Shared security patch analysis results
AI Used: DEEPSEEK deepseek-chat--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/testing/web-platform/tests/html/canvas/offscreen/text/2d.text.font.parse.tiny.worker.js+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/testing/web-platform/tests/html/canvas/offscreen/text/2d.text.font.parse.tiny.worker.js@@ -13,8 +13,8 @@ }); t.step(function() {-var offscreenCanvas = new OffscreenCanvas(100, 50);-var ctx = offscreenCanvas.getContext('2d');+var canvas = new OffscreenCanvas(100, 50);+var ctx = canvas.getContext('2d'); ctx.font = '1px sans-serif'; _assertSame(ctx.font, '1px sans-serif', "ctx.font", "'1px sans-serif'");
Let me analyze the code diff for potential security vulnerabilities:
Vulnerability Existed: no
No specific vulnerability found [File] [Lines 13-14]
[Old Code]
var offscreenCanvas = new OffscreenCanvas(100, 50);
var ctx = offscreenCanvas.getContext('2d');
[Fixed Code]
var canvas = new OffscreenCanvas(100, 50);
var ctx = canvas.getContext('2d');
Additional Details:
- The change appears to be purely a variable name refactoring from 'offscreenCanvas' to 'canvas'
- No security-related changes are evident in this diff
- The functionality remains identical, only the variable naming convention was modified
- No known vulnerabilities (like XSS, injection, etc.) are addressed by this change
- This appears to be a code style/readability improvement rather than a security fix
The modification doesn't show any security implications as it's just a variable renaming with no changes to the actual functionality or security-related behavior of the code.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/testing/web-platform/tests/html/canvas/offscreen/drawing-rectangles-to-the-canvas/2d.strokeRect.zero.5.html+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/testing/web-platform/tests/html/canvas/offscreen/drawing-rectangles-to-the-canvas/2d.strokeRect.zero.5.html@@ -17,14 +17,14 @@ }); t.step(function() {-var offscreenCanvas = new OffscreenCanvas(100, 50);-var ctx = offscreenCanvas.getContext('2d');+var canvas = new OffscreenCanvas(100, 50);+var ctx = canvas.getContext('2d'); ctx.strokeStyle = '#0f0'; ctx.lineWidth = 250; ctx.lineJoin = 'round'; ctx.strokeRect(100, 25, 100, 0);-_assertPixel(offscreenCanvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255");+_assertPixel(canvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255"); t.done(); });
Based on the provided code diff, I don't see any security vulnerabilities being fixed. The changes appear to be purely cosmetic/refactoring changes (variable renaming) rather than security-related fixes.
Here's the analysis following your requested format:
Vulnerability Existed: no
[No security vulnerability found] [testing/web-platform/tests/html/canvas/offscreen/drawing-rectangles-to-the-canvas/2d.strokeRect.zero.5.html] [Lines 17-25]
[Old Code]
var offscreenCanvas = new OffscreenCanvas(100, 50);
var ctx = offscreenCanvas.getContext('2d');
...
_assertPixel(offscreenCanvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255");
[Fixed Code]
var canvas = new OffscreenCanvas(100, 50);
var ctx = canvas.getContext('2d');
...
_assertPixel(canvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255");
The changes simply rename the variable `offscreenCanvas` to `canvas` and update all references to it. There are no security implications to this change.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/testing/web-platform/tests/html/canvas/offscreen/shadows/2d.shadow.canvas.basic.worker.js+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/testing/web-platform/tests/html/canvas/offscreen/shadows/2d.shadow.canvas.basic.worker.js@@ -13,8 +13,8 @@ }); t.step(function() {-var offscreenCanvas = new OffscreenCanvas(100, 50);-var ctx = offscreenCanvas.getContext('2d');+var canvas = new OffscreenCanvas(100, 50);+var ctx = canvas.getContext('2d'); var offscreenCanvas2 = new OffscreenCanvas(100, 50); var ctx2 = offscreenCanvas2.getContext('2d');@@ -25,7 +25,7 @@ ctx.shadowColor = '#0f0'; ctx.shadowOffsetY = 50; ctx.drawImage(offscreenCanvas2, 0, -50);-_assertPixel(offscreenCanvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255");+_assertPixel(canvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255"); t.done(); });
Based on the provided code diff, I don't see any security vulnerabilities being fixed. The changes appear to be purely variable renaming and don't involve any security-related modifications.
Here's the analysis following your requested format:
Vulnerability Existed: no
No security vulnerability found
File: testing/web-platform/tests/html/canvas/offscreen/shadows/2d.shadow.canvas.basic.worker.js
Lines: 13-25
Old Code:
var offscreenCanvas = new OffscreenCanvas(100, 50);
var ctx = offscreenCanvas.getContext('2d');
...
_assertPixel(offscreenCanvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255");
Fixed Code:
var canvas = new OffscreenCanvas(100, 50);
var ctx = canvas.getContext('2d');
...
_assertPixel(canvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255");
The changes are simply renaming the variable 'offscreenCanvas' to 'canvas' for consistency or clarity, with no security implications.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/testing/web-platform/tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.invalid.css-color-4-hsl-1.worker.js+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/testing/web-platform/tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.invalid.css-color-4-hsl-1.worker.js@@ -13,14 +13,14 @@ }); t.step(function() {-var offscreenCanvas = new OffscreenCanvas(100, 50);-var ctx = offscreenCanvas.getContext('2d');+var canvas = new OffscreenCanvas(100, 50);+var ctx = canvas.getContext('2d'); ctx.fillStyle = '#0f0'; try { ctx.fillStyle = 'hsl(0, 100%, 50% / 1)'; } catch (e) { } // this shouldn't throw, but it shouldn't matter here if it does ctx.fillRect(0, 0, 100, 50);-_assertPixel(offscreenCanvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255");+_assertPixel(canvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255"); t.done(); });
Based on the provided code diff, here's the analysis following the required format:
Vulnerability Existed: no
[No specific vulnerability found] [testing/web-platform/tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.invalid.css-color-4-hsl-1.worker.js] [Lines 13-14, 20]
[Old Code]
var offscreenCanvas = new OffscreenCanvas(100, 50);
var ctx = offscreenCanvas.getContext('2d');
...
_assertPixel(offscreenCanvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255");
[Fixed Code]
var canvas = new OffscreenCanvas(100, 50);
var ctx = canvas.getContext('2d');
...
