summaryrefslogtreecommitdiffstats
path: root/www/mozilla-devel
diff options
context:
space:
mode:
authortrevor <trevor@FreeBSD.org>2002-07-13 23:49:19 +0000
committertrevor <trevor@FreeBSD.org>2002-07-13 23:49:19 +0000
commitf9d12a4ac14cbec8b578c481469e105c810cf3a4 (patch)
treecf9004972c6ec870b546d11b7fcc713a47445a94 /www/mozilla-devel
parent0643e30cb0d10055e193e63d2a8571bb09e77b9e (diff)
downloadFreeBSD-ports-f9d12a4ac14cbec8b578c481469e105c810cf3a4.zip
FreeBSD-ports-f9d12a4ac14cbec8b578c481469e105c810cf3a4.tar.gz
security fix: correct bugs 115788 and 150339 (Mozilla passes
requests for huge fonts, leading to loss of X (and probably VNC) session) Obtained from: attachment 87432 on bugzilla.mozilla.org
Diffstat (limited to 'www/mozilla-devel')
-rw-r--r--www/mozilla-devel/Makefile3
-rw-r--r--www/mozilla-devel/files/patch-nsFontMetricsGTK.cpp40
-rw-r--r--www/mozilla-devel/files/patch-nsFontMetricsXlib.cpp40
3 files changed, 81 insertions, 2 deletions
diff --git a/www/mozilla-devel/Makefile b/www/mozilla-devel/Makefile
index 5b13a5f..1576e0c 100644
--- a/www/mozilla-devel/Makefile
+++ b/www/mozilla-devel/Makefile
@@ -8,6 +8,7 @@
PORTNAME= mozilla
PORTVERSION= 1.0
PORTEPOCH= 1
+PORTREVISION= 1
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_MOZILLA} \
http://people.FreeBSD.org/~sobomax/:local
@@ -18,8 +19,6 @@ DISTFILES= ${PORTNAME}-source-${PORTVERSION:S/.rc/rc/}${EXTRACT_SUFX} \
MAINTAINER= gnome@FreeBSD.org
-FORBIDDEN= "see http://bugzilla.mozilla.org/show_bug.cgi?id=150339 "
-
BUILD_DEPENDS= zip:${PORTSDIR}/archivers/zip \
freetype-config:${PORTSDIR}/print/freetype2
LIB_DEPENDS= ORBit.2:${PORTSDIR}/devel/ORBit \
diff --git a/www/mozilla-devel/files/patch-nsFontMetricsGTK.cpp b/www/mozilla-devel/files/patch-nsFontMetricsGTK.cpp
new file mode 100644
index 0000000..3bab909
--- /dev/null
+++ b/www/mozilla-devel/files/patch-nsFontMetricsGTK.cpp
@@ -0,0 +1,40 @@
+$FreeBSD$
+
+As reported by Mikko Rapeli and Tom Vogt at
+http://bugzilla.mozilla.org/show_bug.cgi?id=115788 and
+http://bugzilla.mozilla.org/show_bug.cgi?id=150339 the X server can
+abort when Mozilla requests a huge (scalable) font. This is also
+likely to happen to the X font server, or to Xvnc.
+
+This patch is from
+http://bugzilla.mozilla.org/attachment.cgi?id=87432&action=view
+.
+
+--- gfx/src/gtk/nsFontMetricsGTK.cpp Mon Jun 10 01:02:08 2002
++++ gfx/src/gtk/nsFontMetricsGTK.cpp Thu Jun 13 00:06:33 2002
+@@ -87,6 +87,12 @@
+ #undef USER_DEFINED
+ #define USER_DEFINED "x-user-def"
+
++// This is the scaling factor that we keep fonts limited to against
++// the display size. If a pixel size is requested that is more than
++// this factor larger than the height of the display, it's clamped to
++// that value instead of the requested size.
++#define FONT_MAX_FONT_SCALE 2
++
+ #undef NOISY_FONTS
+ #undef REALLY_NOISY_FONTS
+
+@@ -1276,7 +1282,12 @@
+
+ float app2dev;
+ mDeviceContext->GetAppUnitsToDevUnits(app2dev);
++
+ mPixelSize = NSToIntRound(app2dev * mFont->size);
++ // Make sure to clamp the pixel size to something reasonable so we
++ // don't make the X server blow up.
++ mPixelSize = PR_MIN(gdk_screen_height() * FONT_MAX_FONT_SCALE, mPixelSize);
++
+ mStretchIndex = 4; // normal
+ mStyleIndex = mFont->style;
+
diff --git a/www/mozilla-devel/files/patch-nsFontMetricsXlib.cpp b/www/mozilla-devel/files/patch-nsFontMetricsXlib.cpp
new file mode 100644
index 0000000..fd470f6
--- /dev/null
+++ b/www/mozilla-devel/files/patch-nsFontMetricsXlib.cpp
@@ -0,0 +1,40 @@
+$FreeBSD$
+
+As reported by Mikko Rapeli and Tom Vogt at
+http://bugzilla.mozilla.org/show_bug.cgi?id=115788 and
+http://bugzilla.mozilla.org/show_bug.cgi?id=150339 the X server can
+abort when Mozilla requests a huge (scalable) font. This is also
+likely to happen to the X font server, or to Xvnc.
+
+This patch is from
+http://bugzilla.mozilla.org/attachment.cgi?id=87432&action=view
+.
+
+--- gfx/src/xlib/nsFontMetricsXlib.cpp Tue Jun 11 16:20:31 2002
++++ gfx/src/xlib/nsFontMetricsXlib.cpp Thu Jun 13 00:05:47 2002
+@@ -99,6 +99,12 @@
+ #undef USER_DEFINED
+ #define USER_DEFINED "x-user-def"
+
++// This is the scaling factor that we keep fonts limited to against
++// the display size. If a pixel size is requested that is more than
++// this factor larger than the height of the display, it's clamped to
++// that value instead of the requested size.
++#define FONT_MAX_FONT_SCALE 2
++
+ #undef NOISY_FONTS
+ #undef REALLY_NOISY_FONTS
+
+@@ -1480,7 +1486,12 @@
+
+ float app2dev;
+ mDeviceContext->GetAppUnitsToDevUnits(app2dev);
++
+ mPixelSize = NSToIntRound(app2dev * mFont->size);
++ // Make sure to clamp the pixel size to something reasonable so we
++ // don't make the X server blow up.
++ mPixelSize = PR_MIN(XHeightOfScreen(xxlib_rgb_get_screen(gXlibRgbHandle)) * FONT_MAX_FONT_SCALE, mPixelSize);
++
+ mStretchIndex = 4; // Normal
+ mStyleIndex = mFont->style;
+
OpenPOWER on IntegriCloud