Bug 1075976 Clean up XPCOM string usage r=keeler
authorNeil Rashbrook <neil@parkwaycc.co.uk>
Sun, 05 Oct 2014 22:09:39 +0100
changeset 232114 ef8673b55bb13081809a9e8aa9f13bf967f6a2c3
parent 232113 b80fc984aaa60feec6e44884e9ffb851ddd1a6ba
child 232115 ef1cd14c8cac8a4bf009bfcda46d1628cc637aa1
push id4187
push userbhearsum@mozilla.com
push dateFri, 28 Nov 2014 15:29:12 +0000
treeherdermozilla-beta@f23cc6a30c11 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler
bugs1075976
milestone35.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1075976 Clean up XPCOM string usage r=keeler
security/manager/ssl/src/SSLServerCertVerification.cpp
--- a/security/manager/ssl/src/SSLServerCertVerification.cpp
+++ b/security/manager/ssl/src/SSLServerCertVerification.cpp
@@ -398,18 +398,17 @@ CertErrorRunnable::CheckCertOverrides()
     NS_ERROR("CertErrorRunnable::CheckCertOverrides called off main thread");
     return new SSLServerCertVerificationResult(mInfoObject,
                                                mDefaultErrorCodeToReport);
   }
 
   int32_t port;
   mInfoObject->GetPort(&port);
 
-  nsCString hostWithPortString;
-  hostWithPortString.AppendASCII(mInfoObject->GetHostNameRaw());
+  nsAutoCString hostWithPortString(mInfoObject->GetHostName());
   hostWithPortString.Append(':');
   hostWithPortString.AppendInt(port);
 
   uint32_t remaining_display_errors = mCollectedErrors;
 
   nsresult nsrv;
 
   // Enforce Strict-Transport-Security for hosts that are "STS" hosts:
@@ -435,17 +434,17 @@ CertErrorRunnable::CheckCertOverrides()
     // it is fine to continue without the nsICertOverrideService
 
     uint32_t overrideBits = 0;
 
     if (overrideService)
     {
       bool haveOverride;
       bool isTemporaryOverride; // we don't care
-      nsCString hostString(mInfoObject->GetHostName());
+      const nsACString& hostString(mInfoObject->GetHostName());
       nsrv = overrideService->HasMatchingOverride(hostString, port,
                                                   mCert,
                                                   &overrideBits,
                                                   &isTemporaryOverride,
                                                   &haveOverride);
       if (NS_SUCCEEDED(nsrv) && haveOverride)
       {
        // remove the errors that are already overriden
@@ -762,35 +761,20 @@ AccumulateSubjectCommonNameTelemetry(con
   }
 }
 
 // Returns true if and only if commonName ends with altName (minus its leading
 // "*"). altName has already been checked to be of the form "*.<something>".
 // commonName may be NULL.
 static bool
 TryMatchingWildcardSubjectAltName(const char* commonName,
-                                  nsDependentCString altName)
+                                  const nsACString& altName)
 {
-  if (!commonName) {
-    return false;
-  }
-  // altNameSubstr is now ".<something>"
-  nsDependentCString altNameSubstr(altName.get() + 1, altName.Length() - 1);
-  nsDependentCString commonNameStr(commonName, strlen(commonName));
-  int32_t altNameIndex = commonNameStr.Find(altNameSubstr);
-  // This only matches if the end of commonNameStr is the altName without
-  // the '*'.
-  // Consider this.example.com and *.example.com:
-  // "this.example.com".Find(".example.com") is 4
-  // 4 + ".example.com".Length() == 4 + 12 == 16 == "this.example.com".Length()
-  // Now this.example.com and *.example:
-  // "this.example.com".Find(".example") is 4
-  // 4 + ".example".Length() == 4 + 8 == 12 != "this.example.com".Length()
-  return altNameIndex >= 0 &&
-         altNameIndex + altNameSubstr.Length() == commonNameStr.Length();
+  return commonName &&
+         StringEndsWith(nsDependentCString(commonName), Substring(altName, 1));
 }
 
 // Gathers telemetry on Baseline Requirements 9.2.1 (Subject Alternative
 // Names Extension) and 9.2.2 (Subject Common Name Field).
 // Specifically:
 //  - whether or not the subject common name field is present
 //  - whether or not the subject alternative names extension is present
 //  - if there is a malformed entry in the subject alt. names extension
@@ -854,23 +838,23 @@ GatherBaselineRequirementsTelemetry(cons
   }
 
   CERTGeneralName* currentName = subjectAltNames;
   bool commonNameInSubjectAltNames = false;
   bool nonDNSNameOrIPAddressPresent = false;
   bool malformedDNSNameOrIPAddressPresent = false;
   bool nonFQDNPresent = false;
   do {
-    nsDependentCString altName;
+    nsAutoCString altName;
     if (currentName->type == certDNSName) {
       altName.Assign(reinterpret_cast<char*>(currentName->name.other.data),
                      currentName->name.other.len);
-      nsDependentCString altNameWithoutWildcard(altName);
-      if (altNameWithoutWildcard.Find("*.") == 0) {
-        altNameWithoutWildcard.Assign(altName.get() + 2, altName.Length() - 2);
+      nsDependentCString altNameWithoutWildcard(altName, 0);
+      if (StringBeginsWith(altNameWithoutWildcard, NS_LITERAL_CSTRING("*."))) {
+        altNameWithoutWildcard.Rebind(altName, 2);
         commonNameInSubjectAltNames |=
           TryMatchingWildcardSubjectAltName(commonName.get(), altName);
       }
       // net_IsValidHostName appears to return true for valid IP addresses,
       // which would be invalid for a DNS name.
       // Note that the net_IsValidHostName check will catch things like
       // "a.*.example.com".
       if (!net_IsValidHostName(altNameWithoutWildcard) ||
@@ -893,29 +877,29 @@ GatherBaselineRequirementsTelemetry(cons
         memcpy(&addr.inet.ip, currentName->name.other.data,
                currentName->name.other.len);
         if (PR_NetAddrToString(&addr, buf, sizeof(buf) - 1) != PR_SUCCESS) {
         PR_LOG(gPIPNSSLog, PR_LOG_DEBUG,
                ("BR telemetry: IPAddress (v4) not valid (for '%s')\n",
                 commonName.get()));
           malformedDNSNameOrIPAddressPresent = true;
         } else {
-          altName.Assign(buf, strlen(buf));
+          altName.Assign(buf);
         }
       } else if (currentName->name.other.len == 16) {
         addr.inet.family = PR_AF_INET6;
         memcpy(&addr.ipv6.ip, currentName->name.other.data,
                currentName->name.other.len);
         if (PR_NetAddrToString(&addr, buf, sizeof(buf) - 1) != PR_SUCCESS) {
         PR_LOG(gPIPNSSLog, PR_LOG_DEBUG,
                ("BR telemetry: IPAddress (v6) not valid (for '%s')\n",
                 commonName.get()));
           malformedDNSNameOrIPAddressPresent = true;
         } else {
-          altName.Assign(buf, strlen(buf));
+          altName.Assign(buf);
         }
       } else {
         PR_LOG(gPIPNSSLog, PR_LOG_DEBUG,
                ("BR telemetry: IPAddress not valid (for '%s')\n",
                 commonName.get()));
         malformedDNSNameOrIPAddressPresent = true;
       }
     } else {