chore: cherry-pick 81d7b3e613 from chromium (#38274)

* chore: cherry-pick 81d7b3e613 from chromium * build: bump brew cache to v6 Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com> (cherry picked from commit dbf986662b) --------- Co-authored-by: trop[bot] <37223003+trop[bot]@users.noreply.github.com>
2026-04-10 03:01:51 -04:00 · 2023-05-17 09:36:43 +01:00
parent 5af5b42422
commit 900459e1b1
3 changed files with 50 additions and 2 deletions
--- a/.circleci/config/base.yml
+++ b/.circleci/config/base.yml
@@ -355,14 +355,14 @@ step-restore-brew-cache: &step-restore-brew-cache
      - /usr/local/Cellar/gnu-tar
      - /usr/local/bin/gtar
    keys:
-      - v5-brew-cache-{{ arch }}
+      - v6-brew-cache-{{ arch }}

 step-save-brew-cache: &step-save-brew-cache
  save_cache:
    paths:
      - /usr/local/Cellar/gnu-tar
      - /usr/local/bin/gtar
-    key: v5-brew-cache-{{ arch }}
+    key: v6-brew-cache-{{ arch }}
    name: Persisting brew cache

 step-get-more-space-on-mac: &step-get-more-space-on-mac
--- a/patches/chromium/.patches
+++ b/patches/chromium/.patches
@@ -157,3 +157,4 @@ cherry-pick-63686953dc22.patch
 cherry-pick-f098ff0d1230.patch
 cherry-pick-f58218891f8c.patch
 wayland_ensure_dnd_buffer_size_is_a_multiple_of_scale.patch
+m112_cherry_pick_libxml_cve_fix.patch
--- a/patches/chromium/m112_cherry_pick_libxml_cve_fix.patch
+++ b/patches/chromium/m112_cherry_pick_libxml_cve_fix.patch
@@ -0,0 +1,47 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Joey Arhar <jarhar@chromium.org>
+Date: Fri, 21 Apr 2023 20:53:40 +0000
+Subject: M112: Cherry pick libxml CVE fix
+
+This patch cherry-picks a fix for [CVE-2023-29469] from libxml:
+https://gitlab.gnome.org/GNOME/libxml2/-/commit/547edbf1cbdccd46b2e8ff322a456eaa5931c5df
+
+I cherry-picked these by going into my libxml checkout, checking out the
+commit that libxml is at for this M112 branch, cherry-picking the CVE
+fixes, then running the roll script on all platforms.
+
+Bug: 1433328
+Change-Id: Iaee58b0890f7190386cca3e430286f39ccbbdb02
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4456592
+Commit-Queue: David Baron <dbaron@chromium.org>
+Reviewed-by: David Baron <dbaron@chromium.org>
+Commit-Queue: Joey Arhar <jarhar@chromium.org>
+Auto-Submit: Joey Arhar <jarhar@chromium.org>
+Cr-Commit-Position: refs/branch-heads/5615@{#1325}
+Cr-Branched-From: 9c6408ef696e83a9936b82bbead3d41c93c82ee4-refs/heads/main@{#1109224}
+
+diff --git a/third_party/libxml/README.chromium b/third_party/libxml/README.chromium
+index 9813d7cd51b62164cd9cad86b57a0b660d22a223..182f0a73439a5e549aed0fa01b22bdca94a8ccbc 100644
+--- a/third_party/libxml/README.chromium
+++ b/third_party/libxml/README.chromium
+@@ -25,5 +25,6 @@ Modifications:
+   in chromium's copy of maldoca. See https://github.com/google/maldoca/issues/87
+ - Add helper classes in the chromium/ subdirectory.
+ - Delete various unused files, see chromium/roll.py
+- Cherry picked fix for CVE-2023-29469
+ 
+ This import was generated by the chromium/roll.py script.
+diff --git a/third_party/libxml/src/dict.c b/third_party/libxml/src/dict.c
+index 5c9ca71940ceea9f4aec9f1e7dfb6c3ba6bd8c76..300df7a55638f4c6728a88c336b3c3197ab05676 100644
+--- a/third_party/libxml/src/dict.c
+++ b/third_party/libxml/src/dict.c
+@@ -455,7 +455,8 @@ static unsigned long
+ xmlDictComputeFastKey(const xmlChar *name, int namelen, int seed) {
+     unsigned long value = seed;
+ 
+-    if (name == NULL) return(0);
+    if ((name == NULL) || (namelen <= 0))
+        return(value);
+     value += *name;
+     value <<= 5;
+     if (namelen > 10) {