Bug 525755 - crash [@ nsZipArchive::BuildFileList] using jar: with the file protocol without a '/' for the root of the filesystem. r=alfredkayser
authorTaras Glek <tglek@mozilla.com>
Sat, 07 Nov 2009 16:19:20 +0100
changeset 34662 c0841e95b55dfe5092ebef86e31b9f11e8428949
parent 34661 0d83b7b454316def9be501499f4444c9914c9293
child 34663 9e8abf3adb4cde93aab41c503de555e238e0c0fc
push id10162
push userdgottwald@mozilla.com
push dateSat, 07 Nov 2009 15:20:02 +0000
treeherdermozilla-central@c0841e95b55d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersalfredkayser
bugs525755
milestone1.9.3a1pre
Bug 525755 - crash [@ nsZipArchive::BuildFileList] using jar: with the file protocol without a '/' for the root of the filesystem. r=alfredkayser
modules/libjar/nsZipArchive.cpp
modules/libjar/test/unit/test_dirjar_bug525755.js
--- a/modules/libjar/nsZipArchive.cpp
+++ b/modules/libjar/nsZipArchive.cpp
@@ -175,27 +175,34 @@ nsresult nsZipHandle::Init(PRFileDesc *f
 {
   PRInt64 size = PR_Available64(fd);
   if (size >= PR_INT32_MAX)
     return NS_ERROR_FILE_TOO_BIG;
 
   PRFileMap *map = PR_CreateFileMap(fd, size, PR_PROT_READONLY);
   if (!map)
     return NS_ERROR_FAILURE;
+  
+  PRUint8 *buf = (PRUint8*) PR_MemMap(map, 0, (PRUint32) size);
+  // Bug 525755: PR_MemMap fails when fd points at something other than a normal file.
+  if (!buf) {
+    PR_CloseFileMap(map);
+    return NS_ERROR_FAILURE;
+  }
 
   nsZipHandle *handle = new nsZipHandle();
   if (!handle) {
     PR_CloseFileMap(map);
     return NS_ERROR_OUT_OF_MEMORY;
   }
 
   handle->mFd = fd;
   handle->mMap = map;
   handle->mLen = (PRUint32) size;
-  handle->mFileData = (PRUint8*) PR_MemMap(map, 0, handle->mLen);
+  handle->mFileData = buf;
   handle->AddRef();
   *ret = handle;
   return NS_OK;
 }
 
 nsZipHandle::~nsZipHandle()
 {
   if (mFileData) {
new file mode 100644
--- /dev/null
+++ b/modules/libjar/test/unit/test_dirjar_bug525755.js
@@ -0,0 +1,55 @@
+/* -*- Mode: Java; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim:set ts=2 sw=2 sts=2 et: */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is
+ * Taras Glek <tglek@mozilla.com>
+ * Portions created by the Initial Developer are Copyright (C) 2006
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+// Check that we refuse to open weird files
+function run_test() {
+  const Cc = Components.classes;
+  const Ci = Components.interfaces;
+  // open a bogus file
+  var file = do_get_file("/");
+
+  var zipreader = Cc["@mozilla.org/libjar/zip-reader;1"].
+                  createInstance(Ci.nsIZipReader);
+  var failed = false;
+  try {
+    zipreader.open(file);
+  } catch (e) {
+    failed = true;
+  }
+  do_check_true(failed);
+  zipreader = null;
+}
+