From b62dfffaf18a177d6d9c51a8ae1aac1ad0d30f7d Mon Sep 17 00:00:00 2001 From: Johannes Date: Mon, 23 Nov 2020 22:45:51 +0100 Subject: [PATCH] firefox: fix sandbox for fcntl The assumption that O_LARGEFILE is 0 is only true on glibc, setting it to 00100000 is wrong for many architectures. --- .../firefox/patches/sandbox-largefile.patch | 18 ++++++++++++++++++ srcpkgs/firefox/template | 2 +- 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 srcpkgs/firefox/patches/sandbox-largefile.patch diff --git a/srcpkgs/firefox/patches/sandbox-largefile.patch b/srcpkgs/firefox/patches/sandbox-largefile.patch new file mode 100644 index 00000000000..eb10510a90c --- /dev/null +++ b/srcpkgs/firefox/patches/sandbox-largefile.patch @@ -0,0 +1,18 @@ +in case O_LARGEFILE is not set to 0, use the real value + +--- security/sandbox/linux/SandboxFilter.cpp 2020-11-23 22:41:14.556378950 +0100 ++++ security/sandbox/linux/SandboxFilter.cpp 2020-11-23 22:40:23.595806444 +0100 +@@ -66,9 +66,13 @@ + # define PR_SET_PTRACER 0x59616d61 + #endif + ++#if O_LARGEFILE == 0 + // The headers define O_LARGEFILE as 0 on x86_64, but we need the + // actual value because it shows up in file flags. + #define O_LARGEFILE_REAL 00100000 ++#else ++#define O_LARGEFILE_REAL O_LARGEFILE ++#endif + + // Not part of UAPI, but userspace sees it in F_GETFL; see bug 1650751. + #define FMODE_NONOTIFY 0x4000000 diff --git a/srcpkgs/firefox/template b/srcpkgs/firefox/template index 8383fcc952f..7d792ca84e7 100644 --- a/srcpkgs/firefox/template +++ b/srcpkgs/firefox/template @@ -4,7 +4,7 @@ # pkgname=firefox version=83.0 -revision=1 +revision=2 build_helper="rust" short_desc="Mozilla Firefox web browser" maintainer="Johannes "