From 23764a17b9710165cc2eb17afd797a98ecf3766c Mon Sep 17 00:00:00 2001
From: lvfei <lvfei@kylinos.cn>
Date: Mon, 19 Aug 2024 10:05:13 +0800
Subject: [PATCH] Fix CVE-2024-0745

---
 CVE-2024-0745.patch | 34 ++++++++++++++++++++++++++++++++++
 firefox.spec        |  9 +++++++--
 2 files changed, 41 insertions(+), 2 deletions(-)
 create mode 100644 CVE-2024-0745.patch

diff --git a/CVE-2024-0745.patch b/CVE-2024-0745.patch
new file mode 100644
index 0000000..2dba56f
--- /dev/null
+++ b/CVE-2024-0745.patch
@@ -0,0 +1,34 @@
+From ac6bc755e84784d3bea75eb63b9156c49e95019c Mon Sep 17 00:00:00 2001
+From: Karl Tomlinson <karlt+@karlt.net>
+Date: Sun, 07 Jan 2024 23:24:05 +0000 (7 months ago)
+Subject: [PATCH] CVE-2024-0745
+
+---
+ dom/media/webaudio/OscillatorNode.cpp | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/dom/media/webaudio/OscillatorNode.cpp b/dom/media/webaudio/OscillatorNode.cpp
+index 2089ce170c..1427f9ece0 100644
+--- a/dom/media/webaudio/OscillatorNode.cpp
++++ b/dom/media/webaudio/OscillatorNode.cpp
+@@ -293,7 +293,8 @@ class OscillatorNodeEngine final : public AudioNodeEngine {
+       return;
+     }
+ 
+-    if (ticks + WEBAUDIO_BLOCK_SIZE <= mStart || ticks >= mStop) {
++    if (ticks + WEBAUDIO_BLOCK_SIZE <= mStart || ticks >= mStop ||
++         mStop <= mStart) {
+       ComputeSilence(aOutput);
+ 
+     } else {
+@@ -302,6 +303,7 @@ class OscillatorNodeEngine final : public AudioNodeEngine {
+ 
+       uint32_t start, end;
+       FillBounds(output, ticks, start, end);
++      MOZ_ASSERT(start < end);
+ 
+       // Synthesize the correct waveform.
+       switch (mType) {
+-- 
+2.33.0
+
diff --git a/firefox.spec b/firefox.spec
index edb5325..72983c4 100644
--- a/firefox.spec
+++ b/firefox.spec
@@ -88,7 +88,7 @@
 Summary:             Mozilla Firefox Web browser
 Name:                firefox
 Version:             79.0
-Release:             30
+Release:             31
 URL:                 https://www.mozilla.org/firefox/
 License:             MPLv1.1 or GPLv2+ or LGPLv2+
 Source0:             https://archive.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz
@@ -211,6 +211,7 @@ Patch667:            CVE-2021-29984.patch
 Patch668:            CVE-2021-29988.patch
 Patch669:            CVE-2021-23998.patch
 Patch670:            CVE-2022-29912.patch
+Patch671:            CVE-2024-0745.patch
 
 %if %{?system_nss}
 BuildRequires:       pkgconfig(nspr) >= %{nspr_version} pkgconfig(nss) >= %{nss_version}
@@ -416,6 +417,7 @@ tar -xf %{SOURCE3}
 %patch668 -p1
 %patch669 -p1
 %patch670 -p1
+%patch671 -p1
 
 %{__rm} -f .mozconfig
 %{__cp} %{SOURCE10} .mozconfig
@@ -864,8 +866,11 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 %endif
 
 %changelog
+* Wed Aug 14 2024 lvfei <lvfei@kylinos.cn> - 79.0-31
+- Fix CVE-2024-0745
+
 * Sat Aug 03 2024 lvfei <lvfei@kylinos.cn> - 79.0-30
-- Fix CVE-2022-29912.patch
+- Fix CVE-2022-29912
 
 * Mon Jul 22 2024 technology208 <technology@208suo.com> - 79.0-29
 - Fix CVE-2021-23998
-- 
Gitee