_assertPixel(canvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255");
Additional Details:
The changes appear to be purely variable renaming (from 'offscreenCanvas' to 'canvas') and don't indicate any security fixes. The functionality remains the same, and there are no security-related patterns being modified in this diff. The test case continues to verify canvas color parsing behavior.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/browser/themes/shared/tabs.inc.css+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/browser/themes/shared/tabs.inc.css@@ -277,9 +277,13 @@ } .tab-icon-image {- list-style-image: url("chrome://global/skin/icons/defaultFavicon.svg"); -moz-context-properties: fill; fill: currentColor;+}++.tab-icon-image:not([src]),+.tab-icon-image:-moz-broken {+ content: url("chrome://global/skin/icons/defaultFavicon.svg"); } .tab-icon-image[sharing]:not([selected]),@@ -722,7 +726,11 @@ } .all-tabs-item:hover {- background-color: var(--button-hover-bgcolor);+ background-color: var(--panel-item-hover-bgcolor);+}++.all-tabs-item:hover:active {+ background-color: var(--panel-item-active-bgcolor); } .all-tabs-item:hover > .all-tabs-button,
Here's the analysis of the provided code diff for security fixes: 1. Vulnerability Existed: no No security vulnerability was identified in this diff. The changes appear to be cosmetic/functional improvements rather than security fixes. The modifications include: - Changing how default favicon is displayed for tabs without icons - Updating hover/active states for all-tabs-item elements 2. Vulnerability Existed: no The changes in the CSS file (browser/themes/shared/tabs.inc.css) are primarily styling updates: - Lines 277-283: Reorganized favicon fallback styling - Lines 722-726: Updated hover and active state colors for tab items No security-related vulnerabilities (such as XSS, injection, or information disclosure) were found in these CSS changes. The modifications seem focused on improving visual consistency and user experience rather than addressing security issues.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/testing/web-platform/tests/css/css-fonts/first-available-font-001.html+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/testing/web-platform/tests/css/css-fonts/first-available-font-001.html@@ -5,7 +5,6 @@ <link rel="help" href="https://drafts.csswg.org/css-fonts-3/#first-available-font"> <link rel="help" href="https://drafts.csswg.org/css-fonts-4/#first-available-font"> <link rel="match" href="first-available-font-001-ref.html">-<meta name="flags" content=""> <meta name="assert" content="Fonts that do not include the U+0020 character are not considered the first available font (used to determine the ex unit), even when at the start of the font list."> <style> /* Two arbitrary fonts with different metrics */
Based on the provided diff, I'll analyze it for potential security vulnerabilities: Vulnerability Existed: no No specific vulnerability found [File] testing/web-platform/tests/css/css-fonts/first-available-font-001.html [Lines 5] [Old Code] <meta name="flags" content=""> [Fixed Code] (removed line) Additional Details: - The change simply removes an empty meta tag for "flags" which appears to be test-related metadata - No security vulnerability is apparent in this change - The modification seems to be a cleanup of test file metadata rather than a security fix There are no other changes in the provided diff to analyze. The rest of the diff shows unchanged context lines.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/testing/web-platform/tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-rgb-6.html+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/testing/web-platform/tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-rgb-6.html@@ -17,14 +17,14 @@ }); t.step(function() {-var offscreenCanvas = new OffscreenCanvas(100, 50);-var ctx = offscreenCanvas.getContext('2d');+var canvas = new OffscreenCanvas(100, 50);+var ctx = canvas.getContext('2d'); ctx.fillStyle = '#f00'; ctx.fillStyle = 'rgb(0 255 0 / 20%)'; ctx.fillRect(0, 0, 100, 50);-_assertPixel(offscreenCanvas, 50,25, 0,255,0,51, "50,25", "0,255,0,51");+_assertPixel(canvas, 50,25, 0,255,0,51, "50,25", "0,255,0,51"); t.done(); });
Analyzing the provided code diff, I don't see any security vulnerabilities being fixed. The changes appear to be purely variable renaming and don't involve any security-sensitive operations. Here's the analysis:
1. Vulnerability Existed: no
Variable Renaming [File] [Lines 17-18, 25]
Old Code:
var offscreenCanvas = new OffscreenCanvas(100, 50);
var ctx = offscreenCanvas.getContext('2d');
_assertPixel(offscreenCanvas, 50,25, 0,255,0,51, "50,25", "0,255,0,51");
Fixed Code:
var canvas = new OffscreenCanvas(100, 50);
var ctx = canvas.getContext('2d');
_assertPixel(canvas, 50,25, 0,255,0,51, "50,25", "0,255,0,51");
The changes simply rename the variable `offscreenCanvas` to `canvas` and update its references. There are no security implications to this change. The functionality remains exactly the same, just with a different variable name.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/intl/lwbrk/gtest/TestSegmenter.cpp+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/intl/lwbrk/gtest/TestSegmenter.cpp@@ -51,11 +51,48 @@ ASSERT_EQ(segIter->Seek(0u), Nothing()); }-TEST(IntlSegmenter, TestGraphemeBreakIteratorUtf16)+TEST(IntlSegmenter, TestGraphemeClusterBreakIteratorUtf16) { SegmenterOptions options{SegmenterGranularity::Grapheme}; auto result = Segmenter::TryCreate("en", options);- ASSERT_TRUE(result.isErr());+ ASSERT_TRUE(result.isOk());+ auto graphemeClusterSegmenter = result.unwrap();++ const char16_t text[] = u"hello world";+ UniquePtr<SegmentIteratorUtf16> segIter =+ graphemeClusterSegmenter->Segment(MakeStringSpan(text));++ // Seek to the space between "hello" and "world"+ ASSERT_EQ(segIter->Seek(5u), Some(6u));++ ASSERT_EQ(segIter->Next(), Some(7u));+ ASSERT_EQ(segIter->Next(), Some(8u));+ ASSERT_EQ(segIter->Next(), Some(9u));+ ASSERT_EQ(segIter->Next(), Some(10u));+ ASSERT_EQ(segIter->Next(), Some(11u));+ ASSERT_EQ(segIter->Next(), Nothing());++ // Same as calling Next().+ ASSERT_EQ(segIter->Seek(0u), Nothing());+}++TEST(IntlSegmenter, TestGraphemeClusterBreakReverseIteratorUtf16)+{+ const char16_t text[] = u"hello world";+ GraphemeClusterBreakReverseIteratorUtf16 segIter(MakeStringSpan(text));++ // Seek to the space between "hello" and "world"+ ASSERT_EQ(segIter.Seek(6u), Some(5u));++ ASSERT_EQ(segIter.Next(), Some(4u));+ ASSERT_EQ(segIter.Next(), Some(3u));+ ASSERT_EQ(segIter.Next(), Some(2u));+ ASSERT_EQ(segIter.Next(), Some(1u));+ ASSERT_EQ(segIter.Next(), Some(0u));+ ASSERT_EQ(segIter.Next(), Nothing());++ // Same as calling Next().+ ASSERT_EQ(segIter.Seek(0u), Nothing()); } TEST(IntlSegmenter, TestSentenceBreakIteratorUtf16)
