From 7d73b3fbfe1cd4f3a45b569f98f19041f95a50b9 Mon Sep 17 00:00:00 2001
From: wolfbeast <mcwerewolf@gmail.com>
Date: Tue, 4 Sep 2018 07:40:42 +0200
Subject: Add extra check for assembler buffer space.

---
 js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'js/src')

diff --git a/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h b/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h
index 8cb557784..8343579c8 100644
--- a/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h
+++ b/js/src/jit/x86-shared/AssemblerBuffer-x86-shared.h
@@ -93,7 +93,8 @@ namespace jit {
 
         void ensureSpace(size_t space)
         {
-            if (MOZ_UNLIKELY(!m_buffer.reserve(m_buffer.length() + space)))
+                if (MOZ_UNLIKELY(m_buffer.length() > (SIZE_MAX - space) ||
+                                 !m_buffer.reserve(m_buffer.length() + space)))
                 oomDetected();
         }
 
-- 
cgit v1.2.3