diff options
author | wolfbeast <mcwerewolf@gmail.com> | 2018-11-02 14:59:25 +0100 |
---|---|---|
committer | wolfbeast <mcwerewolf@gmail.com> | 2018-11-02 16:05:57 +0100 |
commit | cc234ff4304d3a60dc2163f77a4214ecdbd88d5c (patch) | |
tree | 048283d97090e8aec70ac675cbfd66363b55fe39 /xpcom/glue/nsTArray-inl.h | |
parent | 90a73cfe2a7509b3108c2a9ad884b42594638b4d (diff) | |
download | UXP-cc234ff4304d3a60dc2163f77a4214ecdbd88d5c.tar UXP-cc234ff4304d3a60dc2163f77a4214ecdbd88d5c.tar.gz UXP-cc234ff4304d3a60dc2163f77a4214ecdbd88d5c.tar.lz UXP-cc234ff4304d3a60dc2163f77a4214ecdbd88d5c.tar.xz UXP-cc234ff4304d3a60dc2163f77a4214ecdbd88d5c.zip |
Add overflow checks for extending nsTArrays.
Surprisingly, this was previously not done.
Also, some of this code seems to be incorrect or,
at the very least, wasn't clear what it was trying to do.
Diffstat (limited to 'xpcom/glue/nsTArray-inl.h')
-rw-r--r-- | xpcom/glue/nsTArray-inl.h | 32 |
1 files changed, 22 insertions, 10 deletions
diff --git a/xpcom/glue/nsTArray-inl.h b/xpcom/glue/nsTArray-inl.h index af57c9866..7e667a327 100644 --- a/xpcom/glue/nsTArray-inl.h +++ b/xpcom/glue/nsTArray-inl.h @@ -111,6 +111,23 @@ bool IsTwiceTheRequiredBytesRepresentableAsUint32(size_t aCapacity, template<class Alloc, class Copy> template<typename ActualAlloc> typename ActualAlloc::ResultTypeProxy +nsTArray_base<Alloc, Copy>::ExtendCapacity(size_type aLength, + size_type aCount, + size_type aElemSize) +{ + mozilla::CheckedInt<size_type> newLength = aLength; + newLength += aCount; + + if (!newLength.isValid()) { + return ActualAlloc::FailureResult(); + } + + return this->EnsureCapacity<ActualAlloc>(newLength.value(), aElemSize); +} + +template<class Alloc, class Copy> +template<typename ActualAlloc> +typename ActualAlloc::ResultTypeProxy nsTArray_base<Alloc, Copy>::EnsureCapacity(size_type aCapacity, size_type aElemSize) { @@ -275,26 +292,21 @@ nsTArray_base<Alloc, Copy>::ShiftData(index_type aStart, template<class Alloc, class Copy> template<typename ActualAlloc> -bool +typename ActualAlloc::ResultTypeProxy nsTArray_base<Alloc, Copy>::InsertSlotsAt(index_type aIndex, size_type aCount, size_type aElemSize, size_t aElemAlign) { MOZ_ASSERT(aIndex <= Length(), "Bogus insertion index"); - size_type newLen = Length() + aCount; - - EnsureCapacity<ActualAlloc>(newLen, aElemSize); - - // Check for out of memory conditions - if (Capacity() < newLen) { - return false; + if (!ActualAlloc::Successful(this->ExtendCapacity<ActualAlloc>(Length(), aCount, aElemSize))) { + return ActualAlloc::FailureResult(); } - + // Move the existing elements as needed. Note that this will // change our mLength, so no need to call IncrementLength. ShiftData<ActualAlloc>(aIndex, 0, aCount, aElemSize, aElemAlign); - return true; + return ActualAlloc::SuccessResult(); } // nsTArray_base::IsAutoArrayRestorer is an RAII class which takes |