Bug 191817 - Remove eval() usage from attachment selection code to avoid script insertion

git-svn-id: svn://10.0.0.236/branches/NETSCAPE_7_02_BRANCH@137581 18797224-902f-48f8-a5cc-f745e15eee43

mozilla/content/xul/content/src/nsXULElement.cpp

@@ -5258,12 +5258,14 @@ nsXULPrototypeScript::Compile(const PRUnichar* aText,
         // XXXbe temporary, until we serialize/deserialize everything from the
         //       nsXULPrototypeDocument on down...
         nsCOMPtr<nsIFastLoadService> fastLoadService(do_GetFastLoadService());
-        nsCOMPtr<nsIObjectOutputStream> objectOutput;
-        fastLoadService->GetOutputStream(getter_AddRefs(objectOutput));
-        if (objectOutput) {
-            rv = Serialize(objectOutput, context);
-            if (NS_FAILED(rv))
-                nsXULDocument::AbortFastLoads();
+        if (fastLoadService) {
+            nsCOMPtr<nsIObjectOutputStream> objectOutput;
+            fastLoadService->GetOutputStream(getter_AddRefs(objectOutput));
+            if (objectOutput) {
+                rv = Serialize(objectOutput, context);
+                if (NS_FAILED(rv))
+                    nsXULDocument::AbortFastLoads();
+            }
         }
     }
 

mozilla/docshell/base/nsDocShell.cpp

@@ -4463,6 +4463,7 @@ nsDocShell::InternalLoad(nsIURI * aURI,
                          nsIRequest** aRequest)
 {
     nsresult rv = NS_OK;
+    PRBool isWyciwyg = PR_FALSE;
 
     // Initialize aDocShell/aRequest
     if (aDocShell) {
@@ -4472,6 +4473,12 @@ nsDocShell::InternalLoad(nsIURI * aURI,
         *aRequest = nsnull;
     }
 
+    // wyciwyg urls can only be loaded through history. Any normal load of
+    // wyciwyg through docshell is  illegal. Disallow such loads.
+    rv = aURI->SchemeIs("wyciwyg", &isWyciwyg);   
+    if ((isWyciwyg && NS_SUCCEEDED(rv) && (aLoadType & LOAD_CMD_NORMAL)) || NS_FAILED(rv)) 
+        return NS_ERROR_FAILURE;
+
     //
     // First, notify any nsIContentPolicy listeners about the document load.
     // Only abort the load if a content policy listener explicitly vetos it!

mozilla/layout/html/document/src/nsFrameFrame.cpp

@@ -1097,10 +1097,13 @@ nsHTMLFrameInnerFrame::CreateDocShell(nsIPresContext* aPresContext)
       if (isContent) {
         nsCOMPtr<nsIDocShellTreeOwner> parentTreeOwner;
         parentAsItem->GetTreeOwner(getter_AddRefs(parentTreeOwner));
-        if(parentTreeOwner)
-          parentTreeOwner->ContentShellAdded(docShellAsItem, 
-            value.EqualsIgnoreCase("content-primary") ? PR_TRUE : PR_FALSE, 
-            value.get());
+        if(parentTreeOwner) {
+          PRBool is_primary = parentType == nsIDocShellTreeItem::typeChrome &&
+                              value.Equals(NS_LITERAL_STRING("content-primary"));
+
+          parentTreeOwner->ContentShellAdded(docShellAsItem, is_primary,
+                                             value.get());
+        }
       }
       // connect the container...
       nsCOMPtr<nsIWebShell> webShell(do_QueryInterface(mSubShell));

mozilla/mailnews/base/resources/content/msgHdrViewOverlay.js

@@ -759,20 +759,40 @@ function createNewAttachmentInfo(contentType, url, displayName, uri, notDownload
   this.notDownloaded = notDownloaded;
 }
 
-function saveAttachment(contentType, url, displayName, messageUri)
+function dofunc(aFunctionName, aFunctionArg)
 {
-  messenger.saveAttachment(contentType, url, displayName, messageUri);
+  if (aFunctionName == "saveAttachment") 
+    saveAttachment(aFunctionArg); 
+  else if (aFunctionName == "openAttachment") 
+    openAttachment(aFunctionArg); 
+  else if (aFunctionName == "printAttachment") 
+    printAttachment(aFunctionArg);
 }
 
