1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
Fixes CVE-2024-11693 (Download Protections were bypassed by .library-ms files on Windows)
Copied from <https://hg.mozilla.org/releases/mozilla-esr128/rev/e983e8a66e515a2e32497cec1b3ccf439396dadc>
# HG changeset patch
# User Marco Bonardo <mbonardo@mozilla.com>
# Date 1730555916 0
# Node ID e983e8a66e515a2e32497cec1b3ccf439396dadc
# Parent 893b0489efa4b18355ea91113c28bf7c731a2749
Bug 1921458. a=dmeehan
Original Revision: https://phabricator.services.mozilla.com/D226775
Differential Revision: https://phabricator.services.mozilla.com/D227221
diff --git a/toolkit/components/reputationservice/ApplicationReputation.cpp b/toolkit/components/reputationservice/ApplicationReputation.cpp
--- a/toolkit/components/reputationservice/ApplicationReputation.cpp
+++ b/toolkit/components/reputationservice/ApplicationReputation.cpp
@@ -286,16 +286,17 @@ const char* const ApplicationReputationS
#endif
//".job", // Windows
//".jpg",
//".jpeg",
//".js", exec // JavaScript script
//".jse", exec // JScript
".ksh", // Linux shell
//".lha",
+ //".library-ms", exec // Windows
//".lnk", exec // Windows
".local", // Windows
//".lpaq1",
//".lpaq5",
//".lpaq8",
//".lzh",
//".lzma",
//".mad", exec // MS Access
diff --git a/toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp b/toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp
--- a/toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp
+++ b/toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp
@@ -116,16 +116,17 @@ static const char* const kTestFileExtens
".isp", // IIS config
".jar", // Java
#ifndef MOZ_ESR
".jnlp", // Java
#endif
".js", // JavaScript script
".jse", // JScript
".ksh", // Linux shell
+ ".library-ms", // Windows Library Files
".lnk", // Windows
".local", // Windows
".mad", // MS Access
".maf", // MS Access
".mag", // MS Access
".mam", // MS Access
".manifest", // Windows
".maq", // MS Access
diff --git a/xpcom/io/nsLocalFileCommon.cpp b/xpcom/io/nsLocalFileCommon.cpp
--- a/xpcom/io/nsLocalFileCommon.cpp
+++ b/xpcom/io/nsLocalFileCommon.cpp
@@ -67,16 +67,17 @@ const char* const sExecutableExts[] = {
".ins",
".isp",
".jar", // java application bundle
#ifndef MOZ_ESR
".jnlp",
#endif
".js",
".jse",
+ ".library-ms", // Windows Library Files
".lnk",
".mad", // Access Module Shortcut
".maf", // Access
".mag", // Access Diagram Shortcut
".mam", // Access Macro Shortcut
".maq", // Access Query Shortcut
".mar", // Access Report Shortcut
".mas", // Access Stored Procedure
diff --git a/xpcom/io/nsLocalFileCommon.h b/xpcom/io/nsLocalFileCommon.h
--- a/xpcom/io/nsLocalFileCommon.h
+++ b/xpcom/io/nsLocalFileCommon.h
@@ -3,14 +3,14 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef _NS_LOCAL_FILE_COMMON_H_
#define _NS_LOCAL_FILE_COMMON_H_
#ifdef MOZ_ESR
-extern const char* const sExecutableExts[108];
+extern const char* const sExecutableExts[109];
#else
-extern const char* const sExecutableExts[109];
+extern const char* const sExecutableExts[110];
#endif
#endif
|