Merge branch '4-2-x' into miniak/liftoff-correctly-unuse-labels-4-2-x

electron · Jun 4, 2019 · 5745ca0 · 5745ca0
2 parents e10fa74 + a6f9b6f
commit 5745ca0
Show file tree

Hide file tree

Showing 7 changed files with 154 additions and 7 deletions.
diff --git a/.env.example b/.env.example
@@ -1,7 +1,7 @@
 # These env vars are only necessary for creating Electron releases.
 # See docs/development/releasing.md
 
-APPVEYOR_TOKEN=
+APPVEYOR_CLOUD_TOKEN=
 CIRCLE_TOKEN=
 ELECTRON_GITHUB_TOKEN=
 VSTS_TOKEN=
diff --git a/patches/common/chromium/.patches b/patches/common/chromium/.patches
@@ -104,3 +104,4 @@ tabbed_window_lagging.patch
 restore_live_region_changed_events_for_processing_by_jaws_focus_mode.patch
 enable_quic_proxies_for_https_urls.patch
 fix_svg_crash_for_v0_distribution_into_foreignobject.patch
+filesystem_harden_against_overflows_of_operationid_a_bit_better.patch
diff --git a/...hes/common/chromium/filesystem_harden_against_overflows_of_operationid_a_bit_better.patch b/...hes/common/chromium/filesystem_harden_against_overflows_of_operationid_a_bit_better.patch
@@ -0,0 +1,43 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Marijn Kruisselbrink <mek@chromium.org>
+Date: Tue, 29 Jan 2019 19:51:07 +0000
+Subject: [FileSystem] Harden against overflows of OperationID a bit better.
+
+Rather than having a UAF when OperationID overflows instead overwrite
+the old operation with the new one. Can still cause weirdness, but at
+least won't result in UAF. Also update OperationID to uint64_t to
+make sure we don't overflow to begin with.
+
+Bug: 925864
+Change-Id: Ifdf3fa0935ab5ea8802d91bba39601f02b0dbdc9
+Reviewed-on: https://chromium-review.googlesource.com/c/1441498
+Commit-Queue: Marijn Kruisselbrink <mek@chromium.org>
+Reviewed-by: Victor Costan <pwnall@chromium.org>
+Cr-Commit-Position: refs/heads/master@{#627115}
+
+diff --git a/storage/browser/fileapi/file_system_operation_runner.cc b/storage/browser/fileapi/file_system_operation_runner.cc
+index fbda72b3cdf851947aa697776e54e0b5092e729b..09af7c0c8c9099489286152009f05ad49d968174 100644
+--- a/storage/browser/fileapi/file_system_operation_runner.cc
++++ b/storage/browser/fileapi/file_system_operation_runner.cc
+@@ -701,7 +701,7 @@ FileSystemOperationRunner::BeginOperation(
+     base::WeakPtr<BeginOperationScoper> scope) {
+   OperationHandle handle;
+   handle.id = next_operation_id_++;
+-  operations_.emplace(handle.id, std::move(operation));
++  operations_[handle.id] = std::move(operation);
+   handle.scope = scope;
+   return handle;
+ }
+diff --git a/storage/browser/fileapi/file_system_operation_runner.h b/storage/browser/fileapi/file_system_operation_runner.h
+index a330f4802d5d5c721d8bba460f25edc2f8e1340a..97f9e0d81163d08644f0cee5b9da21ac24b300af 100644
+--- a/storage/browser/fileapi/file_system_operation_runner.h
++++ b/storage/browser/fileapi/file_system_operation_runner.h
+@@ -53,7 +53,7 @@ class STORAGE_EXPORT FileSystemOperationRunner
+   using CopyOrMoveOption = FileSystemOperation::CopyOrMoveOption;
+   using GetMetadataField = FileSystemOperation::GetMetadataField;
+
+-  using OperationID = int;
++  using OperationID = uint64_t;
+
+   virtual ~FileSystemOperationRunner();
+
diff --git a/patches/common/v8/.patches b/patches/common/v8/.patches
@@ -19,6 +19,8 @@ disable-warning-win.patch
 expose_mksnapshot.patch
 build-torque-with-x64-toolchain-on-arm.patch
 do_not_run_arm_arm64_mksnapshot_binaries.patch
+do_not_export_private_v8_symbols_on_windows.patch
 turbofan_fix_wrong_typing_of_speculativesafeintegersubtract.patch
 turbofan_restrict_redundancy_elimination_from_widening_types.patch
+parser_literalbuffer_expandbuffer_always_grows.patch
 liftoff-correctly-unuse-labels.patch
diff --git a/patches/common/v8/do_not_export_private_v8_symbols_on_windows.patch b/patches/common/v8/do_not_export_private_v8_symbols_on_windows.patch
@@ -0,0 +1,52 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Tomas Rycl <torycl@microsoft.com>
+Date: Mon, 13 May 2019 15:48:48 +0200