-function openAttachment(contentType, url, displayName, messageUri)
+function saveAttachment(aAttachment)
 {
-  messenger.openAttachment(contentType, url, displayName, messageUri);
+  messenger.saveAttachment(aAttachment.contentType, 
+                           aAttachment.url, 
+                           aAttachment.displayName, 
+                           aAttachment.messageUri);
 }
 
-function printAttachmentAttachment(contentType, url, displayName, messageUri)
+function openAttachment(aAttachment)
 {
-  // we haven't implemented the ability to print attachments yet...
-  // messenger.printAttachment(contentType, url, displayName, messageUri);
+  messenger.openAttachment(aAttachment.contentType, 
+                           aAttachment.url, 
+                           aAttachment.displayName, 
+                           aAttachment.messageUri);
+}
+
+function printAttachment(aAttachment)
+{
+  /* we haven't implemented the ability to print attachments yet...
+  messenger.printAttachment(aAttachment.contentType, 
+                            aAttachment.url, 
+                            aAttachment.displayName, 
+                            aAttachment.messageUri);
+  */
 }
 
 function onShowAttachmentContextMenu()
@@ -806,32 +826,31 @@ function attachmentListClick(event)
       var target = event.target;
       if (target.localName == "listitem")
       {
-	    var commandStringSuffix = target.getAttribute("commandSuffix");
-        var openString = 'openAttachment' + commandStringSuffix;
-        eval(openString);
+	dofunc("openAttachment", target.attachment);
       }
     }
 }
 
 // on command handlers for the attachment list context menu...
-// commandPrefix matches one of our existing functions (openAttachment, saveAttachment, etc.) which we'll add to the command suffix
-// found on the listitem....
+// commandPrefix matches one of our existing functions 
+// (openAttachment, saveAttachment, etc.)
 function handleAttachmentSelection(commandPrefix)
 {
-  // get the selected attachment...and call openAttachment on it...
   var attachmentList = document.getElementById('attachmentList');
   var selectedAttachments = attachmentList.selectedItems;
   var listItem = selectedAttachments[0];
-  var commandStringSuffix = listItem.getAttribute("commandSuffix");
-  var openString = commandPrefix + commandStringSuffix;
-  eval(openString);
+
+  dofunc(commandPrefix, listItem.attachment);
 }
 
-function generateCommandSuffixForAttachment(attachment)
+function cloneAttachment(aAttachment)
 {
-  // replace ' in url with \' so we can eval() correctly
-  var attachmentUrl = attachment.url.replace(/'/g,"\\\'");
-  return "('" + attachment.contentType + "', '" + attachmentUrl + "', '" + escape(attachment.displayName) + "', '" + attachment.uri + "')";
+  var obj = new Object();
+  obj.contentType = aAttachment.contentType;
+  obj.url = aAttachment.url;
+  obj.displayName = aAttachment.displayName;
+  obj.messageUri = aAttachment.uri;
+  return obj;
 }
 
 function displayAttachmentsForExpandedView()
@@ -842,16 +861,17 @@ function displayAttachmentsForExpandedView()
     var attachmentList = document.getElementById('attachmentList');
     for (index in currentAttachments)
     {
-      var attachment = currentAttachments[index];
+      var attachment = currentAttachments[index];
+
       // we need to create a listitem to insert the attachment
       // into the attachment list..
-
-	    var item = document.createElement("listitem");
-
+	  var item = document.createElement("listitem");
       item.setAttribute("class", "listitem-iconic"); 
       item.setAttribute("label", attachment.displayName);
-      item.setAttribute("tooltip", "attachmentListTooltip");
-      item.setAttribute("commandSuffix", generateCommandSuffixForAttachment(attachment)); // set the command suffix on the listitem...
+      item.setAttribute("tooltip", "attachmentListTooltip");
+
+	  item.attachment = cloneAttachment(attachment);
+
       setApplicationIconForAttachment(attachment, item);
   	  attachmentList.appendChild(item);
     } // for each attachment
@@ -949,13 +969,13 @@ function addAttachmentToPopup(popup, attachment, attachmentIndex)
       item.setAttribute('label', formattedDisplayNameString); 
       item.setAttribute('accesskey', attachmentIndex); 
 
