wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 1170794 - patch 2 - Improve the length check of the input in nsUnicode*::GetMaxLength, r=dveditz

Browse Source
This commit is contained in:
Andrea Marchesini 2015-06-17 12:38:29 +01:00
parent 0bf63bcbef
commit efd4a0fc29
11 changed files with 125 additions and 126 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
intl/uconv/nsIUnicodeDecoder.h
View File

@ -106,9 +106,9 @@ public:
* NS_ERROR_OUT_OF_MEMORY if OOM
* NS_OK is all we have is an approximation
*/
MOZ_WARN_UNUSED_RESULT NS_IMETHOD GetMaxLength(const char * aSrc,
MOZ_WARN_UNUSED_RESULT NS_IMETHOD GetMaxLength(const char* aSrc,
int32_t aSrcLength,
int32_t * aDestLength) = 0;
int32_t* aDestLength) = 0;
/**
* Resets the charset converter so it may be recycled for a completely

4
intl/uconv/nsIUnicodeEncoder.h
View File

@ -124,9 +124,9 @@ public:
* NS_ERROR_OUT_OF_MEMORY if OOM
* NS_OK if all we have is an approximation
*/
MOZ_WARN_UNUSED_RESULT NS_IMETHOD GetMaxLength(const char16_t * aSrc,
MOZ_WARN_UNUSED_RESULT NS_IMETHOD GetMaxLength(const char16_t* aSrc,
int32_t aSrcLength,
int32_t * aDestLength) = 0;
int32_t* aDestLength) = 0;
/**
* Resets the charset converter so it may be recycled for a completely

2
intl/uconv/nsUTF8ToUnicode.cpp
View File

@ -57,7 +57,7 @@ NS_IMETHODIMP nsUTF8ToUnicode::GetMaxLength(const char * aSrc,
length += 1;
if (!length.isValid()) {
return NS_ERROR_FAILURE;
return NS_ERROR_OUT_OF_MEMORY;
}
*aDestLength = length.value();

4
intl/uconv/nsUTF8ToUnicode.h
View File

@ -49,9 +49,9 @@ protected:
//--------------------------------------------------------------------
// Subclassing of nsDecoderSupport class [declaration]
MOZ_WARN_UNUSED_RESULT NS_IMETHOD GetMaxLength(const char * aSrc,
MOZ_WARN_UNUSED_RESULT NS_IMETHOD GetMaxLength(const char* aSrc,
int32_t aSrcLength,
int32_t * aDestLength) override;
int32_t* aDestLength) override;
//--------------------------------------------------------------------
// Subclassing of nsBasicDecoderSupport class [declaration]

16
intl/uconv/nsUnicodeToUTF8.cpp
View File

@ -29,21 +29,21 @@ NS_IMETHODIMP nsUnicodeToUTF8::GetMaxLength(const char16_t* aSrc,
length += 3;
if (!length.isValid()) {
return NS_ERROR_FAILURE;
return NS_ERROR_OUT_OF_MEMORY;
}
*aDestLength = length.value();
return NS_OK;
}
NS_IMETHODIMP nsUnicodeToUTF8::Convert(const char16_t * aSrc,
int32_t * aSrcLength,
char * aDest,
int32_t * aDestLength)
NS_IMETHODIMP nsUnicodeToUTF8::Convert(const char16_t* aSrc,
int32_t* aSrcLength,
char* aDest,
int32_t* aDestLength)
{
const char16_t * src = aSrc;
const char16_t * srcEnd = aSrc + *aSrcLength;
char * dest = aDest;
const char16_t* src = aSrc;
const char16_t* srcEnd = aSrc + *aSrcLength;
char* dest = aDest;
int32_t destLen = *aDestLength;
uint32_t n;