Based on the provided code diff, I don't see any security vulnerabilities being fixed. The changes appear to be test case modifications and additions rather than security fixes. Here's the analysis: 1. Vulnerability Existed: no The changes involve: - Renaming a test case from `TestGraphemeBreakIteratorUtf16` to `TestGraphemeClusterBreakIteratorUtf16` - Changing the assertion from `isErr()` to `isOk()` - Adding more test assertions - Adding a new test case `TestGraphemeClusterBreakReverseIteratorUtf16` These are test improvements rather than security fixes. The changes focus on testing functionality of the segmenter with UTF-16 text, including both forward and reverse iteration cases. 2. Vulnerability Existed: no The addition of `TestGraphemeClusterBreakReverseIteratorUtf16` is a new test case that verifies reverse iteration behavior, but doesn't represent a security fix. No security vulnerabilities were identified in this diff. The changes appear to be test suite enhancements rather than security-related fixes.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/testing/web-platform/tests/html/rendering/non-replaced-elements/form-controls/resets.html+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/testing/web-platform/tests/html/rendering/non-replaced-elements/form-controls/resets.html@@ -48,7 +48,7 @@ marquee { text-align: initial; }-table { display: table; }+table { display: table; box-sizing: border-box; } caption { display: table-caption; } colgroup, colgroup[hidden] { display: table-column-group; } col, col[hidden] { display: table-column; }
Let me analyze the code diff for potential security fixes:
Vulnerability Existed: no
[No specific vulnerability] [testing/web-platform/tests/html/rendering/non-replaced-elements/form-controls/resets.html] [Lines 48]
[Old Code] table { display: table; }
[Fixed Code] table { display: table; box-sizing: border-box; }
Additional details:
- This appears to be a rendering/style fix rather than a security vulnerability fix
- The change adds `box-sizing: border-box` to table elements, which affects how padding and borders are calculated
- No known vulnerability is being addressed here
- The modification is likely for consistency or layout purposes rather than security
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/dom/media/webrtc/third_party_build/gn-configs/x64_True_x64_win.json+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/dom/media/webrtc/third_party_build/gn-configs/x64_True_x64_win.json@@ -39,7 +39,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -222,7 +221,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -387,7 +385,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -552,7 +549,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -722,7 +718,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -888,7 +883,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -1050,7 +1044,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -1209,7 +1202,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -1377,7 +1369,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -1546,7 +1537,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -1714,7 +1704,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -1883,7 +1872,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -2051,7 +2039,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -2221,7 +2208,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -2378,7 +2364,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -2548,7 +2533,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -2720,7 +2704,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -2877,7 +2860,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -3042,7 +3024,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -3213,7 +3194,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -3378,7 +3358,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -3549,7 +3528,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -3720,7 +3698,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -3892,7 +3869,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -4049,7 +4025,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -4217,7 +4192,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -4389,7 +4363,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -4556,7 +4529,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -4738,7 +4710,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -4916,7 +4887,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -5094,7 +5064,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -5255,7 +5224,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -5416,7 +5384,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -5582,7 +5549,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -5748,7 +5714,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -5920,7 +5885,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -6089,7 +6053,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -6252,7 +6215,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -6419,7 +6381,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -6587,7 +6548,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -6751,7 +6711,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -6914,7 +6873,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -7077,7 +7035,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -7238,7 +7195,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -7402,7 +7358,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -7571,7 +7526,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -7742,7 +7696,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -7902,7 +7855,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -8068,7 +8020,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -8231,7 +8182,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -8395,7 +8345,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -8558,7 +8507,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -8722,7 +8670,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -8895,7 +8842,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -9060,7 +9006,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -9233,7 +9178,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -9400,7 +9344,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -9562,7 +9505,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -9727,7 +9669,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -9888,7 +9829,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -10051,7 +9991,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -10208,7 +10147,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -10383,7 +10321,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -10556,7 +10493,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -10729,7 +10665,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -10895,7 +10830,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -11068,7 +11002,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -11225,7 +11158,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -11397,7 +11329,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -11572,7 +11503,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -11743,7 +11673,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -11902,7 +11831,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -12070,7 +11998,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -12242,7 +12169,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -12427,7 +12353,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -12622,7 +12547,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -12791,7 +12715,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -12951,7 +12874,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -13114,7 +13036,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -13274,7 +13195,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -13431,7 +13351,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -13590,7 +13509,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -13751,7 +13669,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -13918,7 +13835,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -14077,7 +13993,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -14234,7 +14149,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -14406,7 +14320,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -14563,7 +14476,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -14720,7 +14632,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -14881,7 +14792,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -15047,7 +14957,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -15212,7 +15121,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -15381,7 +15289,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -15550,7 +15457,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -15707,7 +15613,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -15864,7 +15769,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -16029,7 +15933,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -16187,7 +16090,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -16361,7 +16263,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -16605,7 +16506,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -16806,7 +16706,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -16967,7 +16866,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -17143,7 +17041,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -17313,7 +17210,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -17530,7 +17426,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -17741,7 +17636,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -17917,7 +17811,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -18099,7 +17992,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -18275,7 +18167,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -18488,7 +18379,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -18662,7 +18552,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -18827,7 +18716,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -19015,7 +18903,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -19184,7 +19071,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -19342,7 +19228,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -19500,7 +19385,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -19706,7 +19590,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -19876,7 +19759,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -20098,7 +19980,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -20253,7 +20134,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -20419,7 +20299,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -20589,7 +20468,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -20746,7 +20624,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -20919,7 +20796,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro", "-Wno-builtin-macro-redefined", "-D__DATE__=",@@ -21087,7 +20963,6 @@ "-fmsc-version=1916", "/guard:cf,nochecks", "-m64",- "-fansi-escape-codes", "/Brepro",
Based on the provided diff, I'll analyze the changes for security fixes: 1. Vulnerability Existed: not sure ANSI Escape Code Injection Potential dom/media/webrtc/third_party_build/gn-configs/x64_True_x64_win.json [Multiple lines showing removal of "-fansi-escape-codes"] Old Code: "-fansi-escape-codes" Fixed Code: [removed] 2. Vulnerability Existed: not sure MULTI_MONITOR_SCREENSHARE Define Removal dom/media/webrtc/third_party_build/gn-configs/x64_True_x64_win.json [Line showing removal of "MULTI_MONITOR_SCREENSHARE"] Old Code: "MULTI_MONITOR_SCREENSHARE" Fixed Code: [removed] The main changes are: 1. Removal of the "-fansi-escape-codes" compiler flag from multiple locations 2. Removal of the "MULTI_MONITOR_SCREENSHARE" define While I can't confirm these are definitely security fixes, they could potentially be related to: 1. Preventing ANSI escape code injection vulnerabilities in terminal output 2. Removing potentially sensitive screen sharing functionality However, without more context about why these changes were made, I can't be certain they are security-related fixes. The changes appear consistently throughout the file, suggesting they were intentional modifications rather than accidental removals.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/testing/web-platform/tests/feature-policy/reporting/serial-reporting.https.html+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/testing/web-platform/tests/feature-policy/reporting/serial-reporting.https.html@@ -10,7 +10,7 @@ <script> var check_report_format = ([reports, observer]) => { let report = reports[0];- assert_equals(report.type, "feature-policy-violation");+ assert_equals(report.type, "permissions-policy-violation"); assert_equals(report.url, document.location.href); assert_equals(report.body.featureId, "serial"); assert_equals(report.body.sourceFile, document.location.href);@@ -22,7 +22,7 @@ promise_test(async t => { const report = new Promise(resolve => { new ReportingObserver((reports, observer) => resolve([reports, observer]),- {types: ['feature-policy-violation']}).observe();+ {types: ['permissions-policy-violation']}).observe(); }); await test_driver.bless('Activate document for serial.requestPort');@@ -38,7 +38,7 @@ promise_test(async t => { const report = new Promise(resolve => { new ReportingObserver((reports, observer) => resolve([reports, observer]),- {types: ['feature-policy-violation']}).observe();+ {types: ['permissions-policy-violation']}).observe(); }); try {
Based on the provided diff, I'll analyze it for security fixes:
1. Vulnerability Existed: not sure
Feature Policy to Permissions Policy Renaming [testing/web-platform/tests/feature-policy/reporting/serial-reporting.https.html] [Lines 10, 22, 38]
Old Code: "feature-policy-violation"
Fixed Code: "permissions-policy-violation"
Additional Details:
- The changes appear to be a renaming from "feature-policy-violation" to "permissions-policy-violation" throughout the file
- This seems to be following a specification change where Feature Policy was renamed to Permissions Policy
- While this isn't a direct security vulnerability fix, it's important for maintaining correct policy enforcement
- The change ensures proper reporting of policy violations under the new naming scheme