-      var oncommandPrefix = generateCommandSuffixForAttachment(attachment);
-
       var openpopup = document.createElement('menupopup');
       openpopup = item.appendChild(openpopup);
 
       var menuitementry = document.createElement('menuitem');     
-      menuitementry.setAttribute('oncommand', 'openAttachment' + oncommandPrefix); 
+
+      menuitementry.attachment = cloneAttachment(attachment);
+      menuitementry.setAttribute('oncommand', 'openAttachment(this.attachment)'); 
 
       if (!gSaveLabel)
         gSaveLabel = gMessengerBundle.getString("saveLabel");
@@ -974,7 +994,8 @@ function addAttachmentToPopup(popup, attachment, attachmentIndex)
       openpopup.appendChild(menuseparator);
       
       menuitementry = document.createElement('menuitem');
-      menuitementry.setAttribute('oncommand', 'saveAttachment' + oncommandPrefix); 
+      menuitementry.attachment = cloneAttachment(attachment);
+      menuitementry.setAttribute('oncommand', 'saveAttachment(this.attachment)'); 
       menuitementry.setAttribute('label', gSaveLabel); 
       menuitementry.setAttribute('accesskey', gSaveLabelAccesskey); 
       menuitementry = openpopup.appendChild(menuitementry);

mozilla/mailnews/local/src/nsPop3Protocol.cpp

@@ -57,6 +57,7 @@
 #include "nsIDocShell.h"
 
 #define EXTRA_SAFETY_SPACE 3096
+#define kLargeNumberOfMessages 50000
 
 static PRLogModuleInfo *POP3LOGMODULE = nsnull;
 
@@ -1275,7 +1276,8 @@ nsPop3Protocol::GurlResponse()
 PRInt32 nsPop3Protocol::SendList()
 {
     m_pop3ConData->msg_info = (Pop3MsgInfo *) 
-        PR_CALLOC(sizeof(Pop3MsgInfo) *	m_pop3ConData->number_of_messages);
+      PR_CALLOC(sizeof(Pop3MsgInfo) *
+      (m_pop3ConData->number_of_messages < kLargeNumberOfMessages ? m_pop3ConData->number_of_messages : kLargeNumberOfMessages));
     if (!m_pop3ConData->msg_info)
         return(MK_OUT_OF_MEMORY);
     m_pop3ConData->next_state_after_response = POP3_GET_LIST;
@@ -1336,6 +1338,19 @@ nsPop3Protocol::GetList(nsIInputStream* inputStream,
 			token = nsCRT::strtok(newStr, " ", &newStr);
 			if (token)
 				m_pop3ConData->msg_info[msg_num-1].size = atol(token);
+
+      if (msg_num >= kLargeNumberOfMessages && msg_num < m_pop3ConData->number_of_messages)
+      {
+        m_pop3ConData->msg_info = (Pop3MsgInfo *)   //allocate space for next entry
+          PR_REALLOC(m_pop3ConData->msg_info, sizeof(Pop3MsgInfo) * (msg_num + 1));
+        if (!m_pop3ConData->msg_info)
+        {
+          m_pop3ConData->number_of_messages = msg_num; //so that we don't try to free not allocated entries!
+          return(MK_OUT_OF_MEMORY);
+        }
+        m_pop3ConData->msg_info[msg_num].size = 0; //initialize
+        m_pop3ConData->msg_info[msg_num].uidl = nsnull;
+      }
 		}
 	}
 

mozilla/modules/libjar/nsZipArchive.cpp

@@ -578,8 +578,9 @@ PRInt32 nsZipArchive::ReadInit(const char* zipEntry, nsZipRead* aRead)
   if (!item)
     return ZIP_ERR_FNF; 
 
-  //-- Initialize nsZipRead object
-  aRead->Init(this, item);
+  //-- verify we can handle the compression type
+  if (item->compression != DEFLATED && item->compression != STORED)
+    return ZIP_ERR_UNSUPPORTED;
 
