aboutsummaryrefslogtreecommitdiffstats
path: root/main/webkit
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2010-11-08 20:17:43 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2010-11-08 20:21:49 +0000
commitf663ef01106428761cbcd12c2c606701e7976b18 (patch)
tree83777c9a3328ae10c3bbb6f87e11a7e8b64c7c91 /main/webkit
parent410300dc224da694762c67db4115abe7ce43d4d2 (diff)
downloadaports-f663ef01106428761cbcd12c2c606701e7976b18.tar.bz2
aports-f663ef01106428761cbcd12c2c606701e7976b18.tar.xz
main/webkit: upgrade to 1.3.5
Diffstat (limited to 'main/webkit')
-rw-r--r--main/webkit/APKBUILD20
-rw-r--r--main/webkit/cve-2010-2646.patch110
-rw-r--r--main/webkit/cve-2010-2651.patch38
-rw-r--r--main/webkit/cve-2010-2900.patch29
-rw-r--r--main/webkit/cve-2010-2901.patch98
-rw-r--r--main/webkit/cve-2010-3115.patch16
-rw-r--r--main/webkit/cve-2010-3116.patch17
-rw-r--r--main/webkit/cve-2010-3120.patch27
8 files changed, 3 insertions, 352 deletions
diff --git a/main/webkit/APKBUILD b/main/webkit/APKBUILD
index 4eac1ff862..e76edfd194 100644
--- a/main/webkit/APKBUILD
+++ b/main/webkit/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=webkit
-pkgver=1.2.4
-pkgrel=1
+pkgver=1.3.5
+pkgrel=0
pkgdesc="portable web rendering engine WebKit for GTK+"
url="http://webkitgtk.org/"
license="LGPL BSD"
@@ -17,13 +17,6 @@ makedepends="
install=
subpackages="$pkgname-dev gtklauncher"
source="http://webkitgtk.org/$pkgname-$pkgver.tar.gz
- cve-2010-2646.patch
- cve-2010-2651.patch
- cve-2010-2900.patch
- cve-2010-2901.patch
- cve-2010-3115.patch
- cve-2010-3116.patch
- cve-2010-3120.patch
"
depends_dev="gtk+-dev libsoup-dev gstreamer-dev"
@@ -63,11 +56,4 @@ gtklauncher() {
"$subpkgdir"/usr/bin/GtkLauncher
}
-md5sums="dc3a92dd0e8c2e70263fbfdf809b51a5 webkit-1.2.4.tar.gz
-3d2c4af2fa46388876de7a5747f50de0 cve-2010-2646.patch
-4db553a178f951b857486bcc0955b663 cve-2010-2651.patch
-abfec5aeaa5005279993d731dc919680 cve-2010-2900.patch
-fa980cb721e6a2b43107633dc3782d62 cve-2010-2901.patch
-fc5553d85c14f29128985bddc195782c cve-2010-3115.patch
-b4787ffaac3f102e7bb267839a261496 cve-2010-3116.patch
-b3e21cb4755c6cbab31dbe5063883c04 cve-2010-3120.patch"
+md5sums="421104ef53ed865e0bb7b7f4e465de31 webkit-1.3.5.tar.gz"
diff --git a/main/webkit/cve-2010-2646.patch b/main/webkit/cve-2010-2646.patch
deleted file mode 100644
index 40568164cc..0000000000
--- a/main/webkit/cve-2010-2646.patch
+++ /dev/null
@@ -1,110 +0,0 @@
-description: fix cve-2010-2646
-author: Michael Gilbert <michael.s.gilbert@gmail.com>
-origin: http://trac.webkit.org/changeset/58873
-Index: webkit-1.2.4/WebCore/storage/StorageEventDispatcher.cpp
-===================================================================
---- webkit-1.2.4.orig/WebCore/storage/StorageEventDispatcher.cpp 2010-09-07 01:13:45.000000000 -0400
-+++ webkit-1.2.4/WebCore/storage/StorageEventDispatcher.cpp 2010-09-07 01:14:42.000000000 -0400
-@@ -54,8 +54,12 @@
- frames.append(frame);
- }
-
-- for (unsigned i = 0; i < frames.size(); ++i)
-- frames[i]->document()->enqueueStorageEvent(StorageEvent::create(eventNames().storageEvent, key, oldValue, newValue, sourceFrame->document()->url(), frames[i]->domWindow()->sessionStorage()));
-+ for (unsigned i = 0; i < frames.size(); ++i) {
-+ ExceptionCode ec = 0;
-+ Storage* storage = frames[i]->domWindow()->sessionStorage(ec);
-+ if (!ec)
-+ frames[i]->document()->enqueueStorageEvent(StorageEvent::create(eventNames().storageEvent, key, oldValue, newValue, sourceFrame->document()->url(), storage));
-+ }
- } else {
- // Send events to every page.
