summaryrefslogtreecommitdiff
path: root/js/src
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-09-04 07:40:42 +0200
committerwolfbeast <mcwerewolf@gmail.com>2018-09-04 07:40:42 +0200
commit7d73b3fbfe1cd4f3a45b569f98f19041f95a50b9 (patch)
tree0209317cee2f5b5604035dc9103b598607a14b59 /js/src
parent45f9a0daad81d1c6a1188b3473e5f0c67d27c0aa (diff)
downloaduxp-7d73b3fbfe1cd4f3a45b569f98f19041f95a50b9.tar.gz
Add extra check for assembler buffer space.
Diffstat (limited to 'js/src')
-rw-r--r--js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h3
1 files changed, 2 insertions, 1 deletions
diff --git a/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h b/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h
index 8cb5577848..8343579c81 100644
--- a/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h
+++ b/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h
@@ -93,7 +93,8 @@ namespace jit {
void ensureSpace(size_t space)
{
- if (MOZ_UNLIKELY(!m_buffer.reserve(m_buffer.length() + space)))
+ if (MOZ_UNLIKELY(m_buffer.length() > (SIZE_MAX - space) ||
+ !m_buffer.reserve(m_buffer.length() + space)))
oomDetected();
}