755 Mon Sep 17 00:00:00 2001 From: Cameron Kaiser Date: Sat, 2 Sep 2017 11:37:30 -0700 Subject: [PATCH] #433: M1390980 M1376306 M1390550 M1376825 M1380824 M1385272 --- accessible/generic/DocAccessible.cpp | 2 + dom/base/nsDocumentEncoder.cpp | 10 +- editor/libeditor/nsEditor.cpp | 23 ++++- gfx/thebes/gfxMacPlatformFontList.mm | 6 +- .../downloads/ApplicationReputation.cpp | 92 +++++++++++++++++-- 5 files changed, 123 insertions(+), 10 deletions(-) diff --git a/accessible/generic/DocAccessible.cpp b/accessible/generic/DocAccessible.cpp index 81a82085a4..d964a19380 100644 --- a/accessible/generic/DocAccessible.cpp +++ b/accessible/generic/DocAccessible.cpp @@ -1323,6 +1323,8 @@ DocAccessible::UnbindFromDocument(Accessible* aAccessible) mNodeToAccessibleMap.Get(aAccessible->GetNode()) == aAccessible) mNodeToAccessibleMap.Remove(aAccessible->GetNode()); + aAccessible->mStateFlags |= eIsNotInDocument; + // Update XPCOM part. xpcAccessibleDocument* xpcDoc = GetAccService()->GetCachedXPCDocument(this); if (xpcDoc) diff --git a/dom/base/nsDocumentEncoder.cpp b/dom/base/nsDocumentEncoder.cpp index bb94c1927e..c1c1ef8ffa 100644 --- a/dom/base/nsDocumentEncoder.cpp +++ b/dom/base/nsDocumentEncoder.cpp @@ -1087,6 +1087,14 @@ nsDocumentEncoder::EncodeToString(nsAString& aOutputString) return EncodeToStringWithMaxLength(0, aOutputString); } +static bool ParentIsTR(nsIContent* aContent) { + mozilla::dom::Element* parent = aContent->GetParentElement(); + if (!parent) { + return false; + } + return parent->IsHTMLElement(nsGkAtoms::tr); +} + NS_IMETHODIMP nsDocumentEncoder::EncodeToStringWithMaxLength(uint32_t aMaxLength, nsAString& aOutputString) @@ -1153,7 +1161,7 @@ nsDocumentEncoder::EncodeToStringWithMaxLength(uint32_t aMaxLength, NS_ENSURE_SUCCESS(rv, rv); } nsCOMPtr content = do_QueryInterface(node); - if (content && content->IsHTMLElement(nsGkAtoms::tr)) { + if (content && content->IsHTMLElement(nsGkAtoms::tr) && MOZ_LIKELY(!ParentIsTR(content))) { nsINode* n = content; if (!prevNode) { // Went from a non- to a diff --git a/editor/libeditor/nsEditor.cpp b/editor/libeditor/nsEditor.cpp index a72632a8d3..4bb4ba4a87 100644 --- a/editor/libeditor/nsEditor.cpp +++ b/editor/libeditor/nsEditor.cpp @@ -4771,6 +4771,24 @@ nsEditor::InitializeSelection(nsIDOMEventTarget* aFocusEventTarget) return NS_OK; } +class RepaintSelectionRunner final : public nsRunnable { +public: + explicit RepaintSelectionRunner(nsISelectionController* aSelectionController) + : mSelectionController(aSelectionController) + { + } + + NS_IMETHOD Run() override + { + mSelectionController->RepaintSelection( + nsISelectionController::SELECTION_NORMAL); + return NS_OK; + } + +private: + nsCOMPtr mSelectionController; +}; + NS_IMETHODIMP nsEditor::FinalizeSelection() { @@ -4819,7 +4837,10 @@ nsEditor::FinalizeSelection() selCon->SetDisplaySelection(nsISelectionController::SELECTION_DISABLED); } - selCon->RepaintSelection(nsISelectionController::SELECTION_NORMAL); + // FinalizeSelection might be called from