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/gfx/layers/ipc/SharedSurfacesParent.cpp+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/gfx/layers/ipc/SharedSurfacesParent.cpp@@ -22,26 +22,30 @@ using namespace mozilla::gfx;-StaticMutex SharedSurfacesParent::sMutex;+StaticMonitor SharedSurfacesParent::sMonitor; StaticAutoPtr<SharedSurfacesParent> SharedSurfacesParent::sInstance;++// Short wait to allow for a surface to be added, where the consumer has a+// different thread route.+static const TimeDuration kGetTimeout = TimeDuration::FromMilliseconds(50); void SharedSurfacesParent::MappingTracker::NotifyExpiredLocked( SourceSurfaceSharedDataWrapper* aSurface,- const StaticMutexAutoLock& aAutoLock) {+ const StaticMonitorAutoLock& aAutoLock) { RemoveObjectLocked(aSurface, aAutoLock); mExpired.AppendElement(aSurface); } void SharedSurfacesParent::MappingTracker::TakeExpired( nsTArray<RefPtr<gfx::SourceSurfaceSharedDataWrapper>>& aExpired,- const StaticMutexAutoLock& aAutoLock) {+ const StaticMonitorAutoLock& aAutoLock) { aExpired = std::move(mExpired); } void SharedSurfacesParent::MappingTracker::NotifyHandlerEnd() { nsTArray<RefPtr<gfx::SourceSurfaceSharedDataWrapper>> expired; {- StaticMutexAutoLock lock(sMutex);+ StaticMonitorAutoLock lock(sMonitor); TakeExpired(expired, lock); }@@ -56,7 +60,7 @@ /* static */ void SharedSurfacesParent::Initialize() { MOZ_ASSERT(NS_IsMainThread());- StaticMutexAutoLock lock(sMutex);+ StaticMonitorAutoLock lock(sMonitor); if (!sInstance) { sInstance = new SharedSurfacesParent(); }@@ -67,7 +71,7 @@ // The main thread should blocked on waiting for the render thread to // complete so this should be safe to release off the main thread. MOZ_ASSERT(wr::RenderThread::IsInRenderThread());- StaticMutexAutoLock lock(sMutex);+ StaticMonitorAutoLock lock(sMonitor); MOZ_ASSERT(sInstance); for (const auto& key : sInstance->mSurfaces.Keys()) {@@ -85,28 +89,34 @@ // thread that could use it. The expiration tracker needs to be freed on the // main thread. MOZ_ASSERT(NS_IsMainThread());- StaticMutexAutoLock lock(sMutex);+ StaticMonitorAutoLock lock(sMonitor); sInstance = nullptr; } /* static */ already_AddRefed<DataSourceSurface> SharedSurfacesParent::Get( const wr::ExternalImageId& aId) {- StaticMutexAutoLock lock(sMutex);+ StaticMonitorAutoLock lock(sMonitor); if (!sInstance) { gfxCriticalNote << "SSP:Get " << wr::AsUint64(aId) << " shtd"; return nullptr; } RefPtr<SourceSurfaceSharedDataWrapper> surface;- sInstance->mSurfaces.Get(wr::AsUint64(aId), getter_AddRefs(surface));+ while (+ !sInstance->mSurfaces.Get(wr::AsUint64(aId), getter_AddRefs(surface))) {+ CVStatus status = lock.Wait(kGetTimeout);+ if (status == CVStatus::Timeout) {+ return nullptr;+ }+ } return surface.forget(); } /* static */ already_AddRefed<DataSourceSurface> SharedSurfacesParent::Acquire( const wr::ExternalImageId& aId) {- StaticMutexAutoLock lock(sMutex);+ StaticMonitorAutoLock lock(sMonitor); if (!sInstance) { gfxCriticalNote << "SSP:Acq " << wr::AsUint64(aId) << " shtd"; return nullptr;@@ -125,7 +135,7 @@ /* static */ bool SharedSurfacesParent::Release(const wr::ExternalImageId& aId, bool aForCreator) {- StaticMutexAutoLock lock(sMutex);+ StaticMonitorAutoLock lock(sMonitor); if (!sInstance) { return false; }@@ -151,7 +161,7 @@ SourceSurfaceSharedData* aSurface) { MOZ_ASSERT(XRE_IsParentProcess()); MOZ_ASSERT(NS_IsMainThread());- StaticMutexAutoLock lock(sMutex);+ StaticMonitorAutoLock lock(sMonitor); if (!sInstance) { gfxCriticalNote << "SSP:Ads " << wr::AsUint64(aId) << " shtd"; return;@@ -174,11 +184,12 @@ surface->AddConsumer(); sInstance->mSurfaces.InsertOrUpdate(id, std::move(surface));+ lock.NotifyAll(); } /* static */ void SharedSurfacesParent::DestroyProcess(base::ProcessId aPid) {- StaticMutexAutoLock lock(sMutex);+ StaticMonitorAutoLock lock(sMonitor); if (!sInstance) { return; }@@ -217,7 +228,7 @@ surface->Init(aDesc.size(), aDesc.stride(), aDesc.format(), std::move(aDesc.handle()), aPid);- StaticMutexAutoLock lock(sMutex);+ StaticMonitorAutoLock lock(sMonitor); if (!sInstance) { gfxCriticalNote << "SSP:Add " << wr::AsUint64(aId) << " shtd"; return;@@ -231,6 +242,7 @@ surface->AddConsumer(); sInstance->mSurfaces.InsertOrUpdate(id, std::move(surface));+ lock.NotifyAll(); } /* static */@@ -242,7 +254,7 @@ /* static */ void SharedSurfacesParent::AddTrackingLocked( SourceSurfaceSharedDataWrapper* aSurface,- const StaticMutexAutoLock& aAutoLock) {+ const StaticMonitorAutoLock& aAutoLock) { MOZ_ASSERT(!aSurface->GetExpirationState()->IsTracked()); sInstance->mTracker.AddObjectLocked(aSurface, aAutoLock); }@@ -250,7 +262,7 @@ /* static */ void SharedSurfacesParent::AddTracking( SourceSurfaceSharedDataWrapper* aSurface) {- StaticMutexAutoLock lock(sMutex);+ StaticMonitorAutoLock lock(sMonitor); if (!sInstance) { return; }@@ -261,7 +273,7 @@ /* static */ void SharedSurfacesParent::RemoveTrackingLocked( SourceSurfaceSharedDataWrapper* aSurface,- const StaticMutexAutoLock& aAutoLock) {+ const StaticMonitorAutoLock& aAutoLock) { if (!aSurface->GetExpirationState()->IsTracked()) { return; }@@ -272,7 +284,7 @@ /* static */ void SharedSurfacesParent::RemoveTracking( SourceSurfaceSharedDataWrapper* aSurface) {- StaticMutexAutoLock lock(sMutex);+ StaticMonitorAutoLock lock(sMonitor); if (!sInstance) { return; }@@ -283,7 +295,7 @@ /* static */ bool SharedSurfacesParent::AgeOneGenerationLocked( nsTArray<RefPtr<SourceSurfaceSharedDataWrapper>>& aExpired,- const StaticMutexAutoLock& aAutoLock) {+ const StaticMonitorAutoLock& aAutoLock) { if (sInstance->mTracker.IsEmptyLocked(aAutoLock)) { return false; }@@ -296,7 +308,7 @@ /* static */ bool SharedSurfacesParent::AgeOneGeneration( nsTArray<RefPtr<SourceSurfaceSharedDataWrapper>>& aExpired) {- StaticMutexAutoLock lock(sMutex);+ StaticMonitorAutoLock lock(sMonitor); if (!sInstance) { return false; }@@ -323,7 +335,7 @@ /* static */ void SharedSurfacesParent::AccumulateMemoryReport( base::ProcessId aPid, SharedSurfacesMemoryReport& aReport) {- StaticMutexAutoLock lock(sMutex);+ StaticMonitorAutoLock lock(sMonitor); if (!sInstance) { return; }@@ -352,7 +364,7 @@ return false; }- StaticMutexAutoLock lock(sMutex);+ StaticMonitorAutoLock lock(sMonitor); if (!sInstance) { return true; }
Analyzing the code diff, I can identify one clear security-related change and one potential improvement:
1. First vulnerability fix:
Vulnerability Existed: yes
Race Condition/Deadlock Vulnerability [File] gfx/layers/ipc/SharedSurfacesParent.cpp [Lines throughout file]
[Old Code]
StaticMutex SharedSurfacesParent::sMutex;
StaticMutexAutoLock lock(sMutex);
[Fixed Code]
StaticMonitor SharedSurfacesParent::sMonitor;
StaticMonitorAutoLock lock(sMonitor);
Additional Details: The change from StaticMutex to StaticMonitor with added wait/notify functionality (particularly visible in the Get() method) suggests this was fixing potential deadlock or race condition issues. Monitors provide more sophisticated synchronization than simple mutexes by allowing waiting and notification.
2. Second potential improvement:
Vulnerability Existed: not sure
Potential Resource Starvation [File] gfx/layers/ipc/SharedSurfacesParent.cpp [Lines around Get() method]
[Old Code]
sInstance->mSurfaces.Get(wr::AsUint64(aId), getter_AddRefs(surface));
[Fixed Code]
while (!sInstance->mSurfaces.Get(wr::AsUint64(aId), getter_AddRefs(surface))) {
CVStatus status = lock.Wait(kGetTimeout);
if (status == CVStatus::Timeout) {
return nullptr;
}
}
Additional Details: The addition of a wait loop with timeout in the Get() method suggests this might be addressing potential resource starvation issues where threads could wait indefinitely. However, without more context about the specific issues being fixed, I can't be certain this was a security fix versus a general reliability improvement.
