Bug 1261744 - Add two missing null checks for nsStringBuffer::Alloc(). r=erahm.
authorNicholas Nethercote <nnethercote@mozilla.com>
Thu, 07 Apr 2016 09:35:50 +1000
changeset 292567 68ae46f52b62844de2152e6694b2ea150848e3e0
parent 292566 80828d9156c50b1ae7971585b12146b262a6db2e
child 292568 82bd962907de50af6516640ef674f0c764480383
push id74888
push usernnethercote@mozilla.com
push dateMon, 11 Apr 2016 06:24:33 +0000
treeherdermozilla-inbound@68ae46f52b62 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerserahm
bugs1261744
milestone48.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1261744 - Add two missing null checks for nsStringBuffer::Alloc(). r=erahm.
parser/html/nsHtml5Atom.cpp
xpcom/ds/nsAtomTable.cpp
--- a/parser/html/nsHtml5Atom.cpp
+++ b/parser/html/nsHtml5Atom.cpp
@@ -9,17 +9,23 @@
 nsHtml5Atom::nsHtml5Atom(const nsAString& aString)
 {
   mLength = aString.Length();
   mIsStatic = false;
   RefPtr<nsStringBuffer> buf = nsStringBuffer::FromString(aString);
   if (buf) {
     mString = static_cast<char16_t*>(buf->Data());
   } else {
-    buf = nsStringBuffer::Alloc((mLength + 1) * sizeof(char16_t));
+    const size_t size = (mLength + 1) * sizeof(char16_t);
+    buf = nsStringBuffer::Alloc(size);
+    if (MOZ_UNLIKELY(!buf)) {
+      // We OOM because atom allocations should be small and it's hard to
+      // handle them more gracefully in a constructor.
+      NS_ABORT_OOM(size);
+    }
     mString = static_cast<char16_t*>(buf->Data());
     CopyUnicodeTo(aString, 0, mString, mLength);
     mString[mLength] = char16_t(0);
   }
 
   NS_ASSERTION(mString[mLength] == char16_t(0), "null terminated");
   NS_ASSERTION(buf && buf->StorageSize() >= (mLength+1) * sizeof(char16_t),
                "enough storage");
--- a/xpcom/ds/nsAtomTable.cpp
+++ b/xpcom/ds/nsAtomTable.cpp
@@ -74,17 +74,23 @@ public:
   DynamicAtom(const nsAString& aString, uint32_t aHash)
   {
     mLength = aString.Length();
     mIsStatic = false;
     RefPtr<nsStringBuffer> buf = nsStringBuffer::FromString(aString);
     if (buf) {
       mString = static_cast<char16_t*>(buf->Data());
     } else {
-      buf = nsStringBuffer::Alloc((mLength + 1) * sizeof(char16_t));
+      const size_t size = (mLength + 1) * sizeof(char16_t);
+      buf = nsStringBuffer::Alloc(size);
+      if (MOZ_UNLIKELY(!buf)) {
+        // We OOM because atom allocations should be small and it's hard to
+        // handle them more gracefully in a constructor.
+        NS_ABORT_OOM(size);
+      }
       mString = static_cast<char16_t*>(buf->Data());
       CopyUnicodeTo(aString, 0, mString, mLength);
       mString[mLength] = char16_t(0);
     }
 
     mHash = aHash;
     MOZ_ASSERT(mHash == HashString(mString, mLength));