From 2ae6019cdae450b88b7cf41adca95efaf5d0bece Mon Sep 17 00:00:00 2001
From: lvfei <lvfei@kylinos.cn>
Date: Thu, 8 Aug 2024 09:50:21 +0800
Subject: [PATCH] Fix CVE-2024-0745

---
 CVE-2024-0745.patch | 34 ++++++++++++++++++++++++++++++++++
 firefox.spec        |  7 ++++++-
 2 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2024-0745.patch

diff --git a/CVE-2024-0745.patch b/CVE-2024-0745.patch
new file mode 100644
index 0000000..b93637c
--- /dev/null
+++ b/CVE-2024-0745.patch
@@ -0,0 +1,34 @@
+From 89f7b5f74088231b7415880ee909ea88b28b3acc Mon Sep 17 00:00:00 2001
+From: Karl Tomlinson <karlt+@karlt.net>
+Date: Sun, 07 Jan 2024 23:24:05 +0000 (7 months ago)
+Subject: [PATCH] CVE-2024-0745
+
+---
+ dom/media/webaudio/OscillatorNode.cpp | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/dom/media/webaudio/OscillatorNode.cpp b/dom/media/webaudio/OscillatorNode.cpp
+index b18b0a0fe1..fa56558112 100644
+--- a/dom/media/webaudio/OscillatorNode.cpp
++++ b/dom/media/webaudio/OscillatorNode.cpp
+@@ -294,7 +294,8 @@ class OscillatorNodeEngine final : public AudioNodeEngine {
+       return;
+     }
+ 
+-    if (ticks + WEBAUDIO_BLOCK_SIZE <= mStart || ticks >= mStop) {
++    if (ticks + WEBAUDIO_BLOCK_SIZE <= mStart || ticks >= mStop ||
++        mStop <= mStart) {
+       ComputeSilence(aOutput);
+ 
+     } else {
+@@ -303,6 +304,7 @@ class OscillatorNodeEngine final : public AudioNodeEngine {
+ 
+       uint32_t start, end;
+       FillBounds(output, ticks, start, end);
++      MOZ_ASSERT(start < end);
+ 
+       // Synthesize the correct waveform.
+       switch (mType) {
+-- 
+2.33.0
+
diff --git a/firefox.spec b/firefox.spec
index 294ab00..920d5a9 100644
--- a/firefox.spec
+++ b/firefox.spec
@@ -45,7 +45,7 @@
 Summary:        Mozilla Firefox Web browser
 Name:           firefox
 Version:        115.13.0
-Release:        2
+Release:        3
 URL:            https://www.mozilla.org/firefox/
 License:        MPL-1.1 or GPL-2.0-or-later or LGPL-2.0-or-later
 Source0:        https://ftp.mozilla.org/pub/firefox/releases/%{version}esr/source/firefox-%{version}esr.source.tar.xz
@@ -131,6 +131,7 @@ Patch1004:	 add-loongarch64-support-for-authenticator.patch
 Patch1005:	 add-loongarch64-support-for-ipc.patch
 Patch1006:	 add-loongarch64-support-for-libwebrtc.patch
 Patch1007:	 backport-Bug-1782159-to-support-loongarch64.patch
+Patch1008:   CVE-2024-0745.patch
 
 # BUILD REQURES/REQUIRES
 %if %{?system_nss}
@@ -452,6 +453,7 @@ cd -
 %patch1005 -p1
 %patch1006 -p1
 %patch1007 -p1
+%patch1008 -p1
 
 %{__rm} -f .mozconfig
 %{__cp} %{SOURCE10} .mozconfig
@@ -970,6 +972,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 %endif
 
 %changelog
+* Mon Aug 05 2024 lvfei <lvfei@kylinos.cn> - 102.15.0-3
+- Fix CVE-2024-0745
+
 * Sat Aug 03 2024 lvfei <lvfei@kylinos.cn> - 102.15.0-2
 - Fix bad date in changelog
 
-- 
Gitee