- const HashSet<Page*>& pages = page->group().pages();
-Index: webkit-1.2.4/WebCore/page/DOMWindow.h
-===================================================================
---- webkit-1.2.4.orig/WebCore/page/DOMWindow.h 2010-09-07 01:13:45.000000000 -0400
-+++ webkit-1.2.4/WebCore/page/DOMWindow.h 2010-09-07 01:14:42.000000000 -0400
-@@ -206,7 +206,7 @@
-
- #if ENABLE(DOM_STORAGE)
- // HTML 5 key/value storage
-- Storage* sessionStorage() const;
-+ Storage* sessionStorage(ExceptionCode&) const;
- Storage* localStorage(ExceptionCode&) const;
- #endif
-
-Index: webkit-1.2.4/WebCore/page/DOMWindow.cpp
-===================================================================
---- webkit-1.2.4.orig/WebCore/page/DOMWindow.cpp 2010-09-07 01:13:45.000000000 -0400
-+++ webkit-1.2.4/WebCore/page/DOMWindow.cpp 2010-09-07 01:14:42.000000000 -0400
-@@ -567,7 +567,7 @@
- }
-
- #if ENABLE(DOM_STORAGE)
--Storage* DOMWindow::sessionStorage() const
-+Storage* DOMWindow::sessionStorage(ExceptionCode& ec) const
- {
- if (m_sessionStorage)
- return m_sessionStorage.get();
-@@ -576,6 +576,11 @@
- if (!document)
- return 0;
-
-+ if (!document->securityOrigin()->canAccessLocalStorage()) {
-+ ec = SECURITY_ERR;
-+ return 0;
-+ }
-+
- Page* page = document->page();
- if (!page)
- return 0;
-@@ -593,16 +598,16 @@
- {
- if (m_localStorage)
- return m_localStorage.get();
--
-+
- Document* document = this->document();
- if (!document)
- return 0;
--
-+
- if (!document->securityOrigin()->canAccessLocalStorage()) {
- ec = SECURITY_ERR;
- return 0;
- }
--
-+
- Page* page = document->page();
- if (!page)
- return 0;
-Index: webkit-1.2.4/WebCore/page/SecurityOrigin.h
-===================================================================
---- webkit-1.2.4.orig/WebCore/page/SecurityOrigin.h 2010-09-07 01:13:45.000000000 -0400
-+++ webkit-1.2.4/WebCore/page/SecurityOrigin.h 2010-09-07 01:14:42.000000000 -0400
-@@ -120,6 +120,11 @@
- bool canAccessLocalStorage() const { return !isUnique(); }
- bool canAccessCookies() const { return !isUnique(); }
-
-+ // Technically, we should always allow access to sessionStorage, but we
-+ // currently don't handle creating a sessionStorage area for unique
-+ // origins.
-+ bool canAccessSessionStorage() const { return !isUnique(); }
-+
- bool isSecureTransitionTo(const KURL&) const;
-
- // The local SecurityOrigin is the most privileged SecurityOrigin.
-Index: webkit-1.2.4/WebCore/page/DOMWindow.idl
-===================================================================
---- webkit-1.2.4.orig/WebCore/page/DOMWindow.idl 2010-09-07 01:14:36.000000000 -0400
-+++ webkit-1.2.4/WebCore/page/DOMWindow.idl 2010-09-07 01:14:42.000000000 -0400
-@@ -164,7 +164,8 @@
- raises(DOMException);
- #endif
- #if defined(ENABLE_DOM_STORAGE) && ENABLE_DOM_STORAGE
-- readonly attribute [EnabledAtRuntime] Storage sessionStorage;
-+ readonly attribute [EnabledAtRuntime] Storage sessionStorage
-+ getter raises(DOMException);
- readonly attribute [EnabledAtRuntime] Storage localStorage
- getter raises(DOMException);
- #endif
diff --git a/main/webkit/cve-2010-2651.patch b/main/webkit/cve-2010-2651.patch
deleted file mode 100644
index 09fe1f8c46..0000000000
--- a/main/webkit/cve-2010-2651.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-description: fix cve-2010-2651
-author: Michael Gilbert <michael.s.gilbert@gmail.com>
-origin: http://trac.webkit.org/changeset/59247
-Index: webkit-1.2.4/WebCore/rendering/RenderBlock.cpp
-===================================================================
---- webkit-1.2.4.orig/WebCore/rendering/RenderBlock.cpp 2010-09-03 15:18:07.000000000 -0400
-+++ webkit-1.2.4/WebCore/rendering/RenderBlock.cpp 2010-09-06 21:50:51.000000000 -0400
-@@ -4651,10 +4651,12 @@
-
- // Drill into inlines looking for our first text child.