16
intl/uconv/nsUnicodeToUTF8.h
View File

@ -41,21 +41,21 @@ public:
*/
nsUnicodeToUTF8() {mHighSurrogate = 0;}
NS_IMETHOD Convert(const char16_t * aSrc,
int32_t * aSrcLength,
char * aDest,
int32_t * aDestLength) override;
NS_IMETHOD Convert(const char16_t*aSrc,
int32_t* aSrcLength,
char* aDest,
int32_t* aDestLength) override;
NS_IMETHOD Finish(char * aDest, int32_t * aDestLength) override;
NS_IMETHOD Finish(char* aDest, int32_t* aDestLength) override;
MOZ_WARN_UNUSED_RESULT NS_IMETHOD GetMaxLength(const char16_t * aSrc,
MOZ_WARN_UNUSED_RESULT NS_IMETHOD GetMaxLength(const char16_t* aSrc,
int32_t aSrcLength,
int32_t * aDestLength) override;
int32_t* aDestLength) override;
NS_IMETHOD Reset() override {mHighSurrogate = 0; return NS_OK;}
NS_IMETHOD SetOutputErrorBehavior(int32_t aBehavior,
nsIUnicharEncoder * aEncoder, char16_t aChar) override {return NS_OK;}
nsIUnicharEncoder* aEncoder, char16_t aChar) override {return NS_OK;}
protected:
char16_t mHighSurrogate;

2
intl/uconv/ucvlatin/nsUTF16ToUnicode.cpp
View File

@ -189,7 +189,7 @@ nsUTF16ToUnicodeBase::GetMaxLength(const char * aSrc, int32_t aSrcLength,
}
if (!length.isValid()) {
return NS_ERROR_FAILURE;
return NS_ERROR_OUT_OF_MEMORY;
}
// the left-over data of the previous run have to be taken into account.

22
intl/uconv/ucvlatin/nsUTF16ToUnicode.h
View File

@ -16,17 +16,17 @@ protected:
// ctor accessible only by child classes
nsUTF16ToUnicodeBase() { Reset();}
nsresult UTF16ConvertToUnicode(const char * aSrc,
int32_t * aSrcLength, char16_t * aDest,
int32_t * aDestLength, bool aSwapBytes);
nsresult UTF16ConvertToUnicode(const char* aSrc,
int32_t* aSrcLength, char16_t* aDest,
int32_t* aDestLength, bool aSwapBytes);
public:
//--------------------------------------------------------------------
// Subclassing of nsDecoderSupport class [declaration]
MOZ_WARN_UNUSED_RESULT NS_IMETHOD GetMaxLength(const char * aSrc,
MOZ_WARN_UNUSED_RESULT NS_IMETHOD GetMaxLength(const char* aSrc,
int32_t aSrcLength,
int32_t * aDestLength) override;
int32_t* aDestLength) override;
NS_IMETHOD Reset();
protected:
@ -44,8 +44,8 @@ class nsUTF16BEToUnicode : public nsUTF16ToUnicodeBase
{
public:
NS_IMETHOD Convert(const char * aSrc, int32_t * aSrcLength,
char16_t * aDest, int32_t * aDestLength);
NS_IMETHOD Convert(const char* aSrc, int32_t* aSrcLength,
char16_t* aDest, int32_t* aDestLength);
};
// UTF-16 little endian
@ -53,8 +53,8 @@ class nsUTF16LEToUnicode : public nsUTF16ToUnicodeBase
{
public:
NS_IMETHOD Convert(const char * aSrc, int32_t * aSrcLength,
char16_t * aDest, int32_t * aDestLength);
NS_IMETHOD Convert(const char* aSrc, int32_t* aSrcLength,
char16_t* aDest, int32_t* aDestLength);
};
// UTF-16 with BOM
@ -63,8 +63,8 @@ class nsUTF16ToUnicode : public nsUTF16ToUnicodeBase
public:
nsUTF16ToUnicode() { Reset();}
NS_IMETHOD Convert(const char * aSrc, int32_t * aSrcLength,
char16_t * aDest, int32_t * aDestLength);
NS_IMETHOD Convert(const char* aSrc, int32_t* aSrcLength,
char16_t* aDest, int32_t* aDestLength);
NS_IMETHOD Reset();

