Hello community, here is the log from the commit of package midori for openSUSE:Factory checked in at 2018-09-19 14:30:02 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/midori (Old) and /work/SRC/openSUSE:Factory/.midori.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "midori" Wed Sep 19 14:30:02 2018 rev:49 rq:636360 version:0.5.11 Changes: -------- --- /work/SRC/openSUSE:Factory/midori/midori.changes 2017-10-31 15:44:31.868618848 +0100 +++ /work/SRC/openSUSE:Factory/.midori.new/midori.changes 2018-09-19 14:31:56.683361183 +0200 @@ -1,0 +2,6 @@ +Sat Sep 15 10:34:57 UTC 2018 - [email protected] + +- Fix crash on startup (boo#1108015): + * Add midori-0.5.11-fix-crash-on-startup.patch. + +------------------------------------------------------------------- New: ---- midori-0.5.11-fix-crash-on-startup.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ midori.spec ++++++ --- /var/tmp/diff_new_pack.K97Q1u/_old 2018-09-19 14:31:58.347360053 +0200 +++ /var/tmp/diff_new_pack.K97Q1u/_new 2018-09-19 14:31:58.351360050 +0200 @@ -1,7 +1,7 @@ # # spec file for package midori # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -21,7 +21,7 @@ Version: 0.5.11 Release: 0 Summary: Lightweight Webkit-based Web Browser -License: LGPL-2.1+ +License: LGPL-2.1-or-later Group: Productivity/Networking/Web/Browsers Url: http://midori-browser.org/ Source0: http://midori-browser.org/downloads/%{name}_%{version}_all_.tar.bz2 @@ -30,6 +30,8 @@ Patch0: midori-fix-plugins.diff # PATCH-FIX-UPSTREAM midori-fix-vala_0.35.patch [email protected] -- fix build with vala 0.35 Patch1: midori-fix-vala_0.35.patch +# PATCH-FIX-UPSTREAM midori-0.5.11-fix-crash-on-startup.patch -- boo#1108015 +Patch2: midori-0.5.11-fix-crash-on-startup.patch %if 0%{?with_granite} BuildRequires: pkgconfig(granite) BuildRequires: pkgconfig(gtk+-3.0) @@ -124,6 +126,7 @@ %if 0%{?suse_version} > 1320 %patch1 -p1 %endif +%patch2 -p1 # remove parts that do not conform to the desktop file spec for desktop in data/midori.desktop.in data/midori-private.desktop.in; do ++++++ midori-0.5.11-fix-crash-on-startup.patch ++++++ From: 1Antoine1 <[email protected]> Date: 2018-09-15 11:40:22 +0200 Subject: midori crashes on startup References: boo#1108015 Upstream: won't submit (this part is being entirely re-written in vala) No idea how but webkit_web_view_get_tls_info(web_view, tls_cert, tls_flags) may not get certificate info on https page. Maybe because it's called upon an innappropriate event. Anyway, in this case the function doesn't touch tls_cert and tls_flags and returns false. Somewhat this information "no certificate" is mixed with the information "certificate with errors" in caller midori_view_get_tls_info(). Caller of midori_view_get_tls_info() then relies on tls_cert being different of NULL to determine if certificate is present. Therefore, at least tls_cert has to be initialized to NULL before call to midori_view_get_tls_info() so that some uninitialized garbage is not considered as certificate info. Otherwise it leads to segmentation fault. Stack trace: #0 0x00007faa7a5326c0 in midori_view_web_view_navigation_decision_cb (web_view=<optimized out>, decision=0x55691a918340, decision_type=<optimized out>, view=0x55691a8e6350) at /usr/src/debug/midori-0.5.11-4.3.x86_64/midori/midori-view.c:615 gcr_cert = <optimized out> der_cert = 0x7faa0000064b tls_cert = 0x7ffdb76fcd50 tls_flags = 0 hostname = 0x55691a8c1360 "www.opensuse.org" request = 0x556918e965a0 uri = <optimized out> handled = 417892352 -- diff -up midori-0.5.11/midori/midori-view.c.orig midori-0.5.11/midori/midori-view.c --- midori-0.5.11/midori/midori-view.c.orig 2018-09-15 10:36:18.934052200 +0200 +++ midori-0.5.11/midori/midori-view.c 2018-09-15 12:13:36.402294207 +0200 @@ -602,7 +602,7 @@ midori_view_web_view_navigation_decision if (webkit_web_navigation_action_get_reason (action) == WEBKIT_WEB_NAVIGATION_REASON_RELOAD) #endif { - GTlsCertificate* tls_cert; + GTlsCertificate* tls_cert = NULL; GTlsCertificateFlags tls_flags; gchar* hostname; if (!midori_view_get_tls_info (view, request, &tls_cert, &tls_flags, &hostname) @@ -730,7 +730,7 @@ midori_view_load_committed (MidoriView* WebKitWebDataSource* source = webkit_web_frame_get_data_source (web_frame); WebKitNetworkRequest* request = webkit_web_data_source_get_request (source); #endif - GTlsCertificate* tls_cert; + GTlsCertificate* tls_cert = NULL; GTlsCertificateFlags tls_flags; gchar* hostname; if (midori_view_get_tls_info (view, request, &tls_cert, &tls_flags, &hostname))
