Add a new wrapping mode to the TextEditor that will wrap lines at the
spaces between words.
Replace the previous menubar checkbox 'Wrapping Mode' in HackStudio and
the TextEditor with an exclusive submenu which allows switching between
'No wrapping', 'Wrap anywhere' and 'Wrap at words'. 'Wrap anywhere' (the
new 'Wrap lines') is still the default mode.
Setting the wrapping mode in the constructors of the TextEditorWidget
and HackStudio has been removed, it is now set when constructing the
menubar actions.
Also, before calling the main program entry function, inform the kernel
that no more syscall regions can be registered.
This effectively bans syscalls from everywhere except LibC and
LibPthread. Pretty neat! :^)
The WM_* IPC messages are intended for "outsider" window management,
not for a client's own windows. Make a separate StartWindowResize
message for this.
This was the only reason that every IPC client had to know its server
side client ID.
Because it was 'static const' and also shared with userland programs,
the default keymap was defined in multiple places. This commit should
save several kilobytes! :^)
During "Emulator hacking: Let's make the userspace emulator go faster!",
the switch implented in read() was inlined (toward the end of the video).
This patch restore the assert check for any read other than 8, 16 or 32
bits was lost during the code conversion.
ctype's `iscntrl` truncates its input, making some codepoints appear as
control characters. Avoid this by checking whether the character is in
ascii to begin with.
Just wrapping to_string() in urlencode() will break the link as too many
characters are encoded. Also wrap in escape_html_entities() as well -
most relevant chars are already URL-encoded, but this will change '&' to
'&', for example.
Just ignore all these environment flags if the AT_SECURE flag is set in
the program's auxiliary vector.
This prevents a user from tricking set-uid programs into dumping debug
information via environment flags.
load_from_image() becomes map() and link(). This allows us to map
an object before mapping its dependencies.
This solves an issue where fixed-position executables (like GCC)
would clash with the ASLR placement of their own shared libraries.
Validation was happening in two steps, some in the constructor, and then
some later on, in load_from_image().
This made no sense so just move all the validation to the constructor.
Refactor DynamicLoader construction with a try_create() helper so that
we can call mmap() before making a loader. This way the loader doesn't
need to have an "mmap failed" state.
This patch also takes care of determining the ELF file size in
try_create() instead of expecting callers to provide it.
The PIDs were used for sharing shbufs between processes, but now that
we have migrated to file descriptor passing, we no longer need to know
the PID of the other side.
This patch adds an IPC call for debugging requests. It's stringly typed
and very simple, and allows us to easily implement all the features in
the Browser's Debug menu.
This is a workaround until we can implement a proper <input type=text>
in terms of LibWeb primitives.
This makes google.com not crash in multi-process mode (but there is no
search box.)
The OOPWV will now detect WebContent process crashes/disconnections and
simply create a new WebContent process in its place. We also generate a
little error page with a link to the crashing URL so you can reload and
try again.
This a huge step forward for OOPWV since it now has a feature that IPWV
can never replicate. :^)
If a window is being torn down during app shutdown, the global
application pointer may be nulled out already. So let's handle that
case gracefully in Window::hide().
Image boxes want to know whether they are inside the visible viewport.
This is used to pause/resume animations, and to update the purgeable
memory volatility state.
Previously we would traverse the entire layout tree on every resize,
calling a helper on each ImageBox. Make those boxes register with the
frame they are interested in instead, saving us all that traversal.
This also makes it easier for other parts of the code to learn about
viewport changes in the future. :^)
Remap the list of atexit handlers as read-only while we're not actively
writing to it. This prevents an attacker from using a memory write
primitive to gain code execution via the atexit list.
This is based on a technique used in OpenBSD. :^)
Section names are referred to by offset and length. We do not check
(and probably should not check) whether these names overlap in any way.
This opened the door to many sections (in this example: about 2700)
forcing ELF::Image::m_sections to contain endless copies of the same
huge string (in this case: 882K).
Fix this by loading only the first PAGE_SIZE bytes of each name.
Since section names are only relevant for relocations and debug
information and most section names are hard-coded (and far below 4096
bytes) anyway, this should be no restriction at all for 'normal'
executables.
Found by OSS-Fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29187
I overlooked a corner case where we might call the built-in ctz() on zero.
Furthermore, the calculation of the shift was wrong and the results were often
unusable.
Both issue were caused by a forgotten 36daeee34f.
This time I made sure to look at bmpsuite_files first, and now they look good.
Found by OSS-Fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28985
Previously regions were stored in a vector and then a pointer to
regions in this vector were taken and stored. The problem is the vector
were still appended after pointers were taken, if enough regions were
present the vector would grow so large that it needed a resize, this
cause his memory to moved and now the previous pointers are now
pointing to old memory we just freed.
Fixes#5160
The ImageDecoder service now returns a list of image frames, each with
a duration value.
The code for in-process image decoding is removed from LibWeb, an all
image decode requests are sent out-of-process to ImageDecoder. :^)
This won't scale super well to very long and/or large animations, but
we can work on improving that separately. The main goal here is simply
to stop doing any image decoding inside LibWeb.
Fixes#5165.