29
intl/uconv/ucvlatin/nsUnicodeToUTF16.cpp
View File

@ -18,10 +18,10 @@ NS_IMETHODIMP nsUnicodeToUTF16BE::Convert(const char16_t * aSrc, int32_t * aSrcL
char16_t *p = (char16_t*)aDest;
// Handle BOM if necessary
if(0!=mBOM)
{
if(destInLen <2)
if (0!=mBOM) {
if (destInLen < 2) {
goto needmoreoutput;
}
*p++ = mBOM;
mBOM = 0;
@ -30,7 +30,7 @@ NS_IMETHODIMP nsUnicodeToUTF16BE::Convert(const char16_t * aSrc, int32_t * aSrcL
// find out the length of copy
copyCharLen = srcInLen;
if(copyCharLen > (destInLen - destOutLen) / 2) {
if (copyCharLen > (destInLen - destOutLen) / 2) {
copyCharLen = (destInLen - destOutLen) / 2;
}
@ -39,8 +39,9 @@ NS_IMETHODIMP nsUnicodeToUTF16BE::Convert(const char16_t * aSrc, int32_t * aSrcL
srcOutLen += copyCharLen;
destOutLen += copyCharLen * 2;
if(copyCharLen < srcInLen)
if (copyCharLen < srcInLen) {
goto needmoreoutput;
}
*aSrcLength = srcOutLen;
*aDestLength = destOutLen;
@ -55,16 +56,16 @@ needmoreoutput:
NS_IMETHODIMP nsUnicodeToUTF16BE::GetMaxLength(const char16_t * aSrc, int32_t aSrcLength,
int32_t * aDestLength)
{
mozilla::CheckedInt32 length = 2;
mozilla::CheckedInt32 length = aSrcLength;
if(0 != mBOM) {
length *= (aSrcLength+1);
} else {
length *= aSrcLength;
if (0 != mBOM) {
length += 1;
}
length *= 2;
if (!length.isValid()) {
return NS_ERROR_FAILURE;
return NS_ERROR_OUT_OF_MEMORY;
}
*aDestLength = length.value();
@ -73,10 +74,8 @@ NS_IMETHODIMP nsUnicodeToUTF16BE::GetMaxLength(const char16_t * aSrc, int32_t aS
NS_IMETHODIMP nsUnicodeToUTF16BE::Finish(char * aDest, int32_t * aDestLength)
{
if(0 != mBOM)
{
if(*aDestLength >= 2)
{
if (0 != mBOM) {
if (*aDestLength >= 2) {
*((char16_t*)aDest)= mBOM;
mBOM=0;
*aDestLength = 2;

12
intl/uconv/ucvlatin/nsUnicodeToUTF16.h
View File

@ -17,15 +17,15 @@ public:
//--------------------------------------------------------------------
// Interface nsIUnicodeEncoder [declaration]
NS_IMETHOD Convert(const char16_t * aSrc, int32_t * aSrcLength,
char * aDest, int32_t * aDestLength);
MOZ_WARN_UNUSED_RESULT NS_IMETHOD GetMaxLength(const char16_t * aSrc,
NS_IMETHOD Convert(const char16_t* aSrc, int32_t* aSrcLength,
char* aDest, int32_t* aDestLength);
MOZ_WARN_UNUSED_RESULT NS_IMETHOD GetMaxLength(const char16_t* aSrc,
int32_t aSrcLength,
int32_t * aDestLength);
NS_IMETHOD Finish(char * aDest, int32_t * aDestLength);
int32_t* aDestLength);
NS_IMETHOD Finish(char* aDest, int32_t* aDestLength);
NS_IMETHOD Reset();
NS_IMETHOD SetOutputErrorBehavior(int32_t aBehavior,
nsIUnicharEncoder * aEncoder, char16_t aChar);
nsIUnicharEncoder* aEncoder, char16_t aChar);
protected:
char16_t mBOM;

