Fix crash on unicode "zero width non-joiner" sequence. b=217903 r+sr=dbaron
authormats.palmgren@bredband.net
Thu, 28 Jun 2007 13:02:57 -0700
changeset 2932 b41736b5548ccfc6de35d18375eef9ba8ddad521
parent 2931 37fdaa589609ca6951a3cb4f5ae5fd25a2607d08
child 2933 a06bb370c9c9a1b8467e6db4e8a3f4549543c0ac
push idunknown
push userunknown
push dateunknown
bugs217903
milestone1.9a6pre
Fix crash on unicode "zero width non-joiner" sequence. b=217903 r+sr=dbaron
intl/unicharutil/util/nsBidiUtils.cpp
--- a/intl/unicharutil/util/nsBidiUtils.cpp
+++ b/intl/unicharutil/util/nsBidiUtils.cpp
@@ -352,16 +352,17 @@ nsresult ArabicShaping(const PRUnichar* 
   else 
    *lDest++ = *lSrc++; 
 
  }
  if(lSrc < dest)
   *lDest++ = *lSrc++; 
 
  *aBufLen = lDest - aBuf;
+ NS_ASSERTION(*aBufLen <= aLen, "ArabicShaping() likely did a buffer overflow!");
 
  if (aOutputLogical) {
   ReverseString(aBuf, *aBufLen);
  }
  return NS_OK;
 }
 
 nsresult Conv_FE_06(const nsString& aSrc, nsString& aDst)