   //-- Read the item into memory
   //   Inflate if necessary and save in mInflatedFileBuffer
@@ -587,20 +588,20 @@ PRInt32 nsZipArchive::ReadInit(const char* zipEntry, nsZipRead* aRead)
   //   (nsJAR needs the whole file in memory before passing it on)
   char* buf = (char*)PR_Malloc(item->realsize);
   if (!buf) return ZIP_ERR_MEMORY;
-  switch(item->compression)
-  {
-    case DEFLATED:
-      result = InflateItem(item, 0, buf);
-      break;
-    case STORED:
-      result = CopyItemToBuffer(item, buf);
-      break;
-    default:
-      return ZIP_ERR_UNSUPPORTED;
-  }
+
+  if (item->compression == DEFLATED)
+    result = InflateItem(item, 0, buf);
+  else
+    result = CopyItemToBuffer(item, buf);
 
   if (result == ZIP_OK)
+  {
+    aRead->Init(this, item);
     aRead->mFileBuffer = buf;
+  }
+  else
+    PR_Free(buf);
+
   return result;
 }
   
@@ -1281,7 +1282,7 @@ PRInt32 nsZipArchive::InflateItem( const nsZipItem* aItem, PRFileDesc* fOut,
 {
   PRInt32     status = ZIP_OK;    
   PRUint32    chunk, inpos, outpos, size, crc;
-  PRUint32    bigBufSize;
+  PRUint32    bigBufSize=0;
   z_stream    zs;
   int         zerr;
   PRBool      bInflating = PR_FALSE;

mozilla/modules/libjar/zipstub.h

@@ -34,6 +34,7 @@
 
 #define PR_ASSERT         assert
 #define PR_Malloc         malloc
+#define PR_Free           free
 #define PR_FREEIF(x)      do { if (x) free(x); } while(0)
 #define PL_strfree        free
 #define PL_strcmp         strcmp

mozilla/netwerk/protocol/http/src/nsHttpChannel.cpp

@@ -532,7 +532,9 @@ nsHttpChannel::ProcessResponse()
         }
         break;
     case 303:
-    case 305:
+#if 0
+    case 305: // disabled as a security measure (see bug 187996).
+#endif
         // these redirects cannot be cached
         CloseCacheEntry(NS_ERROR_ABORT);
 
@@ -1422,29 +1424,6 @@ nsHttpChannel::ProcessRedirection(PRUint32 redirectType)
     nsCOMPtr<nsIChannel> newChannel;
     nsCOMPtr<nsIURI> newURI;
 
-    if (redirectType == 305) {
-        // we must repeat the request via the proxy specified by location
- 
-        PRInt32 proxyPort;
-        
-        // location is of the form "host:port"
-        char *p = (char *)strchr(location, ':');
-        if (p) {
-            *p = 0;
-            proxyPort = atoi(p+1);
-        }
-        else
-            proxyPort = 80;
-
-        nsCOMPtr<nsIProxyInfo> pi;
-        rv = NS_NewProxyInfo("http", location, proxyPort, getter_AddRefs(pi));
-
-        // talk to the http handler directly for this case
-        rv = nsHttpHandler::get()->
-                NewProxiedChannel(mURI, pi, getter_AddRefs(newChannel));
-        if (NS_FAILED(rv)) return rv;
-    }
-    else {
         // create a new URI using the location header and the current URL
         // as a base...
         nsCOMPtr<nsIIOService> ioService;
@@ -1507,7 +1486,6 @@ nsHttpChannel::ProcessRedirection(PRUint32 redirectType)
         rv = NS_NewChannel(getter_AddRefs(newChannel), newURI, ioService, mLoadGroup,
                            mCallbacks, newLoadFlags);
         if (NS_FAILED(rv)) return rv;
-    }
 
     // convey the original uri
     rv = newChannel->SetOriginalURI(mOriginalURI);

mozilla/security/manager/boot/src/nsSecureBrowserUIImpl.cpp

@@ -1174,19 +1174,8 @@ nsSecureBrowserUIImpl::IsURLHTTPS(nsIURI* aURL, PRBool* value)
 
 	if (!aURL)
 		return NS_OK;
-  
-	nsCAutoString scheme;
-	aURL->GetScheme(scheme);
 
-  // If no scheme, it's not an https url - not necessarily an error.
-  // See bugs 54845 and 54966  
-	if (scheme.IsEmpty())
-		return NS_OK;
-  
-	if (!PL_strncasecmp(scheme.get(), "https",  5))
-		*value = PR_TRUE;
-	
-	return NS_OK;
+  return aURL->SchemeIs("https", value);
 }
 
 void
@@ -1222,13 +1211,15 @@ nsSecureBrowserUIImpl::CheckPost(nsIURI *formURL, nsIURI *actionURL, PRBool *oka
   if (NS_FAILED(rv))
     return rv;
   