+Subject: Do not export private V8 symbols on Windows
+
+This change stops private V8 symbols and internal crt methods being exported.
+It fixes an issue where native node modules can import
+incorrect CRT methods and crash on Windows.
+It also reduces size of node.lib by 75%.
+
+This patch can be safely removed if, when it is removed, `node.lib` does not
+contain any standard C++ library exports (e.g. `std::ostringstream`).
+
+diff --git a/BUILD.gn b/BUILD.gn
+index f43c42a62e1a2d273ece56377c328addb8b99d66..fcf110e673b92070cc1931b376f8a26d38b188e4 100644
+--- a/BUILD.gn
++++ b/BUILD.gn
+@@ -212,6 +212,10 @@ config("internal_config") {
+
+   defines = []
+
++  if (!is_component_build && is_electron_build) {
++    defines += [ "HIDE_PRIVATE_SYMBOLS" ]
++  }
++
+   if (is_component_build || is_electron_build) {
+     defines += [ "BUILDING_V8_SHARED" ]
+   }
+diff --git a/src/globals.h b/src/globals.h
+index 6edc5d01b4ff503d05d70a7e40959fbc7f972628..d442f691729bd661488018c55e621169cc52ee5e 100644
+--- a/src/globals.h
++++ b/src/globals.h
+@@ -20,13 +20,17 @@
+ #ifdef V8_OS_WIN
+
+ // Setup for Windows shared library export.
++#if defined(HIDE_PRIVATE_SYMBOLS)
++#define V8_EXPORT_PRIVATE
++#else //if !defined(HIDE_PRIVATE_SYMBOLS)
+ #ifdef BUILDING_V8_SHARED
+ #define V8_EXPORT_PRIVATE __declspec(dllexport)
+ #elif USING_V8_SHARED
+ #define V8_EXPORT_PRIVATE __declspec(dllimport)
+-#else
++#else //!(BUILDING_V8_SHARED || USING_V8_SHARED)
+ #define V8_EXPORT_PRIVATE
+-#endif  // BUILDING_V8_SHARED
++#endif
++#endif
+
+ #else  // V8_OS_WIN
+
diff --git a/patches/common/v8/parser_literalbuffer_expandbuffer_always_grows.patch b/patches/common/v8/parser_literalbuffer_expandbuffer_always_grows.patch
@@ -0,0 +1,49 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Toon Verwaest <verwaest@chromium.org>
+Date: Fri, 11 Jan 2019 11:27:18 +0100
+Subject: [parser] LiteralBuffer::ExpandBuffer always grows
+
+Bug: chromium:914736
+Change-Id: Id02715b69361d15df23c70f85f3250526369547f
+Reviewed-on: https://chromium-review.googlesource.com/c/1405859
+Reviewed-by: Leszek Swirski <leszeks@chromium.org>
+Commit-Queue: Toon Verwaest <verwaest@chromium.org>
+Cr-Commit-Position: refs/heads/master@{#58734}
+
+diff --git a/src/parsing/scanner.cc b/src/parsing/scanner.cc
+index 852b5e400b3ffe84e464a2d63c943a30b497ac69..267b38fd7fed38421b9b6e315b02771dbab9381f 100644
+--- a/src/parsing/scanner.cc
++++ b/src/parsing/scanner.cc
+@@ -67,13 +67,14 @@ Handle<String> Scanner::LiteralBuffer::Internalize(Isolate* isolate) const {
+ }
+
+ int Scanner::LiteralBuffer::NewCapacity(int min_capacity) {
+-  int capacity = Max(min_capacity, backing_store_.length());
+-  int new_capacity = Min(capacity * kGrowthFactory, capacity + kMaxGrowth);
+-  return new_capacity;
++  return min_capacity < (kMaxGrowth / (kGrowthFactor - 1))
++             ? min_capacity * kGrowthFactor
++             : min_capacity + kMaxGrowth;
+ }
+
+ void Scanner::LiteralBuffer::ExpandBuffer() {
+-  Vector<byte> new_store = Vector<byte>::New(NewCapacity(kInitialCapacity));
++  int min_capacity = Max(kInitialCapacity, backing_store_.length());
++  Vector<byte> new_store = Vector<byte>::New(NewCapacity(min_capacity));
+   MemCopy(new_store.start(), backing_store_.start(), position_);
+   backing_store_.Dispose();
+   backing_store_ = new_store;
+diff --git a/src/parsing/scanner.h b/src/parsing/scanner.h
+index 34da5fafbf733fd326e91baeeac26bf4517c9fcf..d779317c55567311dc266af101815d2740d28e0b 100644
+--- a/src/parsing/scanner.h
++++ b/src/parsing/scanner.h
+@@ -453,8 +453,7 @@ class Scanner {
+
+    private:
+     static const int kInitialCapacity = 16;
+-    static const int kGrowthFactory = 4;
+-    static const int kMinConversionSlack = 256;
++    static const int kGrowthFactor = 4;
+     static const int kMaxGrowth = 1 * MB;
+
+     inline bool IsValidAscii(char code_unit) {
diff --git a/script/ci-release-build.js b/script/ci-release-build.js
@@ -2,12 +2,12 @@ if (!process.env.CI) require('dotenv-safe').load()
 
