To protect the main Browser process against nefarious cookies, parse the
cookies out-of-process and then send the parsed result over IPC to the
main process. This way, if the cookie parser blows up, only that tab
will be affected.
This manually builds shared libraries for a bunch of ports. Using
libtool would be preferable but that's currently broken so I'm
linking the shared libraries manually.
This warning informs of float-to-double conversions. The best solution
seems to be to do math *either* in 32-bit *or* in 64-bit, and only to
cross over when absolutely necessary.
This patch adds a few missing ioctls which were required by Wine.
SIOCGIFNETMASK, SIOCGIFBRDADDR and SIOCGIFMTU are fully implemented,
while SIOCGIFFLAGS and SIOCGIFCONF are stubs.
The dynamic linker is already taking care of this for us. Now
that crt0 is statically linked into each executable and shared
library this breaks things because initializers are invoked twice.
Before this PR this didn't crash because crt0 and its _start()
function was contained in LibC and thus only LibC's initializers were
invoked several times which wasn't as much of a problem because
these initializers didn't have any side effects (such as malloc/free).
However, user programs are more likely to have constructors with side
effects, e.g.:
std::string g_test("hello!");
This would allocate memory when the constructor is invoked. When it is
invoked again the original allocation would be leaked and another copy
of the string would get allocated. Worse still, when the destructors are
invoked twice the memory would get free'd twice which would likely
crash the program.
Instead GCC should be used to automatically link against crt0
and crt0_shared depending on the type of object file that is being
built.
Unfortunately this requires a rebuild of the toolchain as well
as everything that has been built with the old GCC.
The _start() function attempts to call main() which is a
problem when trying to build a shared library with --no-undefined:
$ echo > t.c
$ gcc -shared -Wl,--no-undefined -o t.so t.c
/usr/local/lib/gcc/i686-pc-serenity/10.2.0/../../../../i686-pc-serenity/bin/ld:
/usr/lib/crt0_shared.o: in function `_start':
./Build/i686/../../Userland/Libraries/LibC/crt0_shared.cpp:56: undefined reference to `main'
collect2: error: ld returned 1 exit status
Also, unless explicitly requested by the user shared libraries
should not have an entry point (e.g. _start) at all.
Floating point numbers are casted to i64 and passed to the integer
formatting logic, and the floating point portion of the number is
handled separately. However, casting to i64 when the number is between
-1.0 and 0.0 produces 0, so the sign would be lost. This commit fixes
that by using put_u64 instead, which allows us to manually provide the
is_negative flag.
This is important when the window is maximized or tiled (which
recalculate_rect() will both check), as we otherwise create a gap above
the window frame (when hiding the menubar) or push the frame off the
screen (when showing the menubar).
SystemServer only allowed a single socket to be created for a service
before this. Now, SystemServer will allow any amount of sockets. The
sockets can be defined like so:
[SomeService]
Socket=/tmp/portal/socket1,/tmp/portal/socket2,/tmp/portal/socket3
SocketPermissions=660,600
The last item in SocketPermissions is applied to the remainder of the
sockets in the Socket= line, so multiple sockets can have the same
permissions without having to repeat them.
Defining multiple sockets is not allowed for socket-activated services
at the moment, and wouldn't make much sense anyway.
This patch also makes socket takeovers more robust by removing the
assumption that the socket will always be passed in fd 3. Now, the
SOCKET_TAKEOVER environment variable carries information about which
endpoint corresponds to which socket, like so:
SOCKET_TAKEOVER=/tmp/portal/socket1:3 /tmp/portal/socket2:4
and LocalServer/LocalService will parse this automatically and select
the correct one. The old behavior of getting the default socket is
preserved so long as the service only requests a single socket in
SystemServer.ini.
This flag warns on classes which have `virtual` functions but do not
have a `virtual` destructor.
This patch adds both the flag and missing destructors. The access level
of the destructors was determined by a two rules of thumb:
1. A destructor should have a similar or lower access level to that of a
constructor.
2. Having a `private` destructor implicitly deletes the default
constructor, which is probably undesirable for "interface" types
(classes with only virtual functions and no data).
In short, most of the added destructors are `protected`, unless the
compiler complained about access.
We were writing to the currently hovered menu item index in a bunch
of places, which made it very confusing to follow how it changes.
Rename Menu::set_hovered_item() to set_hovered_index() and use it
in more places instead of manipulating m_hovered_item_index.
These provide the cursor coordinate within the viewport at which the
event occurred (as opposed to the page relative coordinates exposed via
offsetX, offsetY).