The main security fix appears to be the synchronization primitive upgrade from mutex to monitor, which provides better handling of concurrent access and waiting scenarios.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/netwerk/test/perf/perftest_http3_facebook_scroll.js+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/netwerk/test/perf/perftest_http3_facebook_scroll.js@@ -4,7 +4,7 @@ /* eslint-env node */ /*-Ensure the `--firefox.preference=network.http.http3.enabled:true` is+Ensure the `--firefox.preference=network.http.http3.enable:true` is set for this test. */
Based on the provided diff, here's the analysis: Vulnerability Existed: no [Configuration Change] [netwerk/test/perf/perftest_http3_facebook_scroll.js] [Lines 4] [Old Code] `Ensure the `--firefox.preference=network.http.http3.enabled:true` is` [Fixed Code] `Ensure the `--firefox.preference=network.http.http3.enable:true` is` Additional Details: This appears to be a simple configuration/preference name correction from "network.http.http3.enabled" to "network.http.http3.enable". There's no indication of a security vulnerability being fixed - it's just updating the correct preference name to be used when running the test. The change doesn't involve any security-sensitive operations or vulnerable patterns.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/testing/web-platform/tests/css/selectors/old-tests/css3-modsel-184f.xml+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/testing/web-platform/tests/css/selectors/old-tests/css3-modsel-184f.xml@@ -9,7 +9,6 @@ <link rel="author" title="Lachlan Hunt" href="http://lachy.id.au/about/contact"/> <link rel="help" href="https://www.w3.org/TR/css3-selectors/#selectors"/> <!-- bogus link to make sure it gets found --> <link rel="match" href="css3-modsel-184-ref.xht"/>- <meta name="flags" content="" /> </head> <body> <p class="">This text should be green.</p>
Let me analyze the diff for potential security vulnerabilities: Vulnerability Existed: no No specific vulnerability [File] testing/web-platform/tests/css/selectors/old-tests/css3-modsel-184f.xml [Lines 9] [Old Code] <meta name="flags" content="" /> [Fixed Code] (removed line) Additional Details: - This appears to be a simple removal of an empty meta tag that wasn't serving any purpose - There's no indication of any security vulnerability being fixed here - The change seems to be more about code cleanup than security - No known vulnerability patterns (XSS, injection, etc.) are present in this change - The removed tag had empty content and wasn't used for any security-related functionality The diff shows only a minor cleanup change with no security implications.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/third_party/rust/ash/src/extensions/experimental/amd.rs+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/third_party/rust/ash/src/extensions/experimental/amd.rs@@ -25,7 +25,10 @@ * **********************************************************************************************************************/+#[cfg(feature = "debug")]+use crate::prelude::debug_flags; use crate::vk::*;+ use std::fmt; use std::os::raw::*;@@ -34,15 +37,8 @@ #[repr(transparent)] #[derive(Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash)] pub struct GpaSqShaderStageFlags(pub(crate) Flags);-vk_bitflags_wrapped!(- GpaSqShaderStageFlags,- 0b1111111111111111111111111111111,- Flags-);-// ignore clippy::use_self false positives-// changing GpaSqShaderStageFlags::PS.0 to Self::PS.0 as suggested by clippy generates:-// error[E0401]: can't use generic parameters from outer function-#[allow(clippy::use_self)]+vk_bitflags_wrapped!(GpaSqShaderStageFlags, Flags);+#[cfg(feature = "debug")] impl fmt::Debug for GpaSqShaderStageFlags { fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { const KNOWN: &[(Flags, &str)] = &[@@ -75,7 +71,8 @@ pub const GPA_DEVICE_CLOCK_MODE_INFO_AMD: Self = Self(1000133004); }-#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash, Default)]+#[derive(Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash, Default)]+#[cfg_attr(feature = "debug", derive(Debug))] #[repr(transparent)] pub struct GpaDeviceClockModeAmd(pub(crate) i32); impl GpaDeviceClockModeAmd {@@ -95,7 +92,8 @@ pub const PEAK: Self = Self(5); }-#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash, Default)]+#[derive(Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash, Default)]+#[cfg_attr(feature = "debug", derive(Debug))] #[repr(transparent)] pub struct GpaPerfBlockAmd(pub(crate) i32); impl GpaPerfBlockAmd {@@ -141,7 +139,8 @@ pub const RMI: Self = Self(31); }-#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash, Default)]+#[derive(Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash, Default)]+#[cfg_attr(feature = "debug", derive(Debug))] #[repr(transparent)] pub struct GpaSampleTypeAmd(pub(crate) i32); impl GpaSampleTypeAmd {@@ -161,7 +160,8 @@ handle_nondispatchable!(GpaSessionAmd, UNKNOWN); #[repr(C)]-#[derive(Copy, Clone, Debug)]+#[derive(Copy, Clone)]+#[cfg_attr(feature = "debug", derive(Debug))] pub struct GpaSessionCreateInfoAmd { pub s_type: StructureType, pub p_next: *const c_void,@@ -169,7 +169,8 @@ } #[repr(C)]-#[derive(Copy, Clone, Debug)]+#[derive(Copy, Clone)]+#[cfg_attr(feature = "debug", derive(Debug))] pub struct GpaPerfBlockPropertiesAmd { pub block_type: GpaPerfBlockAmd, pub flags: Flags,@@ -181,7 +182,8 @@ } #[repr(C)]-#[derive(Copy, Clone, Debug)]+#[derive(Copy, Clone)]+#[cfg_attr(feature = "debug", derive(Debug))] pub struct PhysicalDeviceGpaFeaturesAmd { pub s_type: StructureType, pub p_next: *const c_void,@@ -192,7 +194,8 @@ } #[repr(C)]-#[derive(Copy, Clone, Debug)]+#[derive(Copy, Clone)]+#[cfg_attr(feature = "debug", derive(Debug))] pub struct PhysicalDeviceGpaPropertiesAmd { pub s_type: StructureType, pub p_next: *const c_void,@@ -250,7 +253,8 @@ } #[repr(C)]-#[derive(Copy, Clone, Debug)]+#[derive(Copy, Clone)]+#[cfg_attr(feature = "debug", derive(Debug))] pub struct GpaPerfCounterAmd { pub block_type: GpaPerfBlockAmd, pub block_instance: u32,@@ -258,7 +262,8 @@ } #[repr(C)]-#[derive(Copy, Clone, Debug)]+#[derive(Copy, Clone)]+#[cfg_attr(feature = "debug", derive(Debug))] pub struct GpaSampleBeginInfoAmd { pub s_type: StructureType, pub p_next: *const c_void,@@ -279,7 +284,8 @@ } #[repr(C)]-#[derive(Copy, Clone, Debug)]+#[derive(Copy, Clone)]+#[cfg_attr(feature = "debug", derive(Debug))] pub struct GpaDeviceClockModeInfoAmd { pub s_type: StructureType, pub p_next: *const c_void,@@ -638,7 +644,8 @@ } #[repr(C)]-#[derive(Copy, Clone, Debug)]+#[derive(Copy, Clone)]+#[cfg_attr(feature = "debug", derive(Debug))] pub struct PhysicalDeviceWaveLimitPropertiesAmd { pub s_type: StructureType, pub p_next: *const c_void,@@ -698,7 +705,8 @@ } #[repr(C)]-#[derive(Copy, Clone, Debug)]+#[derive(Copy, Clone)]+#[cfg_attr(feature = "debug", derive(Debug))] pub struct PipelineShaderStageCreateInfoWaveLimitAmd { pub s_type: StructureType, pub p_next: *const c_void,
