Bug 836263: Limit max pref size to 1 MB. r=bsmedberg
authorKyle Huey <khuey@kylehuey.com>
Wed, 01 May 2013 13:21:23 -0700
changeset 137306 2e46cabb6a11212c2c256b92f019e0dad6538c22
parent 137305 9a0a3cb01e5c66c31e1f38fc11b4fbaec444dadf
child 137307 f81930d546856c00212ccec6e454235dc167fab6
push id3752
push userlsblakk@mozilla.com
push dateMon, 13 May 2013 17:21:10 +0000
treeherdermozilla-aurora@1580544aef0b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbsmedberg
bugs836263
milestone23.0a1
Bug 836263: Limit max pref size to 1 MB. r=bsmedberg
modules/libpref/src/nsPrefBranch.cpp
--- a/modules/libpref/src/nsPrefBranch.cpp
+++ b/modules/libpref/src/nsPrefBranch.cpp
@@ -24,16 +24,19 @@
 #include "mozilla/Services.h"
 
 #include "prefapi_private_data.h"
 
 #ifdef MOZ_CRASHREPORTER
 #include "nsICrashReporter.h"
 #endif
 
+// 1 MB should be enough for everyone.
+static const uint32_t MAX_PREF_LENGTH = 1 * 1024 * 1024;
+
 // Definitions
 struct EnumerateData {
   const char  *parent;
   nsTArray<nsCString> *pref_list;
 };
 
 // Prototypes
 static PLDHashOperator
@@ -396,34 +399,40 @@ NS_IMETHODIMP nsPrefBranch::SetComplexVa
     descriptorString.Append(relDescriptor);
     return SetCharPref(aPrefName, descriptorString.get());
   }
 
   if (aType.Equals(NS_GET_IID(nsISupportsString))) {
     nsCOMPtr<nsISupportsString> theString = do_QueryInterface(aValue);
 
     if (theString) {
-      nsAutoString wideString;
+      nsString wideString;
 
       rv = theString->GetData(wideString);
       if (NS_SUCCEEDED(rv)) {
+        if (wideString.Length() > MAX_PREF_LENGTH) {
+          return NS_ERROR_OUT_OF_MEMORY;
+        }
         rv = SetCharPref(aPrefName, NS_ConvertUTF16toUTF8(wideString).get());
       }
     }
     return rv;
   }
 
   if (aType.Equals(NS_GET_IID(nsIPrefLocalizedString))) {
     nsCOMPtr<nsIPrefLocalizedString> theString = do_QueryInterface(aValue);
 
     if (theString) {
       nsXPIDLString wideString;
 
       rv = theString->GetData(getter_Copies(wideString));
       if (NS_SUCCEEDED(rv)) {
+        if (wideString.Length() > MAX_PREF_LENGTH) {
+          return NS_ERROR_OUT_OF_MEMORY;
+        }
         rv = SetCharPref(aPrefName, NS_ConvertUTF16toUTF8(wideString).get());
       }
     }
     return rv;
   }
 
   NS_WARNING("nsPrefBranch::SetComplexValue - Unsupported interface type");
   return NS_NOINTERFACE;