From 2fbf202f4d40a754f7aff8fef47290e5908a975b Mon Sep 17 00:00:00 2001
From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
Date: Thu, 13 Feb 2020 17:53:46 +0000
Subject: user/firefox-esr: [CVE] Bump to 68.5.0, fix last Skia BE issues

---
 user/firefox-esr/APKBUILD          | 15 ++++++-
 user/firefox-esr/skia-sucks1.patch | 84 ++++++++++++++++++++++++++++++++++++++
 user/firefox-esr/skia-sucks2.patch | 44 ++++++++++++++++++++
 user/firefox-esr/skia-sucks3.patch | 30 ++++++++++++++
 4 files changed, 171 insertions(+), 2 deletions(-)
 create mode 100644 user/firefox-esr/skia-sucks1.patch
 create mode 100644 user/firefox-esr/skia-sucks2.patch
 create mode 100644 user/firefox-esr/skia-sucks3.patch

diff --git a/user/firefox-esr/APKBUILD b/user/firefox-esr/APKBUILD
index baaad8d63..e4c2a5687 100644
--- a/user/firefox-esr/APKBUILD
+++ b/user/firefox-esr/APKBUILD
@@ -1,7 +1,7 @@
 # Contributor: Molly Miller <adelie@m-squa.red>
 # Maintainer: A. Wilcox <awilfox@adelielinux.org>
 pkgname=firefox-esr
-pkgver=68.4.1
+pkgver=68.5.0
 pkgrel=0
 pkgdesc="Firefox web browser (extended support release)"
 url="https://www.mozilla.org/firefox/"
@@ -43,6 +43,9 @@ source="https://ftp.mozilla.org/pub/firefox/releases/$_ffxver/source/firefox-$_f
 	rust-32bit.patch
 	rust-config.patch
 	shut-up-warning.patch
+	skia-sucks1.patch
+	skia-sucks2.patch
+	skia-sucks3.patch
 	stackwalk-x86-ppc.patch
 	webrtc-broken.patch
 
@@ -98,6 +101,11 @@ ldpath="$_mozappdir"
 #     - CVE-2019-17022
 #     - CVE-2019-17024
 #     - CVE-2019-17026
+#   68.5.0-r0:
+#     - CVE-2020-6796
+#     - CVE-2020-6797
+#     - CVE-2020-6798
+#     - CVE-2020-6799
 
 
 unpack() {
@@ -214,7 +222,7 @@ package() {
 	EOF
 }
 
-sha512sums="8dd85096f1223b2ab396cc3b89a9f1b113f01ce8919af08a278d077cc4380c108a66b6379c75d85311aa3c54a7804f4d51f718b309fe107ff7c44aca7e4386ed  firefox-68.4.1esr.source.tar.xz
+sha512sums="0acf4ecd47bccf062ab330231e36355f5d84e66ab411f653ae3160583613840925bb473c0f7dfa4b15311a543940293c4633516851c9466c4b0133c9271710d3  firefox-68.5.0esr.source.tar.xz
 16e814e8dcffc707b595ca2919bd2fa3db0d15794c63d977364652c4a5b92e90e72b8c9e1cc83b5020398bd90a1b397dbdd7cb931c49f1aa4af6ef95414b43e0  Python-2.7.16.tar.xz
 f82758d279cd12a1b30a9b36ac3c265cfb137df3db7ae185f2c538504e46fa70ace1b051fce847356851062b5cc9cd741a6d33d54f8cd103aa0c8272cb19ccc4  mozconfig
 ace7492f4fb0523c7340fdc09c831906f74fddad93822aff367135538dacd3f56288b907f5a04f53f94c76e722ba0bab73e28d83ec12d3e672554712e6b08613  bad-google-code.patch
@@ -227,6 +235,9 @@ e61664bc93eadce5016a06a4d0684b34a05074f1815e88ef2613380d7b369c6fd305fb34f83b5eb1