- RenderObject* currChild = firstLetterBlock->firstChild();
-- while (currChild && currChild->needsLayout() && ((!currChild->isReplaced() && !currChild->isRenderButton() && !currChild->isMenuList()) || currChild->isFloatingOrPositioned()) && !currChild->isText()) {
-+ while (currChild && ((!currChild->isReplaced() && !currChild->isRenderButton() && !currChild->isMenuList()) || currChild->isFloatingOrPositioned()) && !currChild->isText()) {
- if (currChild->isFloatingOrPositioned()) {
-- if (currChild->style()->styleType() == FIRST_LETTER)
-+ if (currChild->style()->styleType() == FIRST_LETTER) {
-+ currChild = currChild->firstChild();
- break;
-+ }
- currChild = currChild->nextSibling();
- } else
- currChild = currChild->firstChild();
-@@ -4671,11 +4673,11 @@
-
- // If the child already has style, then it has already been created, so we just want
- // to update it.
-- if (currChild->style()->styleType() == FIRST_LETTER) {
-+ if (firstLetterContainer->style()->styleType() == FIRST_LETTER) {
- RenderStyle* pseudo = firstLetterBlock->getCachedPseudoStyle(FIRST_LETTER,
-- firstLetterContainer->firstLineStyle());
-- currChild->setStyle(pseudo);
-- for (RenderObject* genChild = currChild->firstChild(); genChild; genChild = genChild->nextSibling()) {
-+ firstLetterContainer->parent()->firstLineStyle());
-+ firstLetterContainer->setStyle(pseudo);
-+ for (RenderObject* genChild = firstLetterContainer->firstChild(); genChild; genChild = genChild->nextSibling()) {
- if (genChild->isText())
- genChild->setStyle(pseudo);
- }
diff --git a/main/webkit/cve-2010-2900.patch b/main/webkit/cve-2010-2900.patch
deleted file mode 100644
index 1420be2a0a..0000000000
--- a/main/webkit/cve-2010-2900.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-description: fix cve-2010-2900
-author: Michael Gilbert <michael.s.gilbert@gmail.com>
-origin: http://trac.webkit.org/changeset/63219
-Index: webkit-1.2.4/WebCore/html/HTMLCanvasElement.cpp
-===================================================================
---- webkit-1.2.4.orig/WebCore/html/HTMLCanvasElement.cpp 2010-09-06 22:28:56.000000000 -0400
-+++ webkit-1.2.4/WebCore/html/HTMLCanvasElement.cpp 2010-09-06 22:29:28.000000000 -0400
-@@ -64,6 +64,9 @@
- // in exchange for a smaller maximum canvas size.
- const float HTMLCanvasElement::MaxCanvasArea = 32768 * 8192; // Maximum canvas area in CSS pixels
-
-+//In Skia, we will also limit width/height to 32767.
-+static const float MaxSkiaDim = 32767.0F; // Maximum width/height in CSS pixels.
