[arch-commits] Commit in chromium/trunk (2 files)

Evangelos Foutras foutrelis at nymeria.archlinux.org
Wed Jul 10 01:56:58 UTC 2013


    Date: Wednesday, July 10, 2013 @ 03:56:58
  Author: foutrelis
Revision: 189856

upgpkg: chromium 28.0.1500.71-1

New upstream release.

Added:
  chromium/trunk/chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch
Modified:
  chromium/trunk/PKGBUILD

--------------------------------------------------------------------------------+
 PKGBUILD                                                                       |   15 ++-
 chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch |   46 ++++++++++
 2 files changed, 58 insertions(+), 3 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2013-07-09 15:42:32 UTC (rev 189855)
+++ PKGBUILD	2013-07-10 01:56:58 UTC (rev 189856)
@@ -5,7 +5,7 @@
 # Contributor: Daniel J Griffiths <ghost1227 at archlinux.us>
 
 pkgname=chromium
-pkgver=28.0.1500.52
+pkgver=28.0.1500.71
 pkgrel=1
 pkgdesc="The open-source project behind Google Chrome, an attempt at creating a safer, faster, and more stable browser"
 arch=('i686' 'x86_64')
@@ -20,15 +20,19 @@
 optdepends=('kdebase-kdialog: needed for file dialogs in KDE')
 backup=('etc/chromium/default')
 install=chromium.install
-source=(http://commondatastorage.googleapis.com/chromium-browser-official/$pkgname-$pkgver.tar.xz
+#source=(http://commondatastorage.googleapis.com/chromium-browser-official/$pkgname-$pkgver.tar.xz
+source=(https://dev.archlinux.org/~foutrelis/sources/$pkgname/$pkgname-$pkgver.tar.xz{,.sig}
         chromium.desktop
         chromium.default
         chromium.sh
+        chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch
         chromium-system-harfbuzz-r0.patch)
-sha256sums=('7b3cbfbb9e5b9d21ffab23d39173611ddb0ba49488795b6db46a62be354518b4'
+sha256sums=('a8a821fb7cf1dc2425ecba6d48be0f771d993179411ba3bcdc71d179ea7ec671'
+            'SKIP'
             '09bfac44104f4ccda4c228053f689c947b3e97da9a4ab6fa34ce061ee83d0322'
             '478340d5760a9bd6c549e19b1b5d1c5b4933ebf5f8cfb2b3e2d70d07443fe232'
             '4999fded897af692f4974f0a3e3bbb215193519918a1fa9b31ed51e74a2dccb9'
+            '7c2e448c30677999f524f9513c2f998f3cb15bc6084692cad9c3f310aa813530'
             '2bc4cf17adac9864f4e832e57247984f28fce171d3699c0fc2c3596d1ab20386')
 
 # Google API keys (see http://www.chromium.org/developers/how-tos/api-keys)
@@ -42,6 +46,11 @@
 prepare() {
   cd "$srcdir/$pkgname-$pkgver"
 
+  # Fix deadlock related to the GPU sandbox when tcmalloc isn't used
+  # https://code.google.com/p/chromium/issues/detail?id=255063
+  # https://bugs.gentoo.org/show_bug.cgi?id=471198#c23
+  patch -Np1 -i "$srcdir/chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch"
+
   # Fix build with system harfbuzz (patch from Gentoo)
   patch -Np1 -i "$srcdir/chromium-system-harfbuzz-r0.patch"
 

Added: chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch
===================================================================
--- chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch	                        (rev 0)
+++ chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch	2013-07-10 01:56:58 UTC (rev 189856)
@@ -0,0 +1,46 @@
+Index: sandbox/linux/services/broker_process.cc
+diff --git a/sandbox/linux/services/broker_process.cc b/sandbox/linux/services/broker_process.cc
+index d2302ea098215c8188eb74b0d36da37506ff302a..7999e77fa34fcef4ad8575fa905d66f645df6986 100644
+--- a/sandbox/linux/services/broker_process.cc
++++ b/sandbox/linux/services/broker_process.cc
+@@ -53,7 +53,7 @@ static const int kCurrentProcessOpenFlagsMask = O_CLOEXEC;
+ // async signal safe if |file_to_open| is NULL.
+ // TODO(jln): assert signal safety.
+ bool GetFileNameInWhitelist(const std::vector<std::string>& allowed_file_names,
+-                            const std::string& requested_filename,
++                            const char* requested_filename,
+                             const char** file_to_open) {
+   if (file_to_open && *file_to_open) {
+     // Make sure that callers never pass a non-empty string. In case callers
+@@ -62,13 +62,17 @@ bool GetFileNameInWhitelist(const std::vector<std::string>& allowed_file_names,
+     RAW_LOG(FATAL, "*file_to_open should be NULL");
+     return false;
+   }
++
++  // Look for |requested_filename| in |allowed_file_names|.
++  // We don't use ::find() because it takes a std::string and
++  // the conversion allocates memory.
+   std::vector<std::string>::const_iterator it;
+-  it = std::find(allowed_file_names.begin(), allowed_file_names.end(),
+-                 requested_filename);
+-  if (it < allowed_file_names.end()) {  // requested_filename was found?
+-    if (file_to_open)
+-      *file_to_open = it->c_str();
+-    return true;
++  for (it = allowed_file_names.begin(); it != allowed_file_names.end(); it++) {
++    if (strcmp(requested_filename, it->c_str()) == 0) {
++      if (file_to_open)
++        *file_to_open = it->c_str();
++      return true;
++    }
+   }
+   return false;
+ }
+@@ -393,6 +397,7 @@ void BrokerProcess::AccessFileForIPC(const std::string& requested_filename,
+   const char* file_to_access = NULL;
+   const bool safe_to_access_file = GetFileNameIfAllowedToAccess(
+       requested_filename.c_str(), mode, &file_to_access);
++
+   if (safe_to_access_file) {
+     CHECK(file_to_access);
+     int access_ret = access(file_to_access, mode);




More information about the arch-commits mailing list