Analyzing the provided code diff, I don't see any clear security vulnerabilities being fixed. The changes appear to be primarily related to code organization and conditional compilation for debug features. Here's the analysis: 1. Vulnerability Existed: no No specific vulnerability found File: third_party/rust/ash/src/extensions/experimental/amd.rs The changes mainly involve: - Adding conditional compilation for debug features - Simplifying the vk_bitflags_wrapped! macro usage - Moving Debug trait implementations behind feature flags 2. Vulnerability Existed: no No specific vulnerability found File: third_party/rust/ash/src/extensions/experimental/amd.rs The changes show: - Removal of hardcoded bitmask value in favor of type inference - Reorganization of Debug trait implementations The changes appear to be code quality improvements rather than security fixes. The main theme is making debug-related code conditional on a feature flag, which is a common practice for production builds where debug information isn't needed. No actual security vulnerabilities are being addressed in this diff.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/dom/media/gtest/TestDeviceInputTrack.cpp+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/dom/media/gtest/TestDeviceInputTrack.cpp@@ -73,6 +73,7 @@ TEST_F(TestDeviceInputTrack, NativeInputTrackData) { const uint32_t flags = 0;+ const CubebUtils::AudioDeviceID deviceId = (void*)1; AudioGenerator<AudioDataValue> generator(mChannels, mRate); const size_t nrFrames = 10;@@ -83,8 +84,10 @@ const PrincipalHandle testPrincipal = MakePrincipalHandle(nsContentUtils::GetSystemPrincipal());- RefPtr<NativeInputTrack> track =- NativeInputTrack::Create(mGraph.get(), testPrincipal);+ auto r = NativeInputTrack::OpenAudio(mGraph.get(), deviceId, testPrincipal,+ nullptr);+ ASSERT_TRUE(r.isOk());+ RefPtr<NativeInputTrack> track = r.unwrap(); generator.GenerateInterleaved(buffer.Elements(), nrFrames); track->NotifyInputData(mGraph.get(), buffer.Elements(), nrFrames, mRate,@@ -120,6 +123,24 @@ EXPECT_EQ(chunk.mPrincipalHandle, testPrincipal); }- track->Destroy();- mGraph->RemoveTrackGraphThread(track);+ NativeInputTrack::CloseAudio(std::move(track), nullptr); }++TEST_F(TestDeviceInputTrack, OpenTwiceWithoutCloseFirst) {+ const CubebUtils::AudioDeviceID deviceId1 = (void*)1;+ const CubebUtils::AudioDeviceID deviceId2 = (void*)2;++ const PrincipalHandle testPrincipal =+ MakePrincipalHandle(nsContentUtils::GetSystemPrincipal());++ auto r1 = NativeInputTrack::OpenAudio(mGraph.get(), deviceId1, testPrincipal,+ nullptr);+ ASSERT_TRUE(r1.isOk());+ RefPtr<NativeInputTrack> track1 = r1.unwrap();++ auto r2 = NativeInputTrack::OpenAudio(mGraph.get(), deviceId2, testPrincipal,+ nullptr);+ EXPECT_TRUE(r2.isErr());++ NativeInputTrack::CloseAudio(std::move(track1), nullptr);+}
Based on the provided code diff, I'll analyze it for security vulnerabilities:
1. Vulnerability Existed: not sure
[Potential Resource Leak] [dom/media/gtest/TestDeviceInputTrack.cpp] [Lines 83-84, 120-121]
[Old Code]
RefPtr<NativeInputTrack> track =
NativeInputTrack::Create(mGraph.get(), testPrincipal);
track->Destroy();
mGraph->RemoveTrackGraphThread(track);
[Fixed Code]
auto r = NativeInputTrack::OpenAudio(mGraph.get(), deviceId, testPrincipal,
nullptr);
ASSERT_TRUE(r.isOk());
RefPtr<NativeInputTrack> track = r.unwrap();
NativeInputTrack::CloseAudio(std::move(track), nullptr);
Additional Details: The change replaces direct creation/destruction with OpenAudio/CloseAudio pattern, which might indicate previous potential resource management issues, but without more context about the NativeInputTrack implementation, I can't be certain.
2. Vulnerability Existed: yes
[Double Open Protection] [dom/media/gtest/TestDeviceInputTrack.cpp] [Lines 126-144]
[Old Code]
[No equivalent test existed before]
[Fixed Code]
TEST_F(TestDeviceInputTrack, OpenTwiceWithoutCloseFirst) {
const CubebUtils::AudioDeviceID deviceId1 = (void*)1;
const CubebUtils::AudioDeviceID deviceId2 = (void*)2;
const PrincipalHandle testPrincipal =
MakePrincipalHandle(nsContentUtils::GetSystemPrincipal());
auto r1 = NativeInputTrack::OpenAudio(mGraph.get(), deviceId1, testPrincipal,
nullptr);
ASSERT_TRUE(r1.isOk());
RefPtr<NativeInputTrack> track1 = r1.unwrap();
auto r2 = NativeInputTrack::OpenAudio(mGraph.get(), deviceId2, testPrincipal,
nullptr);
EXPECT_TRUE(r2.isErr());
NativeInputTrack::CloseAudio(std::move(track1), nullptr);
}
Additional Details: The new test explicitly checks that opening a second audio input track without closing the first one fails, which suggests protection against potential race conditions or resource conflicts when dealing with audio devices.
The changes appear to improve resource management and add protection against multiple concurrent openings of audio input tracks, though without more context about the broader system, some aspects remain uncertain.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoEditable.java+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoEditable.java@@ -800,7 +800,7 @@ SEND_COMPOSITION_NOTIFY_GECKO, SEND_COMPOSITION_KEEP_CURRENT })- /* package */ @interface CompositionFlags {}+ public @interface CompositionFlags {} // If text has composing spans, treat the entire text as a Gecko composition, // instead of just the spanned part.
Let me analyze the diff for potential security vulnerabilities:
1. Vulnerability Existed: no
Annotation Visibility Change [File] [Lines 800]
[Old Code]
/* package */ @interface CompositionFlags {}
[Fixed Code]
public @interface CompositionFlags {}
Additional Details: This change simply increases the visibility of an annotation from package-private to public. There's no security vulnerability being fixed here, just an API visibility modification.
2. Vulnerability Existed: not sure
Potential Information Exposure [File] [Lines 800]
[Old Code]
/* package */ @interface CompositionFlags {}
[Fixed Code]
public @interface CompositionFlags {}
Additional Details: While not clearly a security fix, making an annotation public could potentially expose internal implementation details that were previously hidden. However, this is speculative and not clearly a vulnerability.
