head	1.4;
access;
symbols
	pkgsrc-2022Q2:1.3.0.6
	pkgsrc-2022Q2-base:1.3
	pkgsrc-2022Q1:1.3.0.4
	pkgsrc-2022Q1-base:1.3
	pkgsrc-2021Q4:1.3.0.2
	pkgsrc-2021Q4-base:1.3
	pkgsrc-2021Q3:1.1.0.10
	pkgsrc-2021Q3-base:1.1
	pkgsrc-2021Q2:1.1.0.8
	pkgsrc-2021Q2-base:1.1
	pkgsrc-2021Q1:1.1.0.6
	pkgsrc-2021Q1-base:1.1
	pkgsrc-2020Q4:1.1.0.4
	pkgsrc-2020Q4-base:1.1
	pkgsrc-2020Q3:1.1.0.2;
locks; strict;
comment	@// @;


1.4
date	2022.08.04.15.10.41;	author nia;	state dead;
branches;
next	1.3;
commitid	vgIagxmEUF4LCzOD;

1.3
date	2021.12.28.20.05.49;	author nia;	state Exp;
branches;
next	1.2;
commitid	fvbJsP7lit1FhsmD;

1.2
date	2021.11.13.10.02.28;	author nia;	state dead;
branches;
next	1.1;
commitid	OJqAKQ5lW094pCgD;

1.1
date	2020.11.10.02.59.27;	author nia;	state Exp;
branches
	1.1.2.1;
next	;
commitid	NkDQV4q4m2smThvC;

1.1.2.1
date	2020.11.10.02.59.27;	author bsiegert;	state dead;
branches;
next	1.1.2.2;
commitid	kIJVbY647ryAAaxC;

1.1.2.2
date	2020.11.24.18.29.25;	author bsiegert;	state Exp;
branches;
next	;
commitid	kIJVbY647ryAAaxC;


desc
@@


1.4
log
@Remove firefox78. This was kept due to better NetBSD WebRTC support than
firefox91, but webrtc video calls are absolutely perfect with sunaudio in
firefox102 and newer.
@
text
@$NetBSD: patch-js_src_jit_ProcessExecutableMemory.cpp,v 1.3 2021/12/28 20:05:49 nia Exp $

PaX MPROTECT safety for NetBSD.

--- js/src/jit/ProcessExecutableMemory.cpp.orig	2020-10-27 23:47:06.000000000 +0000
+++ js/src/jit/ProcessExecutableMemory.cpp
@@@@ -362,9 +362,16 @@@@ static void* ReserveProcessExecutableMem
   // Note that randomAddr is just a hint: if the address is not available
   // mmap will pick a different address.
   void* randomAddr = ComputeRandomAllocationAddress();
+#ifdef PROT_MPROTECT
+  void* p = MozTaggedAnonymousMmap(randomAddr, bytes,
+                                   PROT_MPROTECT(PROT_EXEC | PROT_WRITE | PROT_READ),
+                                   MAP_PRIVATE | MAP_ANON, -1, 0,
+                                   "js-executable-memory");
+#else
   void* p = MozTaggedAnonymousMmap(randomAddr, bytes, PROT_NONE,
                                    MAP_NORESERVE | MAP_PRIVATE | MAP_ANON, -1,
                                    0, "js-executable-memory");
+#endif
   if (p == MAP_FAILED) {
     return nullptr;
   }
@@@@ -409,8 +416,12 @@@@ static unsigned ProtectionSettingToFlags
 
 static MOZ_MUST_USE bool CommitPages(void* addr, size_t bytes,
                                      ProtectionSetting protection) {
-  void* p = MozTaggedAnonymousMmap(
-      addr, bytes, ProtectionSettingToFlags(protection),
+  void* p = MozTaggedAnonymousMmap(addr, bytes,
+#ifdef PROT_MPROTECT
+      ProtectionSettingToFlags(protection) | PROT_MPROTECT(PROT_EXEC | PROT_WRITE | PROT_READ),
+#else
+      ProtectionSettingToFlags(protection),
+#endif
       MAP_FIXED | MAP_PRIVATE | MAP_ANON, -1, 0, "js-executable-memory");
   if (p == MAP_FAILED) {
     return false;
@


1.3
log
@firefox78: restore deleted package

This is the last version of Firefox where microphone input isn't broken
on NetBSD, see PR pkg/56587
@
text
@d1 1
a1 1
$NetBSD: patch-js_src_jit_ProcessExecutableMemory.cpp,v 1.1 2020/11/10 02:59:27 nia Exp $
@


1.2
log
@www: Remove firefox78 - out of support
@
text
@@


1.1
log
@firefox78: Update to 78.4.1. Apply MPROTECT patches from mozjs.

