author Tim Taubert <>
Tue, 28 Nov 2017 10:00:47 +0100
changeset 445099 9db3839609e097e84106c385e53ed12202d77f8a
parent 439217 84946a59ea8a5fae6d77053c5dc8b94ecf2e16e2
child 446417 c995692a3c92e3fc2e31849c25eb8da49afa1326
permissions -rw-r--r--
Bug 1413841 - Check for integer overflow in AesTask::DoCrypto(). r=keeler, a=gchang Summary: After calling mResult.SetLength(mData.Length() + 16) we should check that the integer addition didn't overflow. It seems at the moment impossible to create ArrayBuffers of size >= 0x0xfffffff0, however adding a check here doesn't hurt. mResult.Length() is passed to the PK11 API functions as a maxOut parameter and /should/ be checked by the softoken crypto algorithm implementations. AES-ECB and AES-GCM seem to do that correctly. Reviewers: keeler Reviewed By: keeler Subscribers: mcote, ttaubert, jcj, keeler Bug #: 1413841 Differential Revision:

# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
# vim: set filetype=python:
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at

with Files("**"):
    BUG_COMPONENT = ("Core", "Memory Allocator")

DIRS += [

    DIRS += ['volatile']

# NB: gtest dir is included in toolkit/ due to its dependency
# on libxul.

    DIRS += ['replace']