-+
- HTMLCanvasElement::HTMLCanvasElement(const QualifiedName& tagName, Document* doc)
- : HTMLElement(tagName, doc)
- , m_size(defaultWidth, defaultHeight)
-@@ -293,6 +296,11 @@
- if (!(wf >= 1 && hf >= 1 && wf * hf <= MaxCanvasArea))
- return IntSize();
-
-+#if PLATFORM(SKIA)
-+ if (wf > MaxSkiaDim || hf > MaxSkiaDim)
-+ return IntSize();
-+#endif
-+
- return IntSize(static_cast<unsigned>(wf), static_cast<unsigned>(hf));
- }
-
diff --git a/main/webkit/cve-2010-2901.patch b/main/webkit/cve-2010-2901.patch
deleted file mode 100644
index a130342d49..0000000000
--- a/main/webkit/cve-2010-2901.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-description: fix cve-2010-2901
-author: Michael Gilbert <michael.s.gilbert@gmail.com>
-origin: http://trac.webkit.org/changeset/63048
-Index: webkit-1.2.4/WebCore/rendering/RenderObject.cpp
-===================================================================
---- webkit-1.2.4.orig/WebCore/rendering/RenderObject.cpp 2010-09-06 22:55:29.000000000 -0400
-+++ webkit-1.2.4/WebCore/rendering/RenderObject.cpp 2010-09-06 22:56:03.000000000 -0400
-@@ -560,6 +560,19 @@
- return 0;
- }
-
-+RenderBoxModelObject* RenderObject::enclosingBoxModelObject() const
-+{
-+ RenderObject* curr = const_cast<RenderObject*>(this);
-+ while (curr) {
-+ if (curr->isBoxModelObject())
-+ return toRenderBoxModelObject(curr);
-+ curr = curr->parent();
-+ }
-+
-+ ASSERT_NOT_REACHED();
-+ return 0;
-+}
-+
- RenderBlock* RenderObject::firstLineBlock() const
- {
- return 0;
-Index: webkit-1.2.4/WebCore/rendering/RenderObject.h
-===================================================================
---- webkit-1.2.4.orig/WebCore/rendering/RenderObject.h 2010-09-06 22:55:29.000000000 -0400
-+++ webkit-1.2.4/WebCore/rendering/RenderObject.h 2010-09-06 22:56:03.000000000 -0400
-@@ -193,7 +193,8 @@
-
- // Convenience function for getting to the nearest enclosing box of a RenderObject.
- RenderBox* enclosingBox() const;
--
-+ RenderBoxModelObject* enclosingBoxModelObject() const;
-+
- virtual bool isEmpty() const { return firstChild() == 0; }
-
- #ifndef NDEBUG
-Index: webkit-1.2.4/WebCore/rendering/InlineFlowBox.cpp
-===================================================================
---- webkit-1.2.4.orig/WebCore/rendering/InlineFlowBox.cpp 2010-09-06 22:55:28.000000000 -0400
-+++ webkit-1.2.4/WebCore/rendering/InlineFlowBox.cpp 2010-09-06 22:56:24.000000000 -0400
-@@ -639,11 +639,24 @@
- // outlines.
- if (renderer()->style()->visibility() == VISIBLE && renderer()->hasOutline() && !isRootInlineBox()) {
- RenderInline* inlineFlow = toRenderInline(renderer());
-- if ((inlineFlow->continuation() || inlineFlow->isInlineContinuation()) && !boxModelObject()->hasSelfPaintingLayer()) {
-+
-+ RenderBlock* cb = 0;
-+ bool containingBlockPaintsContinuationOutline = inlineFlow->continuation() || inlineFlow->isInlineContinuation();
-+ if (containingBlockPaintsContinuationOutline) {
-+ cb = renderer()->containingBlock()->containingBlock();
-+
-+ for (RenderBoxModelObject* box = boxModelObject(); box != cb; box = box->parent()->enclosingBoxModelObject()) {
-+ if (box->hasSelfPaintingLayer()) {
-+ containingBlockPaintsContinuationOutline = false;
-+ break;
-+ }
-+ }
-+ }
-+
-+ if (containingBlockPaintsContinuationOutline) {
- // Add ourselves to the containing block of the entire continuation so that it can
- // paint us atomically.