Security Vulnerabilities fixed in Firefox 82.0.3, Firefox ESR 78.4.1, and Thunderbird 78.4.2

#CVE-2020-26950: Write side effects in MCallGetProperty opcode not accounted for
@
text
@d1 1
a1 1
$NetBSD: patch-js_src_jit_ProcessExecutableMemory.cpp,v 1.1 2020/11/06 08:56:37 maya Exp $
@


1.1.2.1
log
@file patch-js_src_jit_ProcessExecutableMemory.cpp was added on branch pkgsrc-2020Q3 on 2020-11-24 18:29:25 +0000
@
text
@d1 38
@


1.1.2.2
log
@Pullup ticket #6370 - requested by nia
www/firefox78: security fix

NOTE: This also includes the changes from pullup tickets #6363 and #6369.

Revisions pulled up:
- www/firefox78/Makefile                                        1.9,1.13
- www/firefox78/distinfo                                        1.5-1.6
- www/firefox78/patches/patch-js_src_jit_ProcessExecutableMemory.cpp 1.1
- www/firefox78/patches/patch-js_src_vm_ArrayBufferObject.cpp   1.1

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Tue Nov 10 02:59:28 UTC 2020

   Modified Files:
   	pkgsrc/www/firefox78: Makefile distinfo
   Added Files:
   	pkgsrc/www/firefox78/patches:
   	    patch-js_src_jit_ProcessExecutableMemory.cpp
   	    patch-js_src_vm_ArrayBufferObject.cpp

   Log Message:
   firefox78: Update to 78.4.1. Apply MPROTECT patches from mozjs.

   Security Vulnerabilities fixed in Firefox 82.0.3, Firefox ESR 78.4.1, and Thunderbird 78.4.2

   #CVE-2020-26950: Write side effects in MCallGetProperty opcode not accounted for

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Wed Nov 18 12:33:45 UTC 2020

   Modified Files:
   	pkgsrc/www/firefox78: Makefile distinfo

   Log Message:
   firefox78: Update to 78.5.0

   Security Vulnerabilities fixed in Firefox ESR 78.5

       #CVE-2020-26951: Parsing mismatches could confuse and bypass security
       sanitizer for chrome privileged code

       #CVE-2020-16012: Variable time processing of cross-origin images during
       drawImage calls

       #CVE-2020-26953: Fullscreen could be enabled without displaying the security
       UI

       #CVE-2020-26956: XSS through paste (manual and clipboard API)

       #CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME
       type restrictions

       #CVE-2020-26959: Use-after-free in WebRequestService

       #CVE-2020-26960: Potential use-after-free in uses of nsTArray

       #CVE-2020-15999: Heap buffer overflow in freetype

       #CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses

       #CVE-2020-26965: Software keyboards may have remembered typed passwords

       #CVE-2020-26966: Single-word search queries were also broadcast to local
       network

       #CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5
@
text
@a0 38
$NetBSD: patch-js_src_jit_ProcessExecutableMemory.cpp,v 1.1 2020/11/10 02:59:27 nia Exp $

PaX MPROTECT safety for NetBSD.

--- js/src/jit/ProcessExecutableMemory.cpp.orig	2020-10-27 23:47:06.000000000 +0000
+++ js/src/jit/ProcessExecutableMemory.cpp
@@@@ -362,9 +362,16 @@@@ static void* ReserveProcessExecutableMem
   // Note that randomAddr is just a hint: if the address is not available
   // mmap will pick a different address.
   void* randomAddr = ComputeRandomAllocationAddress();
+#ifdef PROT_MPROTECT
+  void* p = MozTaggedAnonymousMmap(randomAddr, bytes,
+                                   PROT_MPROTECT(PROT_EXEC | PROT_WRITE | PROT_READ),
+                                   MAP_PRIVATE | MAP_ANON, -1, 0,
+                                   "js-executable-memory");
+#else
   void* p = MozTaggedAnonymousMmap(randomAddr, bytes, PROT_NONE,
                                    MAP_NORESERVE | MAP_PRIVATE | MAP_ANON, -1,
                                    0, "js-executable-memory");
+#endif
   if (p == MAP_FAILED) {
     return nullptr;
   }
@@@@ -409,8 +416,12 @@@@ static unsigned ProtectionSettingToFlags
 
 static MOZ_MUST_USE bool CommitPages(void* addr, size_t bytes,
                                      ProtectionSetting protection) {
-  void* p = MozTaggedAnonymousMmap(
-      addr, bytes, ProtectionSettingToFlags(protection),
+  void* p = MozTaggedAnonymousMmap(addr, bytes,
+#ifdef PROT_MPROTECT
+      ProtectionSettingToFlags(protection) | PROT_MPROTECT(PROT_EXEC | PROT_WRITE | PROT_READ),
+#else
+      ProtectionSettingToFlags(protection),
+#endif
       MAP_FIXED | MAP_PRIVATE | MAP_ANON, -1, 0, "js-executable-memory");
   if (p == MAP_FAILED) {
     return false;
@