Bug 1399379 - Use memcpy to import/export SRI hashes to the JS bytecode buffer. r=francois
authorNicolas B. Pierron <nicolas.b.pierron@mozilla.com>
Tue, 03 Oct 2017 10:00:00 -0400
changeset 1311825 1fec7f1ae11efc08d966fc3ef67d5247a885af95
parent 1311824 5e12ee5d415105246e00131ac6c965c2ac53ef69
child 1311826 2f2f41234c44d7f29bf0aa7e2a4acf2d5016e2af
child 1311829 f0577a6a71025f3dee17c57dd90d3cdeec071e16
push id225897
push useropettay@mozilla.com
push dateWed, 04 Oct 2017 19:25:01 +0000
treeherdertry@2f2f41234c44 [default view] [failures only]
reviewersfrancois
bugs1399379
milestone58.0a1
Bug 1399379 - Use memcpy to import/export SRI hashes to the JS bytecode buffer. r=francois
dom/security/SRICheck.cpp
--- a/dom/security/SRICheck.cpp
+++ b/dom/security/SRICheck.cpp
@@ -425,17 +425,18 @@ SRICheckDataVerifier::DataSummaryLength(
   // we expect to always encode an SRI, even if it is empty or incomplete
   if (aDataLen < EmptyDataSummaryLength()) {
     SRILOG(("SRICheckDataVerifier::DataSummaryLength, encoded length[%u] is too small", aDataLen));
     return NS_ERROR_SRI_IMPORT;
   }
 
   // decode the content of the buffer
   size_t offset = sizeof(mHashType);
-  size_t len = *reinterpret_cast<const decltype(mHashLength)*>(&aData[offset]);
+  decltype(mHashLength) len = 0;
+  memcpy(&len, &aData[offset], sizeof(mHashLength));
   offset += sizeof(mHashLength);
 
   SRIVERBOSE(("SRICheckDataVerifier::DataSummaryLength, header {%x, %x, %x, %x, %x, ...}",
               aData[0], aData[1], aData[2], aData[3], aData[4]));
 
   if (offset + len > aDataLen) {
     SRILOG(("SRICheckDataVerifier::DataSummaryLength, encoded length[%u] overflow the buffer size", aDataLen));
     SRIVERBOSE(("SRICheckDataVerifier::DataSummaryLength, offset[%u], len[%u]",
@@ -462,28 +463,30 @@ SRICheckDataVerifier::ImportDataSummary(
     return NS_ERROR_SRI_IMPORT;
   }
 
   SRIVERBOSE(("SRICheckDataVerifier::ImportDataSummary, header {%x, %x, %x, %x, %x, ...}",
               aData[0], aData[1], aData[2], aData[3], aData[4]));
 
   // decode the content of the buffer
   size_t offset = 0;
-  if (*reinterpret_cast<const decltype(mHashType)*>(&aData[offset]) != mHashType) {
+  decltype(mHashType) hashType;
+  memcpy(&hashType, &aData[offset], sizeof(mHashType));
+  if (hashType != mHashType) {
     SRILOG(("SRICheckDataVerifier::ImportDataSummary, hash type[%d] does not match[%d]",
-            *reinterpret_cast<const decltype(mHashType)*>(&aData[offset]),
-             mHashType));
+            hashType, mHashType));
     return NS_ERROR_SRI_UNEXPECTED_HASH_TYPE;
   }
   offset += sizeof(mHashType);
 
-  if (*reinterpret_cast<const decltype(mHashLength)*>(&aData[offset]) != mHashLength) {
+  decltype(mHashLength) hashLength;
+  memcpy(&hashLength, &aData[offset], sizeof(mHashLength));
+  if (hashLength != mHashLength) {
     SRILOG(("SRICheckDataVerifier::ImportDataSummary, hash length[%d] does not match[%d]",
-            *reinterpret_cast<const decltype(mHashLength)*>(&aData[offset]),
-             mHashLength));
+            hashLength, mHashLength));
     return NS_ERROR_SRI_UNEXPECTED_HASH_TYPE;
   }
   offset += sizeof(mHashLength);
 
   // copy the hash to mComputedHash, as-if we had finished streaming the bytes
   mComputedHash.Assign(reinterpret_cast<const char*>(&aData[offset]), mHashLength);
   mCryptoHash = nullptr;
   mComplete = true;
@@ -495,19 +498,19 @@ SRICheckDataVerifier::ExportDataSummary(
 {
   MOZ_ASSERT(!mInvalidMetadata); // mHashType and mHashLength should be valid
   MOZ_ASSERT(mComplete); // finished streaming
   NS_ENSURE_ARG_POINTER(aData);
   NS_ENSURE_TRUE(aDataLen >= DataSummaryLength(), NS_ERROR_INVALID_ARG);
 
   // serialize the hash in the buffer
   size_t offset = 0;
-  *reinterpret_cast<decltype(mHashType)*>(&aData[offset]) = mHashType;
+  memcpy(&aData[offset], &mHashType, sizeof(mHashType));
   offset += sizeof(mHashType);
-  *reinterpret_cast<decltype(mHashLength)*>(&aData[offset]) = mHashLength;
+  memcpy(&aData[offset], &mHashLength, sizeof(mHashLength));
   offset += sizeof(mHashLength);
 
   SRIVERBOSE(("SRICheckDataVerifier::ExportDataSummary, header {%x, %x, %x, %x, %x, ...}",
               aData[0], aData[1], aData[2], aData[3], aData[4]));
 
   // copy the hash to mComputedHash, as-if we had finished streaming the bytes
   nsCharTraits<char>::copy(reinterpret_cast<char*>(&aData[offset]),
                            mComputedHash.get(), mHashLength);
@@ -517,19 +520,19 @@ SRICheckDataVerifier::ExportDataSummary(
 nsresult
 SRICheckDataVerifier::ExportEmptyDataSummary(uint32_t aDataLen, uint8_t* aData)
 {
   NS_ENSURE_ARG_POINTER(aData);
   NS_ENSURE_TRUE(aDataLen >= EmptyDataSummaryLength(), NS_ERROR_INVALID_ARG);
 
   // serialize an unknown hash in the buffer, to be able to skip it later
   size_t offset = 0;
-  *reinterpret_cast<decltype(mHashType)*>(&aData[offset]) = 0;
+  memset(&aData[offset], 0, sizeof(mHashType));
   offset += sizeof(mHashType);
-  *reinterpret_cast<decltype(mHashLength)*>(&aData[offset]) = 0;
+  memset(&aData[offset], 0, sizeof(mHashLength));
   offset += sizeof(mHashLength);
 
   SRIVERBOSE(("SRICheckDataVerifier::ExportEmptyDataSummary, header {%x, %x, %x, %x, %x, ...}",
               aData[0], aData[1], aData[2], aData[3], aData[4]));
 
   return NS_OK;
 }