summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-11-02 11:15:40 +0100
committerwolfbeast <mcwerewolf@gmail.com>2018-11-02 11:15:40 +0100
commit617eb648307fd5bc8edb58605dde5d1e74b89d5a (patch)
tree268308d50243bdc6ab58f26732da4a60165751e0
parent3b2c342f3879705b0cc9919198b984f92aec5e62 (diff)
downloaduxp-617eb648307fd5bc8edb58605dde5d1e74b89d5a.tar.gz
Apply CheckedInt to infoLength for preventing it from overflowing in the future.
CheckedInt propagates the mIsValid in each add operation so that it avoids needing a bunch of code for the overflow check in each add operation. Additionally, it avoids mismatching parameters between the computing result and the additional overflow check. This patch uses CheckedInt to take advantage of those implicit features of it.
-rw-r--r--dom/indexedDB/ActorsParent.cpp23
1 files changed, 10 insertions, 13 deletions
diff --git a/dom/indexedDB/ActorsParent.cpp b/dom/indexedDB/ActorsParent.cpp
index a3dc710ed5..58c1130587 100644
--- a/dom/indexedDB/ActorsParent.cpp
+++ b/dom/indexedDB/ActorsParent.cpp
@@ -23,6 +23,7 @@
#include "mozilla/AppProcessChecker.h"
#include "mozilla/AutoRestore.h"
#include "mozilla/Casting.h"
+#include "mozilla/CheckedInt.h"
#include "mozilla/EndianUtils.h"
#include "mozilla/ErrorNames.h"
#include "mozilla/LazyIdleThread.h"
@@ -782,29 +783,25 @@ MakeCompressedIndexDataValues(
MOZ_ASSERT(!keyBuffer.IsEmpty());
- // Don't let |infoLength| overflow.
- if (NS_WARN_IF(UINT32_MAX - keyBuffer.Length() <
- CompressedByteCountForIndexId(info.mIndexId) +
- CompressedByteCountForNumber(keyBufferLength) +
- CompressedByteCountForNumber(sortKeyBufferLength))) {
- IDB_REPORT_INTERNAL_ERR();
- return NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR;
- }
-
- const uint32_t infoLength =
- CompressedByteCountForIndexId(info.mIndexId) +
+ const CheckedUint32 infoLength =
+ CheckedUint32(CompressedByteCountForIndexId(info.mIndexId)) +
CompressedByteCountForNumber(keyBufferLength) +
CompressedByteCountForNumber(sortKeyBufferLength) +
keyBufferLength +
sortKeyBufferLength;
+ // Don't let |infoLength| overflow.
+ if (NS_WARN_IF(!infoLength.isValid())) {
+ IDB_REPORT_INTERNAL_ERR();
+ return NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR;
+ }
// Don't let |blobDataLength| overflow.
- if (NS_WARN_IF(UINT32_MAX - infoLength < blobDataLength)) {
+ if (NS_WARN_IF(UINT32_MAX - infoLength.value() < blobDataLength)) {
IDB_REPORT_INTERNAL_ERR();
return NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR;
}
- blobDataLength += infoLength;
+ blobDataLength += infoLength.value();
}
UniqueFreePtr<uint8_t> blobData(