-  // if we are posting to a secure link from a secure page, all is okay.
-  if (actionSecure && formSecure) {
+  // If we are posting to a secure link, all is okay.
+  // It doesn't matter whether the currently viewed page is secure or not,
+  // because the data will be sent to a secure URL.
+  if (actionSecure) {
     return NS_OK;
   }
     
   // posting to insecure webpage from a secure webpage.
-  if (!actionSecure && formSecure) {
+  if (formSecure) {
     *okayToPost = ConfirmPostToInsecureFromSecure();
   } else {
     *okayToPost = ConfirmPostToInsecure();

mozilla/xpinstall/packager/windows/config.it

@@ -75,7 +75,7 @@ Uninstall Filename=$UninstallFile$
 
 ; This key is used as a fail over key.  This url will be used when the
 ; url in the Site Selector fails.
-url=$ArchiveUrl$
+url0=$ArchiveUrl$
 
 ; Default Setup Type values:
 ;   Setup Type 0 - first radio button (default)

mozilla/xpinstall/wizard/unix/src2/nsSetupTypeDlg.cpp

@@ -153,7 +153,7 @@ nsSetupTypeDlg::Parse(nsINIParser *aParser)
     char *currLCSec = (char *) malloc(strlen(LEGACY_CHECKd) + 3);
     if (!currLCSec) return E_MEM;
     char *currVal = NULL;
-    nsLegacyCheck *currLC = NULL, *lastLC= NULL, *nextLC = NULL;
+    nsLegacyCheck *currLC = NULL, *lastLC = NULL, *nextLC = NULL;
     nsComponent *currComp = NULL;
     nsComponent *currCompDup = NULL;
     int currIndex;
@@ -859,61 +859,66 @@ nsSetupTypeDlg::DeleteOldInst()
     int numLines = 0, i;
     char *msg = NULL, *msgPtr = NULL, *msgChunkPtr = NULL;
     char msgChunk[65];
+    nsLegacyCheck *currLC = NULL;
 
-    memset(path, 0, MAXPATHLEN);
-    ConstructPath(path, gCtx->opt->mDestination, sLegacyChecks->GetFilename());
-    DUMP(path);
-
-    // XXX implement multiple legacy checks (currently only LegacyCheck0 used)
-
-    // check if old installation exists
-    if (0 == stat(path, &dummy))
+    currLC = sLegacyChecks;
+    while (currLC)
     {
-        // throw up delete dialog 
-        sDelInstDlg = gtk_dialog_new();
-        gtk_window_set_title(GTK_WINDOW(sDelInstDlg), gCtx->opt->mTitle);
-        gtk_window_set_position(GTK_WINDOW(sDelInstDlg), GTK_WIN_POS_CENTER);
+      memset(path, 0, MAXPATHLEN);
+      ConstructPath(path, gCtx->opt->mDestination, currLC->GetFilename());
+      DUMP(path);
 
-        deleteBtn = gtk_button_new_with_label(gCtx->Res("DELETE_LABEL"));
-        cancelBtn = gtk_button_new_with_label(gCtx->Res("CANCEL_LABEL"));
+      // check if old installation exists
+      if (0 == stat(path, &dummy))
+      {
+          // throw up delete dialog 
+          sDelInstDlg = gtk_dialog_new();
+          gtk_window_set_title(GTK_WINDOW(sDelInstDlg), gCtx->opt->mTitle);
+          gtk_window_set_position(GTK_WINDOW(sDelInstDlg), GTK_WIN_POS_CENTER);
 
-        gtk_container_add(GTK_CONTAINER(GTK_DIALOG(sDelInstDlg)->action_area), 
-            deleteBtn);
-        gtk_container_add(GTK_CONTAINER(GTK_DIALOG(sDelInstDlg)->action_area),
-            cancelBtn);
-        gtk_signal_connect(GTK_OBJECT(deleteBtn), "clicked",
-                       GTK_SIGNAL_FUNC(DeleteInstDelete), sDelInstDlg);
-        gtk_signal_connect(GTK_OBJECT(cancelBtn), "clicked",
-                       GTK_SIGNAL_FUNC(DeleteInstCancel), sDelInstDlg);
+          deleteBtn = gtk_button_new_with_label(gCtx->Res("DELETE_LABEL"));
+          cancelBtn = gtk_button_new_with_label(gCtx->Res("CANCEL_LABEL"));
 