 7c615703dc9b8427eeadd13bc9beda02e1c3d986cac1167feaf48fdfdcc15b7456460d4d58f301054cf459242ee75bbcd76bf67e26c2a443bc5655975d24ca1b  rust-32bit.patch
 45613d476e85fe333ef8091acce4806803953c1a99de4f03ff577cf20c5a1a3d635d0589e1490da104ef80721f4f1b1d35045af3c6892c1a468fa84095f27ad8  rust-config.patch
 39ddb15d1453a8412275c36fc8db3befc69dffd4a362e932d280fb7fd1190db595a2af9b468ee49e0714f5e9df6e48eb5794122a64fa9f30d689de8693acbb15  shut-up-warning.patch
+e751ffab263f03d4c74feebc617e3af115b1b53cf54fe16c3acc585eec67773f37aa8de4c19599fa6478179b01439025112ef2b759aa9923c9900e7081cb65a9  skia-sucks1.patch
+9152bd3e6dc446337e6a2ed602279c620aedecc796ba28e777854c4f41fcf3067f9ebd086a4b63a6b76c2e69ec599ac6435b8eeda4f7488b1c45f69113facba4  skia-sucks2.patch
+7a1fa27e060b2f025eaebbd39fb5c62960b62450241437e6d057d58cef9faf1cd1a85efe3b6a37b865d686ff18e90605ebea3089b26243f2d14876c2107106a6  skia-sucks3.patch
 452b47b825294779f98ed46bc1065dad76b79ff453521ef049934a120f349c84a1c863b16af1828fe053059823da9690ec917c055ae02dcc5c80c54cad732448  stackwalk-x86-ppc.patch
 be68f1387aa6677875a67106e2d6a9db470c934c943056d3b53391a63034235108e41945c53957db427d9cdc59f0aa2f9e6f2f8cd862e090e512a3ab9cbcc9a8  webrtc-broken.patch
 f3b7c3e804ce04731012a46cb9e9a6b0769e3772aef9c0a4a8c7520b030fdf6cd703d5e9ff49275f14b7d738fe82a0a4fde3bc3219dff7225d5db0e274987454  firefox.desktop
diff --git a/user/firefox-esr/skia-sucks1.patch b/user/firefox-esr/skia-sucks1.patch
new file mode 100644
index 000000000..a02c3b775
--- /dev/null
+++ b/user/firefox-esr/skia-sucks1.patch
@@ -0,0 +1,84 @@
+# HG changeset patch
+# Parent  548d0a2f3a22bfac32ec0c3921c6c969c8bf32a9
+
+diff -r 548d0a2f3a22 gfx/2d/ConvolutionFilter.cpp
+--- a/gfx/2d/ConvolutionFilter.cpp	Mon Jul 22 16:57:54 2019 +0200
++++ b/gfx/2d/ConvolutionFilter.cpp	Thu Jul 25 14:27:59 2019 +0200
+@@ -35,9 +35,38 @@
+   return true;
+ }
+ 
++static void ByteSwapArray(uint8_t *u8Array, int32_t size) {
++    uint32_t *array = reinterpret_cast<uint32_t*>(u8Array);
++    for (int pxl = 0; pxl < size; ++pxl) {
++        // Use an endian swap to move the bytes, i.e. BGRA -> ARGB.
++        uint32_t rgba = array[pxl];
++        array[pxl] = NativeEndian::swapToLittleEndian(rgba);
++    }
++}
++
+ void ConvolutionFilter::ConvolveHorizontally(const uint8_t* aSrc, uint8_t* aDst,
+                                              bool aHasAlpha) {
++#ifdef MOZ_BIG_ENDIAN
++    int outputSize = mFilter->numValues();
++
++    // Input size isn't handed in, so we have to calculate it quickly
++    int inputSize = 0;
++    for (int xx = 0; xx < outputSize; ++xx) {
++        // Get the filter that determines the current output pixel.
