Bug 1551984. Improve OOM and overflow handling in NS_ConsumeStream. r=froydnj
authorBoris Zbarsky <bzbarsky@mit.edu>
Wed, 15 May 2019 18:50:44 +0000
changeset 532821 e6d06a5ffa07fa63ae2aa747c6f6877029a370cf
parent 532820 f60174a073074838ef9142cd11cd4395aed7b5df
child 532822 50170a11ab589e28996b962da710acd2438bd8ad
push id11272
push userapavel@mozilla.com
push dateThu, 16 May 2019 15:28:22 +0000
treeherdermozilla-beta@2265bfc5920d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersfroydnj
bugs1551984
milestone68.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1551984. Improve OOM and overflow handling in NS_ConsumeStream. r=froydnj Differential Revision: https://phabricator.services.mozilla.com/D31312
xpcom/io/nsStreamUtils.cpp
--- a/xpcom/io/nsStreamUtils.cpp
+++ b/xpcom/io/nsStreamUtils.cpp
@@ -641,32 +641,33 @@ nsresult DoConsumeStream(nsIInputStream*
     if (avail64 == 0) {
       break;
     }
 
     uint32_t avail = (uint32_t)XPCOM_MIN<uint64_t>(avail64, aMaxCount);
 
     // resize aResult buffer
     uint32_t length = aResult.Length();
-    if (avail > UINT32_MAX - length) {
+    CheckedInt<uint32_t> newLength = CheckedInt<uint32_t>(length) + avail;
+    if (!newLength.isValid()) {
       return NS_ERROR_FILE_TOO_BIG;
     }
 
-    aResult.SetLength(length + avail);
-    if (aResult.Length() != (length + avail)) {
+    if (!aResult.SetLength(newLength.value(), fallible)) {
       return NS_ERROR_OUT_OF_MEMORY;
     }
     char* buf = ResultTraits<T>::GetStorage(aResult) + length;
 
     uint32_t n;
     rv = aStream->Read(buf, avail, &n);
     if (NS_FAILED(rv)) {
       break;
     }
     if (n != avail) {
+      MOZ_ASSERT(n < avail, "What happened there???");
       aResult.SetLength(length + n);
     }
     if (n == 0) {
       break;
     }
     aMaxCount -= n;
   }