Date: Wednesday, July 10, 2013 @ 03:56:58 Author: foutrelis Revision: 189856
upgpkg: chromium 28.0.1500.71-1 New upstream release. Added: chromium/trunk/chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch Modified: chromium/trunk/PKGBUILD --------------------------------------------------------------------------------+ PKGBUILD | 15 ++- chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch | 46 ++++++++++ 2 files changed, 58 insertions(+), 3 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2013-07-09 15:42:32 UTC (rev 189855) +++ PKGBUILD 2013-07-10 01:56:58 UTC (rev 189856) @@ -5,7 +5,7 @@ # Contributor: Daniel J Griffiths <[email protected]> pkgname=chromium -pkgver=28.0.1500.52 +pkgver=28.0.1500.71 pkgrel=1 pkgdesc="The open-source project behind Google Chrome, an attempt at creating a safer, faster, and more stable browser" arch=('i686' 'x86_64') @@ -20,15 +20,19 @@ optdepends=('kdebase-kdialog: needed for file dialogs in KDE') backup=('etc/chromium/default') install=chromium.install -source=(http://commondatastorage.googleapis.com/chromium-browser-official/$pkgname-$pkgver.tar.xz +#source=(http://commondatastorage.googleapis.com/chromium-browser-official/$pkgname-$pkgver.tar.xz +source=(https://dev.archlinux.org/~foutrelis/sources/$pkgname/$pkgname-$pkgver.tar.xz{,.sig} chromium.desktop chromium.default chromium.sh + chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch chromium-system-harfbuzz-r0.patch) -sha256sums=('7b3cbfbb9e5b9d21ffab23d39173611ddb0ba49488795b6db46a62be354518b4' +sha256sums=('a8a821fb7cf1dc2425ecba6d48be0f771d993179411ba3bcdc71d179ea7ec671' + 'SKIP' '09bfac44104f4ccda4c228053f689c947b3e97da9a4ab6fa34ce061ee83d0322' '478340d5760a9bd6c549e19b1b5d1c5b4933ebf5f8cfb2b3e2d70d07443fe232' '4999fded897af692f4974f0a3e3bbb215193519918a1fa9b31ed51e74a2dccb9' + '7c2e448c30677999f524f9513c2f998f3cb15bc6084692cad9c3f310aa813530' '2bc4cf17adac9864f4e832e57247984f28fce171d3699c0fc2c3596d1ab20386') # Google API keys (see http://www.chromium.org/developers/how-tos/api-keys) @@ -42,6 +46,11 @@ prepare() { cd "$srcdir/$pkgname-$pkgver" + # Fix deadlock related to the GPU sandbox when tcmalloc isn't used + # https://code.google.com/p/chromium/issues/detail?id=255063 + # https://bugs.gentoo.org/show_bug.cgi?id=471198#c23 + patch -Np1 -i "$srcdir/chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch" + # Fix build with system harfbuzz (patch from Gentoo) patch -Np1 -i "$srcdir/chromium-system-harfbuzz-r0.patch" Added: chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch =================================================================== --- chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch (rev 0) +++ chromium-28.0.1500.71-avoid-std-string-copying-in-GetFileNameInWhitelist.patch 2013-07-10 01:56:58 UTC (rev 189856) @@ -0,0 +1,46 @@ +Index: sandbox/linux/services/broker_process.cc +diff --git a/sandbox/linux/services/broker_process.cc b/sandbox/linux/services/broker_process.cc +index d2302ea098215c8188eb74b0d36da37506ff302a..7999e77fa34fcef4ad8575fa905d66f645df6986 100644 +--- a/sandbox/linux/services/broker_process.cc ++++ b/sandbox/linux/services/broker_process.cc +@@ -53,7 +53,7 @@ static const int kCurrentProcessOpenFlagsMask = O_CLOEXEC; + // async signal safe if |file_to_open| is NULL. + // TODO(jln): assert signal safety. + bool GetFileNameInWhitelist(const std::vector<std::string>& allowed_file_names, +- const std::string& requested_filename, ++ const char* requested_filename, + const char** file_to_open) { + if (file_to_open && *file_to_open) { + // Make sure that callers never pass a non-empty string. In case callers +@@ -62,13 +62,17 @@ bool GetFileNameInWhitelist(const std::vector<std::string>& allowed_file_names, + RAW_LOG(FATAL, "*file_to_open should be NULL"); + return false; + } ++ ++ // Look for |requested_filename| in |allowed_file_names|. ++ // We don't use ::find() because it takes a std::string and ++ // the conversion allocates memory. + std::vector<std::string>::const_iterator it; +- it = std::find(allowed_file_names.begin(), allowed_file_names.end(), +- requested_filename); +- if (it < allowed_file_names.end()) { // requested_filename was found? +- if (file_to_open) +- *file_to_open = it->c_str(); +- return true; ++ for (it = allowed_file_names.begin(); it != allowed_file_names.end(); it++) { ++ if (strcmp(requested_filename, it->c_str()) == 0) { ++ if (file_to_open) ++ *file_to_open = it->c_str(); ++ return true; ++ } + } + return false; + } +@@ -393,6 +397,7 @@ void BrokerProcess::AccessFileForIPC(const std::string& requested_filename, + const char* file_to_access = NULL; + const bool safe_to_access_file = GetFileNameIfAllowedToAccess( + requested_filename.c_str(), mode, &file_to_access); ++ + if (safe_to_access_file) { + CHECK(file_to_access); + int access_ret = access(file_to_access, mode);