ContentRemoved even if selection + // isn't updated. So we need to call RepaintSelection after updated it. + nsContentUtils::AddScriptRunner( + new RepaintSelectionRunner(selCon)); return NS_OK; } diff --git a/gfx/thebes/gfxMacPlatformFontList.mm b/gfx/thebes/gfxMacPlatformFontList.mm index fdbe0a89fd..8dcd7885b2 100644 --- a/gfx/thebes/gfxMacPlatformFontList.mm +++ b/gfx/thebes/gfxMacPlatformFontList.mm @@ -230,7 +230,11 @@ static void GetStringForNSString(const NSString *aSrc, nsAString& aDist) // (It is not likely to encounter these on 10.4 or 10.5.) if (mRequiresAAT && (FamilyName().EqualsLiteral("Songti SC") || FamilyName().EqualsLiteral("Songti TC") || - FamilyName().EqualsLiteral("STSong"))) { + // Bug 1390980: on 10.11, the Kaiti fonts are also affected. + // Again, this is mostly here if someone copied them from a later Mac. + FamilyName().EqualsLiteral("Kaiti SC") || + FamilyName().EqualsLiteral("Kaiti TC") || + FamilyName().EqualsLiteral("STKaiti"))) { charmap->ClearRange(0x0f8c, 0x0f8f); } } diff --git a/toolkit/components/downloads/ApplicationReputation.cpp b/toolkit/components/downloads/ApplicationReputation.cpp index 81eab9e43f..eeded36800 100644 --- a/toolkit/components/downloads/ApplicationReputation.cpp +++ b/toolkit/components/downloads/ApplicationReputation.cpp @@ -12,6 +12,7 @@ #include "nsIArray.h" #include "nsIApplicationReputation.h" #include "nsIChannel.h" +#include "nsICryptoHash.h" #include "nsIHttpChannel.h" #include "nsIIOService.h" #include "nsIPrefService.h" @@ -168,8 +169,11 @@ class PendingLookup final : public nsIStreamListener, nsresult aResult, bool* aShouldBlock); + // Return the hex-encoded hash of the whole URI. + nsresult GetSpecHash(nsACString& aSpec, nsACString& hexEncodedHash); + // Strip url parameters, fragments, and user@pass fields from the URI spec - // using nsIURL. If aURI is not an nsIURL, returns the original nsIURI.spec. + // using nsIURL. Hash data URIs and return blob URIs unfiltered. nsresult GetStrippedSpec(nsIURI* aUri, nsACString& spec); // Escape '/' and '%' in certificate attribute values. @@ -278,8 +282,11 @@ PendingDBLookup::LookupSpec(const nsACString& aSpec, mAllowlistOnly = aAllowlistOnly; nsresult rv = LookupSpecInternal(aSpec); if (NS_FAILED(rv)) { - LOG(("Error in LookupSpecInternal")); - return mPendingLookup->OnComplete(false, NS_OK); + // XXX: We don't have xpcom/base/ErrorNames.* yet. When we do, consider + // redoing the patch from M1376036, but make the lookup DEBUG only since + // it isn't cheap. + LOG(("Error in LookupSpecInternal()")); + return mPendingLookup->LookupNext(); // ignore this lookup and move to next } // LookupSpecInternal has called nsIUrlClassifierCallback.lookup, which is // guaranteed to call HandleEvent. @@ -670,17 +677,84 @@ PendingLookup::StartLookup() return rv; } +nsresult +PendingLookup::GetSpecHash(nsACString& aSpec, nsACString& hexEncodedHash) +{ + nsresult rv; + + nsCOMPtr cryptoHash = + do_CreateInstance("@mozilla.org/security/hash;1", &rv); + NS_ENSURE_SUCCESS(rv, rv); + rv = cryptoHash->Init(nsICryptoHash::SHA256); + NS_ENSURE_SUCCESS(rv, rv); + + rv = cryptoHash->Update(reinterpret_cast(aSpec.BeginReading()), + aSpec.Length()); + NS_ENSURE_SUCCESS(rv, rv); + + nsAutoCString binaryHash; + rv = cryptoHash->Finish(false, binaryHash); + NS_ENSURE_SUCCESS(rv, rv); + + // This needs to match HexEncode() in Chrome's + // src/base/strings/string_number_conversions.cc + static const char* const hex = "0123456789ABCDEF"; + hexEncodedHash.SetCapacity(2 * binaryHash.Length()); + for (size_t i = 0; i < binaryHash.Length(); ++i) { + auto c = static_cast(binaryHash[i]); + hexEncodedHash.Append(hex[(c >> 4) & 0x0F]); + hexEncodedHash.Append(hex[c & 0x0F]); + } + + return NS_OK; +} + nsresult PendingLookup::GetStrippedSpec(nsIURI* aUri, nsACString& escaped) { + if (NS_WARN_IF(!aUri)) { + return NS_ERROR_INVALID_ARG; + } + + nsresult rv; + rv = aUri->GetScheme(escaped); + NS_ENSURE_SUCCESS(rv, rv); + + if (escaped.EqualsLiteral("blob")) { + aUri->GetSpec(escaped); + LOG(("PendingLookup::GetStrippedSpec(): blob URL left unstripped as '%s' [this = %p]", + PromiseFlatCString(escaped).get(), this)); + return NS_OK; + + } else if (escaped.EqualsLiteral("data")) { + // Replace URI with "data:,SHA256()" + aUri->GetSpec(escaped); + int32_t comma = escaped.FindChar(','); + if (comma > -1 && + static_cast(comma) < escaped.Length() - 1) { + MOZ_ASSERT(comma > 4, "Data URIs start with 'data:'"); + nsAutoCString hexEncodedHash; + rv = GetSpecHash(escaped, hexEncodedHash); + if (NS_SUCCEEDED(rv)) { + escaped.Truncate(comma + 1); + escaped.Append(hexEncodedHash); + } + } + + LOG(("PendingLookup::GetStrippedSpec(): data URL stripped to '%s' [this = %p]", + PromiseFlatCString(escaped).get(), this)); + return NS_OK; + } + // If aURI is not an nsIURL, we do not want to check the lists or send a // remote query. - nsresult rv; nsCOMPtr url = do_QueryInterface(aUri, &rv); - NS_ENSURE_SUCCESS(rv, rv); - rv = url->GetScheme(escaped); - NS_ENSURE_SUCCESS(rv, rv); + if (NS_FAILED(rv)) { + LOG(("PendingLookup::GetStrippedSpec(): scheme '%s' is not supported [this = %p]", + PromiseFlatCString(escaped).get(), this)); + return rv; + } nsCString temp; rv = url->GetHostPort(temp); @@ -695,6 +769,8 @@ PendingLookup::GetStrippedSpec(nsIURI* aUri, nsACString& escaped) // nsIUrl.filePath starts with '/' escaped.Append(temp); + LOG(("PendingLookup::GetStrippedSpec(): URL stripped to '%s' [this = %p]", + PromiseFlatCString(escaped).get(), this)); return NS_OK; } @@ -760,6 +836,7 @@ PendingLookup::OnComplete(bool shouldBlock, nsresult rv) mTimeoutTimer = nullptr; } +#if(0) Accumulate(mozilla::Telemetry::APPLICATION_REPUTATION_SHOULD_BLOCK, shouldBlock); double t = (TimeStamp::Now() - mStartTime).ToMilliseconds(); @@ -769,6 +846,7 @@ PendingLookup::OnComplete(bool shouldBlock, nsresult rv) } else { LOG(("Application Reputation check passed in %f ms [this = %p]", t, this)); } +#endif nsresult res = mCallback->OnComplete(shouldBlock, rv); return res; }