-        // wrap message at 64 columns, and truncate at 20 rows
-        msg = sLegacyChecks->GetMessage();
-        msgPtr = msg;
-        numLines = strlen(msg)/64;
-        for (i = 0; i <= numLines && i < 20; i++)
-        {
-            memset(msgChunk, 0, 65);
-            strncpy(msgChunk, msgPtr, 64);
+          gtk_container_add(GTK_CONTAINER(GTK_DIALOG(sDelInstDlg)->action_area), 
+              deleteBtn);
+          gtk_container_add(GTK_CONTAINER(GTK_DIALOG(sDelInstDlg)->action_area),
+              cancelBtn);
+          gtk_signal_connect(GTK_OBJECT(deleteBtn), "clicked",
+                         GTK_SIGNAL_FUNC(DeleteInstDelete), sDelInstDlg);
+          gtk_signal_connect(GTK_OBJECT(cancelBtn), "clicked",
+                         GTK_SIGNAL_FUNC(DeleteInstCancel), sDelInstDlg);
 
-            // pad by a line but don't allow overflow
-            if (msgPtr > msg + strlen(msg))
-                break;
+          // wrap message at 64 columns, and truncate at 20 rows
+          msg = currLC->GetMessage();
+          msgPtr = msg;
+          numLines = strlen(msg)/64;
+          for (i = 0; i <= numLines && i < 20; i++)
+          {
+              memset(msgChunk, 0, 65);
+              strncpy(msgChunk, msgPtr, 64);
 
-            // find last space
-            msgChunkPtr = strrchr(msgChunk, ' ');
-            if (64 != msgChunkPtr - msgChunk + 1)
-            {
-                msgChunk[msgChunkPtr - msgChunk] = 0;
-                msgPtr = msgPtr + (msgChunkPtr - msgChunk + 1);
-            }
-            label = gtk_label_new(msgChunk);
-            gtk_box_pack_start(GTK_BOX(GTK_DIALOG(sDelInstDlg)->vbox), label,
-                FALSE, FALSE, 0);
-        }
-        gtk_widget_show_all(sDelInstDlg);
-        sDelInstUp = TRUE;
-    
-        err = E_OLD_INST;
+              // pad by a line but don't allow overflow
+              if (msgPtr > msg + strlen(msg))
+                  break;
+
+              // find last space
+              msgChunkPtr = strrchr(msgChunk, ' ');
+              if (64 != msgChunkPtr - msgChunk + 1)
+              {
+                  msgChunk[msgChunkPtr - msgChunk] = 0;
+                  msgPtr = msgPtr + (msgChunkPtr - msgChunk + 1);
+              }
+              label = gtk_label_new(msgChunk);
+              gtk_box_pack_start(GTK_BOX(GTK_DIALOG(sDelInstDlg)->vbox), label,
+                  FALSE, FALSE, 0);
+          }
+          gtk_widget_show_all(sDelInstDlg);
+          sDelInstUp = TRUE;
+      
+          err = E_OLD_INST;
+          break;
+      }
+      currLC = currLC->GetNext();    
     }
     
     return err;

mozilla/xpinstall/wizard/windows/builder/build.pl

@@ -65,18 +65,21 @@ $cwdPackager   = GetCwd("packager", $DEPTH, $cwdBuilder);
 $verPartial    = "5.0.0.";
 $ver           = $verPartial . GetVersion($DEPTH);
 
-if(-d "$cwdDist\\stage")
+if(-d "$DEPTH\\stage")
 {
-  system("perl $cwdPackager\\windows\\rdir.pl $cwdDist\\stage");
+  system("perl $cwdPackager\\windows\\rdir.pl $DEPTH\\stage");
 }
 
