summaryrefslogtreecommitdiffstats
path: root/layout/mathml/crashtests/347355-1.gif
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-01-28 10:25:49 +0100
committerwolfbeast <mcwerewolf@gmail.com>2018-02-08 12:53:40 +0100
commitacbd84f5741451d67e0fbaa3b85fdafc85dab5f9 (patch)
tree17539cacb7e8dc90f85bf76e9a8c8bf0653b7d6a /layout/mathml/crashtests/347355-1.gif
parentb62fce0dc0c77a5788c331db32b3996e4020e2a5 (diff)
downloadUXP-acbd84f5741451d67e0fbaa3b85fdafc85dab5f9.tar
UXP-acbd84f5741451d67e0fbaa3b85fdafc85dab5f9.tar.gz
UXP-acbd84f5741451d67e0fbaa3b85fdafc85dab5f9.tar.lz
UXP-acbd84f5741451d67e0fbaa3b85fdafc85dab5f9.tar.xz
UXP-acbd84f5741451d67e0fbaa3b85fdafc85dab5f9.zip
Check for integer overflow in AesTask::DoCrypto() (DiD)
After calling mResult.SetLength(mData.Length() + 16) we should check that the integer addition didn't overflow. It seems at the moment impossible to create ArrayBuffers of size >= 0x0xfffffff0, however adding a check here doesn't hurt. mResult.Length() is passed to the PK11 API functions as a maxOut parameter and should be checked by the softoken crypto algorithm implementations. AES-ECB and AES-GCM seem to do that correctly.
Diffstat (limited to 'layout/mathml/crashtests/347355-1.gif')
0 files changed, 0 insertions, 0 deletions