The main change is simply an annotation visibility modification with no clear security implications. There are no obvious security vulnerabilities being fixed in this diff. The change appears to be more about API design than security.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/layout/style/ImportScanner.cpp+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/layout/style/ImportScanner.cpp@@ -103,14 +103,20 @@ } if (IsWhitespace(aChar)) { mInImportRule = mRuleName.LowerCaseEqualsLiteral("import");- if (mInImportRule || mRuleName.LowerCaseEqualsLiteral("charset")) {+ if (mInImportRule) {+ return State::AtRuleValue;+ }+ // Ignorable rules, we skip until the next semi-colon for these.+ if (mRuleName.LowerCaseEqualsLiteral("charset") ||+ mRuleName.LowerCaseEqualsLiteral("layer")) { MOZ_ASSERT(mRuleValue.IsEmpty());- return State::AtRuleValue;+ return State::AfterRuleValue; } } return State::Done; } case State::AtRuleValue: {+ MOZ_ASSERT(mInImportRule, "Should only get to this state for @import"); if (mRuleValue.IsEmpty()) { if (IsWhitespace(aChar)) { return mState;@@ -118,9 +124,6 @@ if (aChar == '"' || aChar == '\'') { mUrlValueDelimiterClosingChar = aChar; return State::AtRuleValueDelimited;- }- if (!mInImportRule) {- return State::Done; } if (aChar == 'u' || aChar == 'U') { mRuleValue.Append('u');@@ -157,11 +160,9 @@ return State::Done; } case State::AtRuleValueDelimited: {+ MOZ_ASSERT(mInImportRule, "Should only get to this state for @import"); if (aChar == mUrlValueDelimiterClosingChar) { return State::AfterRuleValue;- }- if (!mInImportRule) {- return mState; } if (mUrlValueDelimiterClosingChar == ')' && mRuleValue.IsEmpty()) { if (IsWhitespace(aChar)) {
Here's the analysis of the provided code diff for security fixes:
1. Vulnerability Existed: not sure
Potential State Confusion Vulnerability [File] [Lines 103-160]
[Old Code]
if (mInImportRule || mRuleName.LowerCaseEqualsLiteral("charset")) {
MOZ_ASSERT(mRuleValue.IsEmpty());
return State::AtRuleValue;
}
[Fixed Code]
if (mInImportRule) {
return State::AtRuleValue;
}
// Ignorable rules, we skip until the next semi-colon for these.
if (mRuleName.LowerCaseEqualsLiteral("charset") ||
mRuleName.LowerCaseEqualsLiteral("layer")) {
MOZ_ASSERT(mRuleValue.IsEmpty());
return State::AfterRuleValue;
}
2. Vulnerability Existed: not sure
Potential Logic Error Vulnerability [File] [Lines 118-124]
[Old Code]
if (!mInImportRule) {
return State::Done;
}
[Fixed Code]
(removed)
3. Vulnerability Existed: not sure
Potential Logic Error Vulnerability [File] [Lines 157-160]
[Old Code]
if (!mInImportRule) {
return mState;
}
[Fixed Code]
(removed)
The changes primarily involve:
1. Separating the handling of @import rules from other rules like @charset and @layer
2. Adding assertions to ensure we only process @import rules in certain states
3. Removing redundant checks for mInImportRule
4. Adding support for @layer rules
While these changes appear to improve code correctness and maintainability, I can't definitively identify specific security vulnerabilities that were fixed. The changes seem more focused on code organization and robustness rather than patching security holes. The addition of assertions suggests the developers wanted to enforce stricter state handling, which could prevent potential logic errors that might lead to security issues.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/widget/android/nsLookAndFeel.h+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/widget/android/nsLookAndFeel.h@@ -6,7 +6,25 @@ #define __nsLookAndFeel #include "nsXPLookAndFeel.h"-#include "AndroidBridge.h"++namespace mozilla {+// The order and number of the members in this structure must correspond+// to the attrsAppearance array in GeckoAppShell.getSystemColors()+struct AndroidSystemColors {+ nscolor textColorPrimary;+ nscolor textColorPrimaryInverse;+ nscolor textColorSecondary;+ nscolor textColorSecondaryInverse;+ nscolor textColorTertiary;+ nscolor textColorTertiaryInverse;+ nscolor textColorHighlight;+ nscolor colorForeground;+ nscolor colorBackground;+ nscolor panelColorForeground;+ nscolor panelColorBackground;+ nscolor colorAccent;+};+} // namespace mozilla class nsLookAndFeel final : public nsXPLookAndFeel { public:
Based on the provided diff, I'll analyze it for security vulnerabilities:
1. Vulnerability Existed: not sure
[Potential Information Exposure] [widget/android/nsLookAndFeel.h] [Lines 6-25]
[Old Code]
#include "AndroidBridge.h"
[Fixed Code]
namespace mozilla {
// The order and number of the members in this structure must correspond
// to the attrsAppearance array in GeckoAppShell.getSystemColors()
struct AndroidSystemColors {
nscolor textColorPrimary;
nscolor textColorPrimaryInverse;
nscolor textColorSecondary;
nscolor textColorSecondaryInverse;
nscolor textColorTertiary;
nscolor textColorTertiaryInverse;
nscolor textColorHighlight;
nscolor colorForeground;
nscolor colorBackground;
nscolor panelColorForeground;
nscolor panelColorBackground;
nscolor colorAccent;
};
} // namespace mozilla
Additional Details:
- The change replaces an include of "AndroidBridge.h" with a direct definition of AndroidSystemColors structure
- While this could potentially be related to security (removing a dependency that might have had security issues), there's no clear vulnerability being fixed here
- The change appears to be more about code organization and direct control over the color structure definition rather than fixing a specific security issue
- Without more context about why AndroidBridge.h was removed, it's hard to determine if this was a security fix or just a refactoring
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
--- /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_97_END/firefox-FIREFOX_RELEASE_97_END/testing/web-platform/tests/html/canvas/offscreen/the-canvas-state/2d.state.saverestore.clip.html+++ /root/PatchLeaks-main/products/firefox_downloads/FIREFOX_RELEASE_98_END/firefox-FIREFOX_RELEASE_98_END/testing/web-platform/tests/html/canvas/offscreen/the-canvas-state/2d.state.saverestore.clip.html@@ -17,8 +17,8 @@ }); t.step(function() {-var offscreenCanvas = new OffscreenCanvas(100, 50);-var ctx = offscreenCanvas.getContext('2d');+var canvas = new OffscreenCanvas(100, 50);+var ctx = canvas.getContext('2d'); ctx.fillStyle = '#f00'; ctx.fillRect(0, 0, 100, 50);@@ -28,7 +28,7 @@ ctx.restore(); ctx.fillStyle = '#0f0'; ctx.fillRect(0, 0, 100, 50);-_assertPixel(offscreenCanvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255");+_assertPixel(canvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255"); t.done(); });
Analyzing the provided code diff, here's the security analysis:
1. Vulnerability Existed: no
No security vulnerability found [File] testing/web-platform/tests/html/canvas/offscreen/the-canvas-state/2d.state.saverestore.clip.html [Lines] 17-28
[Old Code]
var offscreenCanvas = new OffscreenCanvas(100, 50);
var ctx = offscreenCanvas.getContext('2d');
...
_assertPixel(offscreenCanvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255");
[Fixed Code]
var canvas = new OffscreenCanvas(100, 50);
var ctx = canvas.getContext('2d');
...
_assertPixel(canvas, 50,25, 0,255,0,255, "50,25", "0,255,0,255");
The changes appear to be purely variable renaming from `offscreenCanvas` to `canvas` without any security implications. This is likely a code style/consistency improvement rather than a security fix. No known vulnerabilities are addressed by this change.
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.