-mkdir("$cwdDist\\stage", 775);
-system("perl $cwdPackager\\pkgcp.pl -s $cwdDistWin -d $cwdDist\\stage -f $cwdPackager\\packages-win -o dos -v");
+# The destination cannot be a sub directory of the source.
+# pkgcp.pl will get very unhappy.
+
+mkdir("$DEPTH\\stage", 775);
+system("perl $cwdPackager\\pkgcp.pl -s $cwdDistWin -d $DEPTH\\stage -f $cwdPackager\\packages-win -o dos -v");
 
 chdir("$cwdPackager\\windows");
-if(system("perl makeall.pl $ver $cwdDist\\stage $cwdDistWin\\install -aurl $inXpiURL -rurl $inRedirIniURL"))
+if(system("perl makeall.pl $ver $DEPTH\\stage $cwdDistWin\\install -aurl $inXpiURL -rurl $inRedirIniURL"))
 {
-  print "\n Error: perl makeall.pl $ver $cwdDist\\stage $cwdDistWin\\install $inXpiURL $inRedirIniURL\n";
+  print "\n Error: perl makeall.pl $ver $DEPTH\\stage $cwdDistWin\\install $inXpiURL $inRedirIniURL\n";
   exit(1);
 }
 
@@ -165,14 +168,23 @@ sub GetCwd
   my($distWinPathName);
   my($distPath);
 
-  # determine if build is debug or optimized
-  if($ENV{MOZ_DEBUG} eq "")
+  # determine if build was built via gmake
+  if(-e "$depthPath\\dist\\install")
   {
-    $distWinPathName = "Win32_o.obj";
+    $distWinPathName = "dist";
   }
   else
   {
-    $distWinPathName = "Win32_d.obj";
+    # determine if build is debug or optimized
+    # (used only for nmake builds)
+    if($ENV{MOZ_DEBUG} eq "")
+    {
+      $distWinPathName = "dist\\Win32_o.obj";
+    }
+    else
+    {
+      $distWinPathName = "dist\\Win32_d.obj";
+    }
   }
 
   if($whichPath eq "dist")
@@ -189,24 +201,24 @@ sub GetCwd
   elsif($whichPath eq "distwin")
   {
     # verify the existance of path
-    if(!(-e "$depthPath\\dist\\$distWinPathName"))
+    if(!(-e "$depthPath\\$distWinPathName"))
     {
-      print "path not found: $depthPath\\dist\\$distWinPathName\n";
+      print "path not found: $depthPath\\$distWinPathName\n";
       exit(1);
     }
 
-    $distPath = "$depthPath\\dist\\$distWinPathName";
+    $distPath = "$depthPath\\$distWinPathName";
   }
   elsif($whichPath eq "install")
   {
     # verify the existance of path
-    if(!(-e "$depthPath\\dist\\$distWinPathName\\install"))
+    if(!(-e "$depthPath\\$distWinPathName\\install"))
     {
-      print "path not found: $depthPath\\dist\\$distWinPathName\\install\n";
+      print "path not found: $depthPath\\$distWinPathName\\install\n";
       exit(1);
     }
 
-    $distPath = "$depthPath\\dist\\$distWinPathName\\install";
+    $distPath = "$depthPath\\$distWinPathName\\install";
   }
   elsif($whichPath eq "packager")
   {
@@ -236,17 +248,26 @@ sub GetVersion
   my($dd);
   my($hh);
 
-  # determine if build is debug or optimized
-  if($ENV{MOZ_DEBUG} eq "")
+  # determine if build was built via gmake
+  if(-e "$depthPath\\dist\\install")
   {
-    $distWinPathName = "Win32_o.obj";
+    $distWinPathName = "dist";
   }
   else
   {
-    $distWinPathName = "Win32_d.obj";
+    # determine if build is debug or optimized
+    # (used only for nmake builds)
+    if($ENV{MOZ_DEBUG} eq "")
+    {
+      $distWinPathName = "dist\\Win32_o.obj";
+    }
+    else
+    {
+      $distWinPathName = "dist\\Win32_d.obj";
+    }
   }
 
-  $fileMozilla = "$depthPath\\dist\\$distWinPathName\\bin\\mozilla.exe";
+  $fileMozilla = "$depthPath\\$distWinPathName\\bin\\mozilla.exe";
   # verify the existance of file
   if(!(-e "$fileMozilla"))
   {

mozilla/xpinstall/wizard/windows/setup/extra.c

@@ -74,6 +74,8 @@ typedef struct structVer
   ULONGLONG ullBuild;
 } verBlock;
 
