Bug 1356025 - Add Capacity checks to nsTSubstring constructor. r=froydnj
authorEric Rahm <erahm@mozilla.com>
Mon, 15 May 2017 16:52:43 -0700
changeset 406661 cd5ae949a6b9a2b28f46e4aff033468cf91f7ae5
parent 406660 17c6f55e1bdc5c931f12c9893b76cd77ecf39918
child 406662 39a921250465a46d7466c434b5c3eca8d260caf3
push id7391
push usermtabara@mozilla.com
push dateMon, 12 Jun 2017 13:08:53 +0000
treeherdermozilla-beta@2191d7f87e2e [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersfroydnj
bugs1356025
milestone55.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1356025 - Add Capacity checks to nsTSubstring constructor. r=froydnj MozReview-Commit-ID: 6RIwuvalcRz
xpcom/string/nsTSubstring.cpp
xpcom/string/nsTSubstring.h
--- a/xpcom/string/nsTSubstring.cpp
+++ b/xpcom/string/nsTSubstring.cpp
@@ -17,16 +17,18 @@ const nsTSubstring_CharT::size_type nsTS
         2 - sizeof(nsStringBuffer)) /
     sizeof(nsTSubstring_CharT::char_type) - 2;
 
 #ifdef XPCOM_STRING_CONSTRUCTOR_OUT_OF_LINE
 nsTSubstring_CharT::nsTSubstring_CharT(char_type* aData, size_type aLength,
                                        uint32_t aFlags)
   : nsTStringRepr_CharT(aData, aLength, aFlags)
 {
+  MOZ_RELEASE_ASSERT(CheckCapacity(aLength), "String is too large.");
+
   if (aFlags & F_OWNED) {
     STRING_STAT_INCREMENT(Adopt);
     MOZ_LOG_CTOR(mData, "StringAdopt", 1);
   }
 }
 #endif /* XPCOM_STRING_CONSTRUCTOR_OUT_OF_LINE */
 
 /**
--- a/xpcom/string/nsTSubstring.h
+++ b/xpcom/string/nsTSubstring.h
@@ -1117,16 +1117,17 @@ protected:
 #if defined(DEBUG) || defined(FORCE_BUILD_REFCNT_LOGGING)
 #define XPCOM_STRING_CONSTRUCTOR_OUT_OF_LINE
   nsTSubstring_CharT(char_type* aData, size_type aLength, uint32_t aFlags);
 #else
 #undef XPCOM_STRING_CONSTRUCTOR_OUT_OF_LINE
   nsTSubstring_CharT(char_type* aData, size_type aLength, uint32_t aFlags)
     : nsTStringRepr_CharT(aData, aLength, aFlags)
   {
+    MOZ_RELEASE_ASSERT(CheckCapacity(aLength), "String is too large.");
   }
 #endif /* DEBUG || FORCE_BUILD_REFCNT_LOGGING */
 
   /**
    * this function releases mData and does not change the value of
    * any of its member variables.  in other words, this function acts
    * like a destructor.
    */