[arch-commits] Commit in chromium/trunk (2 files)
Evangelos Foutras
foutrelis at nymeria.archlinux.org
Wed Jul 10 01:56:58 UTC 2013
Date: Wednesday, July 10, 2013 @ 03:56:58
Author: foutrelis
Revision: 189856
upgpkg: chromium 28.0.1500.71-1
New upstream release.
Added:
chromium/trunk/chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch
Modified:
chromium/trunk/PKGBUILD
--------------------------------------------------------------------------------+
PKGBUILD | 15 ++-
chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch | 46 ++++++++++
2 files changed, 58 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2013-07-09 15:42:32 UTC (rev 189855)
+++ PKGBUILD 2013-07-10 01:56:58 UTC (rev 189856)
@@ -5,7 +5,7 @@
# Contributor: Daniel J Griffiths <ghost1227 at archlinux.us>
pkgname=chromium
-pkgver=28.0.1500.52
+pkgver=28.0.1500.71
pkgrel=1
pkgdesc="The open-source project behind Google Chrome, an attempt at creating a safer, faster, and more stable browser"
arch=('i686' 'x86_64')
@@ -20,15 +20,19 @@
optdepends=('kdebase-kdialog: needed for file dialogs in KDE')
backup=('etc/chromium/default')
install=chromium.install
-source=(http://commondatastorage.googleapis.com/chromium-browser-official/$pkgname-$pkgver.tar.xz
+#source=(http://commondatastorage.googleapis.com/chromium-browser-official/$pkgname-$pkgver.tar.xz
+source=(https://dev.archlinux.org/~foutrelis/sources/$pkgname/$pkgname-$pkgver.tar.xz{,.sig}
chromium.desktop
chromium.default
chromium.sh
+ chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch
chromium-system-harfbuzz-r0.patch)
-sha256sums=('7b3cbfbb9e5b9d21ffab23d39173611ddb0ba49488795b6db46a62be354518b4'
+sha256sums=('a8a821fb7cf1dc2425ecba6d48be0f771d993179411ba3bcdc71d179ea7ec671'
+ 'SKIP'
'09bfac44104f4ccda4c228053f689c947b3e97da9a4ab6fa34ce061ee83d0322'
'478340d5760a9bd6c549e19b1b5d1c5b4933ebf5f8cfb2b3e2d70d07443fe232'
'4999fded897af692f4974f0a3e3bbb215193519918a1fa9b31ed51e74a2dccb9'
+ '7c2e448c30677999f524f9513c2f998f3cb15bc6084692cad9c3f310aa813530'
'2bc4cf17adac9864f4e832e57247984f28fce171d3699c0fc2c3596d1ab20386')
# Google API keys (see http://www.chromium.org/developers/how-tos/api-keys)
@@ -42,6 +46,11 @@
prepare() {
cd "$srcdir/$pkgname-$pkgver"
+ # Fix deadlock related to the GPU sandbox when tcmalloc isn't used
+ # https://code.google.com/p/chromium/issues/detail?id=255063
+ # https://bugs.gentoo.org/show_bug.cgi?id=471198#c23
+ patch -Np1 -i "$srcdir/chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch"
+
# Fix build with system harfbuzz (patch from Gentoo)
patch -Np1 -i "$srcdir/chromium-system-harfbuzz-r0.patch"
Added: chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch
===================================================================
--- chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch (rev 0)
+++ chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch 2013-07-10 01:56:58 UTC (rev 189856)
@@ -0,0 +1,46 @@
+Index: sandbox/linux/services/broker_process.cc
+diff --git a/sandbox/linux/services/broker_process.cc b/sandbox/linux/services/broker_process.cc
+index d2302ea098215c8188eb74b0d36da37506ff302a..7999e77fa34fcef4ad8575fa905d66f645df6986 100644
+--- a/sandbox/linux/services/broker_process.cc
++++ b/sandbox/linux/services/broker_process.cc
+@@ -53,7 +53,7 @@ static const int kCurrentProcessOpenFlagsMask = O_CLOEXEC;
+ // async signal safe if |file_to_open| is NULL.
+ // TODO(jln): assert signal safety.
+ bool GetFileNameInWhitelist(const std::vector<std::string>& allowed_file_names,
+- const std::string& requested_filename,
++ const char* requested_filename,
+ const char** file_to_open) {
+ if (file_to_open && *file_to_open) {
+ // Make sure that callers never pass a non-empty string. In case callers
+@@ -62,13 +62,17 @@ bool GetFileNameInWhitelist(const std::vector<std::string>& allowed_file_names,
+ RAW_LOG(FATAL, "*file_to_open should be NULL");
+ return false;
+ }
++
++ // Look for |requested_filename| in |allowed_file_names|.
++ // We don't use ::find() because it takes a std::string and
++ // the conversion allocates memory.
+ std::vector<std::string>::const_iterator it;
+- it = std::find(allowed_file_names.begin(), allowed_file_names.end(),
+- requested_filename);
+- if (it < allowed_file_names.end()) { // requested_filename was found?
+- if (file_to_open)
+- *file_to_open = it->c_str();
+- return true;
++ for (it = allowed_file_names.begin(); it != allowed_file_names.end(); it++) {
++ if (strcmp(requested_filename, it->c_str()) == 0) {
++ if (file_to_open)
++ *file_to_open = it->c_str();
++ return true;
++ }
+ }
+ return false;
+ }
+@@ -393,6 +397,7 @@ void BrokerProcess::AccessFileForIPC(const std::string& requested_filename,
+ const char* file_to_access = NULL;
+ const bool safe_to_access_file = GetFileNameIfAllowedToAccess(
+ requested_filename.c_str(), mode, &file_to_access);
++
+ if (safe_to_access_file) {
+ CHECK(file_to_access);
+ int access_ret = access(file_to_access, mode);
More information about the arch-commits
mailing list