From d1a43a8c58bde5932fb45fae90e904701c971dac Mon Sep 17 00:00:00 2001
From: lvfei <lvfei@kylinos.cn>
Date: Wed, 22 May 2024 16:30:09 +0800
Subject: [PATCH] Fix CVE-2022-40961

---
 CVE-2022-40961.patch | 28 ++++++++++++++++++++++++++++
 firefox.spec         |  9 +++++++--
 2 files changed, 35 insertions(+), 2 deletions(-)
 create mode 100644 CVE-2022-40961.patch

diff --git a/CVE-2022-40961.patch b/CVE-2022-40961.patch
new file mode 100644
index 0000000..6e25a11
--- /dev/null
+++ b/CVE-2022-40961.patch
@@ -0,0 +1,28 @@
+From 0bebe37e1dbae3b7bfe171fbc5bfbb1f8397858f Mon Sep 17 00:00:00 2001
+From: Jamie Nicol <jnicol@mozilla.com>
+Date: Thu, 18 Aug 2022 12:57:47 +0000 (21 months ago)
+Subject: [PATCH] CVE-2022-40961
+
+---
+ widget/GfxDriverInfo.h | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/widget/GfxDriverInfo.h b/widget/GfxDriverInfo.h
+index 82b3b77d73..1a5dcbe215 100644
+--- a/widget/GfxDriverInfo.h
++++ b/widget/GfxDriverInfo.h
+@@ -431,7 +431,10 @@ inline bool SplitDriverVersion(const char* aSource, char* aAStr, char* aBStr,
+ 
+   // Add last terminator.
+   MOZ_ASSERT(destIdx < 4 && destPos <= 4);
+-  dest[destIdx][destPos] = 0;
++  dest[destIdx][destPos] = 0; 
++  for (int unusedDestIdx = destIdx + 1; unusedDestIdx < 4; unusedDestIdx++) {
++    dest[unusedDestIdx][0] = 0;
++  }
+ 
+   if (destIdx != 3) {
+     return false;
+-- 
+2.27.0
+
diff --git a/firefox.spec b/firefox.spec
index d1e557b..b56c993 100644
--- a/firefox.spec
+++ b/firefox.spec
@@ -88,7 +88,7 @@
 Summary:             Mozilla Firefox Web browser
 Name:                firefox
 Version:             79.0
-Release:             21
+Release:             22
 URL:                 https://www.mozilla.org/firefox/
 License:             MPLv1.1 or GPLv2+ or LGPLv2+
 Source0:             https://archive.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz
@@ -200,6 +200,7 @@ Patch656:            CVE-2023-44488.patch
 Patch657:            CVE-2020-26950.patch
 Patch658:            CVE-2020-26971.patch
 Patch659:            CVE-2021-29946.patch
+Patch660:            CVE-2022-40961.patch
 
 %if %{?system_nss}
 BuildRequires:       pkgconfig(nspr) >= %{nspr_version} pkgconfig(nss) >= %{nss_version}
@@ -394,6 +395,7 @@ tar -xf %{SOURCE3}
 %patch657 -p1
 %patch658 -p1
 %patch659 -p1
+%patch660 -p1
 
 %{__rm} -f .mozconfig
 %{__cp} %{SOURCE10} .mozconfig
@@ -842,8 +844,11 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 %endif
 
 %changelog
+* Mon May 20 2024 lvfei <lvfei@kylinos.cn> - 79.0-22
+- Fix CVE-2022-40961
+
 * Mon May 13 2024 lvfei <lvfei@kylinos.cn> - 79.0-21
-- Fix CVE-2021-29946.patch
+- Fix CVE-2021-29946
 
 * Tue May 07 2024 lvfei <lvfei@kylinos.cn> - 79.0-20
 - Fix CVE-2020-26971
-- 
Gitee