bug 1549249 - build bustage follow-up r=mt,dveditz a=tomprince
authorDana Keeler <dkeeler@mozilla.com>
Tue, 07 May 2019 00:16:00 +0000
changeset 526504 c8de3e36fb00966f1412d7dfddb5bfb08d45b816
parent 526503 8f9fdaef9fc06cd0dda8edcb6e58aa37efbf2ddf
child 526505 1f340ca817e4fa37d67e4f88dfedcb1233f4b22a
push id2032
push userffxbld-merge
push dateMon, 13 May 2019 09:36:57 +0000
treeherdermozilla-release@455c1065dcbe [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmt, dveditz, tomprince
bugs1549249
milestone67.0
bug 1549249 - build bustage follow-up r=mt,dveditz a=tomprince SECItem uses an unsigned int to indicate its length. We need to cast a size_t down to the appropriate size. This is safe because what we're casting will always fit in an unsigned int on the platforms we're using (it's just the size of the intermediate certificate we added). Differential Revision: https://phabricator.services.mozilla.com/D30144
security/apps/AppTrustDomain.cpp
--- a/security/apps/AppTrustDomain.cpp
+++ b/security/apps/AppTrustDomain.cpp
@@ -129,17 +129,18 @@ nsresult AppTrustDomain::SetTrustedRoot(
   // If we're verifying add-ons signed by our production root, we want to make
   // sure a valid intermediate certificate is available for path building.
   // Merely holding this alive in memory makes it available for NSS to find in
   // AppTrustDomain::FindIssuer.
   if (trustedRoot == nsIX509CertDB::AddonsPublicRoot) {
     SECItem intermediateDER = {
         siBuffer,
         const_cast<uint8_t*>(addonsPublicIntermediate),
-        mozilla::ArrayLength(addonsPublicIntermediate),
+        static_cast<unsigned int>(
+            mozilla::ArrayLength(addonsPublicIntermediate)),
     };
     mAddonsIntermediate.reset(CERT_NewTempCertificate(
         CERT_GetDefaultCertDB(), &intermediateDER, nullptr, false, true));
     if (!mAddonsIntermediate) {
       return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
     }
   }