+void AddGeneralUrlToIdiFile(siC *siCObject, char *szSection, char *szUrl, DWORD szUrlBufSize,
+                            int idiIndex, char *szFileIdiGetArchives);
 void  TranslateVersionStr(LPSTR szVersion, verBlock *vbVersion);
 BOOL  GetFileVersion(LPSTR szFile, verBlock *vbVersion);
 int   CompareVersion(verBlock vbVersionOld, verBlock vbVersionNew);
@@ -1200,6 +1202,37 @@ int UpdateIdiFile(char  *szPartialUrl,
   return(0);
 }
 
+void AddGeneralUrlToIdiFile(siC *siCObject, char *szSection, char *szUrl, DWORD szUrlBufSize,
+                            int idiIndex, char *szFileIdiGetArchives)
+{
+  int       generalIndex;
+  char      szKey[MAX_BUF_TINY];
+
+  generalIndex = 0;
+  wsprintf(szKey, "url%d", generalIndex);
+  GetPrivateProfileString("General",
+                          szKey,
+                          "",
+                          szUrl,
+                          szUrlBufSize,
+                          szFileIniConfig);
+  while(*szUrl != '\0')
+  {
+    wsprintf(szKey, "url%d", idiIndex);
+    UpdateIdiFile(szUrl, szUrlBufSize, siCObject, szSection, szKey, szFileIdiGetArchives);
+
+    ++idiIndex;
+    ++generalIndex;
+    wsprintf(szKey, "url%d", generalIndex);
+    GetPrivateProfileString("General",
+                            szKey,
+                            "",
+                            szUrl,
+                            szUrlBufSize,
+                            szFileIniConfig);
+  }
+}
+
 HRESULT AddArchiveToIdiFile(siC *siCObject,
                             char *szSection,
                             char *szFileIdiGetArchives)
@@ -1253,18 +1286,7 @@ HRESULT AddArchiveToIdiFile(siC *siCObject,
       ++iIndex;
     }
 
-    /* use the url from the config.ini's [General] section as well */
-    GetPrivateProfileString("General",
-                            "url",
-                            "",
-                            szUrl,
-                            sizeof(szUrl),
-                            szFileIniConfig);
-    if(*szUrl != 0)
-    {
-      wsprintf(szKey, "url%d", iIndex);
-      UpdateIdiFile(szUrl, sizeof(szUrl), siCObject, szSection, szKey, szFileIdiGetArchives);
-    }
+    AddGeneralUrlToIdiFile(siCObject, szSection, szUrl, sizeof(szUrl), iIndex, szFileIdiGetArchives);
   }
   else if(FileExists(szFile))
   {
@@ -1282,34 +1304,13 @@ HRESULT AddArchiveToIdiFile(siC *siCObject,
       ++iIndex;
     }
 
-    /* use the url from the config.ini's [General] section as well */
-    GetPrivateProfileString("General",
-                            "url",
-                            "",
-                            szUrl,
-                            sizeof(szUrl),
-                            szFileIniConfig);
-    if(*szUrl != 0)
-    {
-      wsprintf(szKey, "url%d", iIndex);
-      UpdateIdiFile(szUrl, sizeof(szUrl), siCObject, szSection, szKey, szFileIdiGetArchives);
-    }
+    AddGeneralUrlToIdiFile(siCObject, szSection, szUrl, sizeof(szUrl), iIndex, szFileIdiGetArchives);
   }
   else
   {
     /* redirect.ini is enabled, but the file does not exist,
      * so fail over to the url from the config.ini's [General] section */
-    GetPrivateProfileString("General",
-                            "url",
-                            "",
-                            szUrl,
-                            sizeof(szUrl),
-                            szFileIniConfig);
-    if(*szUrl != 0)
-    {
-      wsprintf(szKey, "url%d", iIndex);
-      UpdateIdiFile(szUrl, sizeof(szUrl), siCObject, szSection, szKey, szFileIdiGetArchives);
-    }
+    AddGeneralUrlToIdiFile(siCObject, szSection, szUrl, sizeof(szUrl), iIndex, szFileIdiGetArchives);
   }
 
   return(0);