 const assert = require('assert')
 const request = require('request')
-const buildAppVeyorURL = 'https://windows-ci.electronjs.org/api/builds'
+const buildAppVeyorURL = 'https://ci.appveyor.com/api/builds'
 const vstsURL = 'https://github.visualstudio.com/electron/_apis/build'
 
 const appVeyorJobs = {
-  'electron-x64': 'electron',
-  'electron-ia32': 'electron-39ng6'
+  'electron-x64': 'electron-x64-release',
+  'electron-ia32': 'electron-ia32-release'
 }
 
 const circleCIJobs = [
@@ -100,13 +100,13 @@ async function callAppVeyor (targetBranch, job, options) {
   const requestOpts = {
     url: buildAppVeyorURL,
     auth: {
-      bearer: process.env.APPVEYOR_TOKEN
+      bearer: process.env.APPVEYOR_CLOUD_TOKEN
     },
     headers: {
       'Content-Type': 'application/json'
     },
     body: JSON.stringify({
-      accountName: 'AppVeyor',
+      accountName: 'electron-bot',
       projectSlug: appVeyorJobs[job],
       branch: targetBranch,
       environmentVariables
@@ -116,7 +116,7 @@ async function callAppVeyor (targetBranch, job, options) {
   const appVeyorResponse = await makeRequest(requestOpts, true).catch(err => {
     console.log('Error calling AppVeyor:', err)
   })
-  const buildUrl = `https://windows-ci.electronjs.org/project/AppVeyor/${appVeyorJobs[job]}/build/${appVeyorResponse.version}`
+  const buildUrl = `https://ci.appveyor.com/project/electron-bot/${appVeyorJobs[job]}/build/${appVeyorResponse.version}`
   console.log(`AppVeyor release build request for ${job} successful.  Check build status at ${buildUrl}`)
 }