++        int filterOffset, filterLength;
++        mFilter->FilterForValue(xx, &filterOffset, &filterLength);
++        inputSize = std::max(inputSize, filterOffset + filterLength);
++    }
++
++    ByteSwapArray((uint8_t*)aSrc, inputSize);
++#endif
++
+   SkOpts::convolve_horizontally(aSrc, *mFilter, aDst, aHasAlpha);
++
++#ifdef MOZ_BIG_ENDIAN
++    ByteSwapArray((uint8_t*)aSrc, inputSize);
++    ByteSwapArray(aDst, outputSize);
++#endif
+ }
+ 
+ void ConvolutionFilter::ConvolveVertically(uint8_t* const* aSrc, uint8_t* aDst,
+@@ -49,8 +78,26 @@
+   int32_t filterLength;
+   auto filterValues =
+       mFilter->FilterForValue(aRowIndex, &filterOffset, &filterLength);
++
++#ifdef MOZ_BIG_ENDIAN
++  for (int filterY = 0; filterY < filterLength; filterY++) {
++      // Skia only knows LE, so we have to swizzle the input
++    ByteSwapArray(aSrc[filterY], aRowSize);
++  }
++#endif
++
+   SkOpts::convolve_vertically(filterValues, filterLength, aSrc, aRowSize, aDst,
+                               aHasAlpha);
++
++#ifdef MOZ_BIG_ENDIAN
++  // After skia is finished, we swizzle back to BE, in case
++  // the input is used again somewhere else
++  for (int filterY = 0; filterY < filterLength; filterY++) {
++    ByteSwapArray(aSrc[filterY], aRowSize);
++  }
++  // The destination array as well
++  ByteSwapArray(aDst, aRowSize);
++#endif
+ }
+ 
+ /* ConvolutionFilter::ComputeResizeFactor is derived from Skia's
+diff -r 548d0a2f3a22 gfx/skia/skia/include/core/SkPreConfig.h
+--- a/gfx/skia/skia/include/core/SkPreConfig.h	Mon Jul 22 16:57:54 2019 +0200
++++ b/gfx/skia/skia/include/core/SkPreConfig.h	Thu Jul 25 14:27:59 2019 +0200
+@@ -73,7 +73,7 @@
+       defined(__ppc__) || defined(__hppa) || \
+       defined(__PPC__) || defined(__PPC64__) || \
+       defined(_MIPSEB) || defined(__ARMEB__) || \
+-      defined(__s390__) || \
++      defined(__s390__) || defined(__s390x__) || \
+       (defined(__sh__) && defined(__BIG_ENDIAN__)) || \
+       (defined(__ia64) && defined(__BIG_ENDIAN__))
+          #define SK_CPU_BENDIAN
diff --git a/user/firefox-esr/skia-sucks2.patch b/user/firefox-esr/skia-sucks2.patch
new file mode 100644
index 000000000..1a498f871
--- /dev/null
+++ b/user/firefox-esr/skia-sucks2.patch
@@ -0,0 +1,44 @@
+# HG changeset patch
+# Parent  aecb4600e5da17443b224c79eee178c1d8e155e3
+For FF68, AntiAliasing of XULTexts seem to be broken on big endian (s390x). Text and icons of the sandwich-menu to the
+right of the address bar, as well as plugin-windows appears transparant, which usually means unreadable (white on white).
+
+diff -r aecb4600e5da gfx/skia/skia/include/private/SkNx.h
+--- a/gfx/skia/skia/include/private/SkNx.h	Tue Aug 20 09:46:55 2019 +0200
++++ b/gfx/skia/skia/include/private/SkNx.h	Mon Sep 09 10:04:06 2019 +0200
+@@ -238,7 +238,18 @@
+     AI SkNx operator*(const SkNx& y) const { return fVal * y.fVal; }
+     AI SkNx operator/(const SkNx& y) const { return fVal / y.fVal; }
+ 
++    // On Big endian the commented out variant doesn't work,
++    // and honestly, I have no idea why it exists in the first place.
++    // The reason its broken is, I think, that it defaults to the double-variant of ToBits()
++    // which gets a 64-bit integer, and FromBits returns 32-bit,
++    // cutting off the wrong half again.
++    // Overall, I see no reason to have ToBits and FromBits at all (even for floats/doubles).