-- RenderBlock* block = renderer()->containingBlock()->containingBlock();
-- block->addContinuationWithOutline(toRenderInline(renderer()->node()->renderer()));
-+ cb->addContinuationWithOutline(toRenderInline(renderer()->node()->renderer()));
- } else if (!inlineFlow->isInlineContinuation())
- paintInfo.outlineObjects->add(inlineFlow);
- }
-Index: webkit-1.2.4/WebCore/rendering/RenderBlock.cpp
-===================================================================
---- webkit-1.2.4.orig/WebCore/rendering/RenderBlock.cpp 2010-09-06 22:55:28.000000000 -0400
-+++ webkit-1.2.4/WebCore/rendering/RenderBlock.cpp 2010-09-06 22:56:03.000000000 -0400
-@@ -1766,8 +1766,18 @@
- if ((paintPhase == PaintPhaseOutline || paintPhase == PaintPhaseChildOutlines)) {
- if (inlineContinuation() && inlineContinuation()->hasOutline() && inlineContinuation()->style()->visibility() == VISIBLE) {
- RenderInline* inlineRenderer = toRenderInline(inlineContinuation()->node()->renderer());
-- if (!inlineRenderer->hasSelfPaintingLayer())
-- containingBlock()->addContinuationWithOutline(inlineRenderer);
-+ RenderBlock* cb = containingBlock();
-+
-+ bool inlineEnclosedInSelfPaintingLayer = false;
-+ for (RenderBoxModelObject* box = inlineRenderer; box != cb; box = box->parent()->enclosingBoxModelObject()) {
-+ if (box->hasSelfPaintingLayer()) {
-+ inlineEnclosedInSelfPaintingLayer = true;
-+ break;
-+ }
-+ }
-+
-+ if (!inlineEnclosedInSelfPaintingLayer)
-+ cb->addContinuationWithOutline(inlineRenderer);
- else if (!inlineRenderer->firstLineBox())
- inlineRenderer->paintOutline(paintInfo.context, tx - x() + inlineRenderer->containingBlock()->x(),
- ty - y() + inlineRenderer->containingBlock()->y());
diff --git a/main/webkit/cve-2010-3115.patch b/main/webkit/cve-2010-3115.patch
deleted file mode 100644
index 84661767f0..0000000000
--- a/main/webkit/cve-2010-3115.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-description: fix cve-2010-3115
-author: Michael Gilbert <michael.s.gilbert@gmail.com>
-origin: http://trac.webkit.org/changeset/63925
-Index: webkit-1.2.4/WebCore/page/History.cpp
-===================================================================
---- webkit-1.2.4.orig/WebCore/page/History.cpp 2010-09-03 16:12:23.000000000 -0400
-+++ webkit-1.2.4/WebCore/page/History.cpp 2010-09-06 22:08:52.000000000 -0400
-@@ -82,7 +82,7 @@
-
- KURL History::urlForState(const String& urlString)
- {
-- KURL baseURL = m_frame->loader()->baseURL();
-+ KURL baseURL = m_frame->document()->url();
- if (urlString.isEmpty())
- return baseURL;
-
diff --git a/main/webkit/cve-2010-3116.patch b/main/webkit/cve-2010-3116.patch
deleted file mode 100644
index 73639baeb5..0000000000
--- a/main/webkit/cve-2010-3116.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-description: fix cve-2010-3116
-author: Michael Gilbert <michael.s.gilbert@gmail.com>
-origin: http://trac.webkit.org/changeset/64293
-Index: webkit-1.2.4/WebCore/page/Page.cpp
-===================================================================
---- webkit-1.2.4.orig/WebCore/page/Page.cpp 2010-09-03 15:18:06.000000000 -0400
-+++ webkit-1.2.4/WebCore/page/Page.cpp 2010-09-06 22:11:32.000000000 -0400
-@@ -192,6 +192,9 @@
- frame->pageDestroyed();
-
- m_editorClient->pageDestroyed();
-+ if (m_pluginData)
-+ m_pluginData->disconnectPage();
-+
- #if ENABLE(INSPECTOR)
- m_inspectorController->inspectedPageDestroyed();
- #endif
diff --git a/main/webkit/cve-2010-3120.patch b/main/webkit/cve-2010-3120.patch
deleted file mode 100644
index 976affc370..0000000000
--- a/main/webkit/cve-2010-3120.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-description: fix cve-2010-3120
-author: Michael Gilbert <michael.s.gilbert@gmail.com>
-origin: http://trac.webkit.org/changeset/65329
-Index: webkit-1.2.4/WebCore/page/Geolocation.cpp
-===================================================================
---- webkit-1.2.4.orig/WebCore/page/Geolocation.cpp 2010-09-03 15:18:06.000000000 -0400
-+++ webkit-1.2.4/WebCore/page/Geolocation.cpp 2010-09-06 22:14:03.000000000 -0400
-@@ -252,6 +252,9 @@
-
- void Geolocation::getCurrentPosition(PassRefPtr<PositionCallback> successCallback, PassRefPtr<PositionErrorCallback> errorCallback, PassRefPtr<PositionOptions> options)
- {
-+ if (!m_frame)
-+ return;
-+
- RefPtr<GeoNotifier> notifier = startRequest(successCallback, errorCallback, options);
- ASSERT(notifier);
-
-@@ -260,6 +263,9 @@
-
- int Geolocation::watchPosition(PassRefPtr<PositionCallback> successCallback, PassRefPtr<PositionErrorCallback> errorCallback, PassRefPtr<PositionOptions> options)
- {
-+ if (!m_frame)
-+ return 0;
-+
- RefPtr<GeoNotifier> notifier = startRequest(successCallback, errorCallback, options);
- ASSERT(notifier);
-