Macintosh-SW/tenfourfox
1
0
Fork 0
mirror of https://github.com/classilla/tenfourfox.git synced 2024-06-16 14:29:46 +00:00
Code Issues Projects Releases Wiki Activity

#402, Bug 1359639 - Ensure a final -1 in mFormat[]. r=valentin, a=gchang

Browse Source
This commit is contained in:
Daniel Stenberg 2017-05-22 09:44:19 -04:00 committed by Cameron Kaiser
parent 4f32de4497
commit b986d02811
2 changed files with 9 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
netwerk/streamconv/converters/nsDirIndexParser.cpp
View File

@ -32,7 +32,7 @@ nsresult
nsDirIndexParser::Init() { nsDirIndexParser::Init() {
mLineStart = 0; mLineStart = 0;
mHasDescription = false; mHasDescription = false;
mFormat = nullptr; mFormat[0] = -1;
mozilla::dom::FallbackEncoding::FromLocale(mEncoding); mozilla::dom::FallbackEncoding::FromLocale(mEncoding);
nsresult rv; nsresult rv;
@ -46,7 +46,6 @@ nsDirIndexParser::Init() {
} }
nsDirIndexParser::~nsDirIndexParser() { nsDirIndexParser::~nsDirIndexParser() {
delete[] mFormat;
// XXX not threadsafe // XXX not threadsafe
if (--gRefCntParser == 0) { if (--gRefCntParser == 0) {
NS_IF_RELEASE(gTextToSubURI); NS_IF_RELEASE(gTextToSubURI);
@ -122,41 +121,14 @@ nsrefcnt nsDirIndexParser::gRefCntParser = 0;
nsITextToSubURI *nsDirIndexParser::gTextToSubURI; nsITextToSubURI *nsDirIndexParser::gTextToSubURI;
nsresult nsresult
nsDirIndexParser::ParseFormat(const char* aFormatStr) { nsDirIndexParser::ParseFormat(const char* aFormatStr)
{
// Parse a "200" format line, and remember the fields and their // Parse a "200" format line, and remember the fields and their
// ordering in mFormat. Multiple 200 lines stomp on each other. // ordering in mFormat. Multiple 200 lines stomp on each other.
unsigned int formatNum = 0;
mFormat[0] = -1;
// Lets find out how many elements we have.
// easier to do this then realloc
const char* pos = aFormatStr;
unsigned int num = 0;
do { do {
while (*pos && nsCRT::IsAsciiSpace(char16_t(*pos)))
++pos;
++num;
// There are a maximum of six allowed header fields (doubled plus
// terminator, just in case) -- Bug 443299
if (num > (2 * ArrayLength(gFieldTable)))
return NS_ERROR_UNEXPECTED;
if (! *pos)
break;
while (*pos && !nsCRT::IsAsciiSpace(char16_t(*pos)))
++pos;
} while (*pos);
delete[] mFormat;
mFormat = new int[num+1];
// Prevent nullptr Deref - Bug 443299
if (mFormat == nullptr)
return NS_ERROR_OUT_OF_MEMORY;
int formatNum=0;
do {
mFormat[formatNum] = -1;
while (*aFormatStr && nsCRT::IsAsciiSpace(char16_t(*aFormatStr))) while (*aFormatStr && nsCRT::IsAsciiSpace(char16_t(*aFormatStr)))
++aFormatStr; ++aFormatStr;
@ -181,12 +153,12 @@ nsDirIndexParser::ParseFormat(const char* aFormatStr) {
for (Field* i = gFieldTable; i->mName; ++i) { for (Field* i = gFieldTable; i->mName; ++i) {
if (name.EqualsIgnoreCase(i->mName)) { if (name.EqualsIgnoreCase(i->mName)) {
mFormat[formatNum] = i->mType; mFormat[formatNum] = i->mType;
++formatNum; mFormat[++formatNum] = -1;
break; break;
} }
} }
} while (*aFormatStr); } while (*aFormatStr && (formatNum < (ArrayLength(mFormat)-1)));
return NS_OK; return NS_OK;
} }
@ -197,7 +169,7 @@ nsDirIndexParser::ParseData(nsIDirIndex *aIdx, char* aDataStr, int32_t aLineLen)
// Parse a "201" data line, using the field ordering specified in // Parse a "201" data line, using the field ordering specified in
// mFormat. // mFormat.
if (!mFormat || (mFormat[0] == -1)) { if(mFormat[0] == -1) {
// Ignore if we haven't seen a format yet. // Ignore if we haven't seen a format yet.
return NS_OK; return NS_OK;
} }

2
netwerk/streamconv/converters/nsDirIndexParser.h
View File

@ -47,7 +47,7 @@ protected:
nsCString mBuf; nsCString mBuf;
int32_t mLineStart; int32_t mLineStart;
bool mHasDescription; bool mHasDescription;
int* mFormat; int mFormat[8];
nsresult ProcessData(nsIRequest *aRequest, nsISupports *aCtxt); nsresult ProcessData(nsIRequest *aRequest, nsISupports *aCtxt);
nsresult ParseFormat(const char* buf); nsresult ParseFormat(const char* buf);