++    // Still we are only "fixing" this for big endian and leave little endian alone (never touch a running system)
++#ifdef SK_CPU_BENDIAN
++    AI SkNx operator&(const SkNx& y) const { return fVal & y.fVal; }
++#else
+     AI SkNx operator&(const SkNx& y) const { return FromBits(ToBits(fVal) & ToBits(y.fVal)); }
++#endif
+     AI SkNx operator|(const SkNx& y) const { return FromBits(ToBits(fVal) | ToBits(y.fVal)); }
+     AI SkNx operator^(const SkNx& y) const { return FromBits(ToBits(fVal) ^ ToBits(y.fVal)); }
+ 
+diff -r aecb4600e5da gfx/skia/skia/src/opts/SkBlitMask_opts.h
+--- a/gfx/skia/skia/src/opts/SkBlitMask_opts.h	Tue Aug 20 09:46:55 2019 +0200
++++ b/gfx/skia/skia/src/opts/SkBlitMask_opts.h	Mon Sep 09 10:04:06 2019 +0200
+@@ -203,7 +203,13 @@
+             //   ~~~>
+             // a = 1*aa + d(1-1*aa) = aa + d(1-aa)
+             // c = 0*aa + d(1-1*aa) =      d(1-aa)
++
++            // For big endian we have to swap the alpha-mask from 0,0,0,255 to 255,0,0,0
++#ifdef SK_CPU_BENDIAN
++            return Sk4px(Sk16b(aa) & Sk16b(255,0,0,0, 255,0,0,0, 255,0,0,0, 255,0,0,0))
++#else
+             return Sk4px(Sk16b(aa) & Sk16b(0,0,0,255, 0,0,0,255, 0,0,0,255, 0,0,0,255))
++#endif
+                  + d.approxMulDiv255(aa.inv());
+         };
+         while (h --> 0) {
diff --git a/user/firefox-esr/skia-sucks3.patch b/user/firefox-esr/skia-sucks3.patch
new file mode 100644
index 000000000..9d2ffc410
--- /dev/null
+++ b/user/firefox-esr/skia-sucks3.patch
@@ -0,0 +1,30 @@
+# HG changeset patch
+# Parent  46ea866ca3acb8bb5e1709ceb799b9c94f591dec
+Problem description: Tab-titles that are too long to fit into a tab get faded out.
+                     On big endian this is broken and instead of fading out, the 
+                     tab gets white and the font transparent, leading to an unreadable
+                     tab-title
+Solution: This is not a real solution, but a hack. The real solution would have been
+          to byte-swap the correct buffer, but I could not find it.
+          So the next best thing is to deactivate the fading-effect. Now all tab-titles
+          are readable, albeit not as pretty to look at as they could be. 
+Side-effects: I have not yet found an unwanted side-effect.
+
+diff -r 46ea866ca3ac -r 6ef20eee3f8f gfx/2d/DrawTargetSkia.cpp
+--- a/gfx/2d/DrawTargetSkia.cpp	Tue Oct 22 12:27:22 2019 +0200
++++ b/gfx/2d/DrawTargetSkia.cpp	Thu Oct 31 09:11:56 2019 +0100
+@@ -1861,6 +1861,14 @@
+       SkCanvas::kPreserveLCDText_SaveLayerFlag |
+           (aCopyBackground ? SkCanvas::kInitWithPrevious_SaveLayerFlag : 0));
+ 
++#if MOZ_BIG_ENDIAN
++  // Pushing a layer where an aMask is defined produces wrong output.
++  // We _should_ endian swap the data, but I couldn't find a workable way to do so
++  // Therefore I deactivate those layers in the meantime.
++  // The result is: Tab-titles that are longer than the available space should be faded out.
++  //                The fading doesn't work, so we deactivate the fading-effect here.
++  if (!aMask)
++#endif
+   mCanvas->saveLayer(saveRec);
+ 
+   SetPermitSubpixelAA(aOpaque);
-- 
cgit v1.2.3-60-g2f50