140
intl/uconv/util/nsUCSupport.cpp
View File

@ -82,16 +82,16 @@ void nsBufferDecoderSupport::FillBuffer(const char ** aSrc, int32_t aSrcLength)
//----------------------------------------------------------------------
// Subclassing of nsBasicDecoderSupport class [implementation]
NS_IMETHODIMP nsBufferDecoderSupport::Convert(const char * aSrc,
int32_t * aSrcLength,
char16_t * aDest,
int32_t * aDestLength)
NS_IMETHODIMP nsBufferDecoderSupport::Convert(const char* aSrc,
int32_t* aSrcLength,
char16_t* aDest,
int32_t* aDestLength)
{
// we do all operations using pointers internally
const char * src = aSrc;
const char * srcEnd = aSrc + *aSrcLength;
char16_t * dest = aDest;
char16_t * destEnd = aDest + *aDestLength;
const char* src = aSrc;
const char* srcEnd = aSrc + *aSrcLength;
char16_t* dest = aDest;
char16_t* destEnd = aDest + *aDestLength;
int32_t bcr, bcw; // byte counts for read & write;
nsresult res = NS_OK;
@ -191,7 +191,7 @@ NS_IMETHODIMP nsBufferDecoderSupport::GetMaxLength(const char* aSrc,
length *= mMaxLengthFactor;
if (!length.isValid()) {
return NS_ERROR_FAILURE;
return NS_ERROR_OUT_OF_MEMORY;
}
*aDestLength = length.value();
@ -202,8 +202,8 @@ NS_IMETHODIMP nsBufferDecoderSupport::GetMaxLength(const char* aSrc,
// Class nsTableDecoderSupport [implementation]
nsTableDecoderSupport::nsTableDecoderSupport(uScanClassID aScanClass,
uShiftInTable * aShiftInTable,
uMappingTable * aMappingTable,
uShiftInTable* aShiftInTable,
uMappingTable* aMappingTable,
uint32_t aMaxLengthFactor)
: nsBufferDecoderSupport(aMaxLengthFactor)
{
@ -219,10 +219,10 @@ nsTableDecoderSupport::~nsTableDecoderSupport()
//----------------------------------------------------------------------
// Subclassing of nsBufferDecoderSupport class [implementation]
NS_IMETHODIMP nsTableDecoderSupport::ConvertNoBuff(const char * aSrc,
int32_t * aSrcLength,
char16_t * aDest,
int32_t * aDestLength)
NS_IMETHODIMP nsTableDecoderSupport::ConvertNoBuff(const char* aSrc,
int32_t* aSrcLength,
char16_t* aDest,
int32_t* aDestLength)
{
return nsUnicodeDecodeHelper::ConvertByTable(aSrc, aSrcLength,
aDest, aDestLength,
@ -236,9 +236,9 @@ NS_IMETHODIMP nsTableDecoderSupport::ConvertNoBuff(const char * aSrc,
nsMultiTableDecoderSupport::nsMultiTableDecoderSupport(
int32_t aTableCount,
const uRange * aRangeArray,
uScanClassID * aScanClassArray,
uMappingTable ** aMappingTable,
const uRange* aRangeArray,
uScanClassID* aScanClassArray,
uMappingTable** aMappingTable,
uint32_t aMaxLengthFactor)
: nsBufferDecoderSupport(aMaxLengthFactor)
{
@ -255,10 +255,10 @@ nsMultiTableDecoderSupport::~nsMultiTableDecoderSupport()
//----------------------------------------------------------------------
// Subclassing of nsBufferDecoderSupport class [implementation]
NS_IMETHODIMP nsMultiTableDecoderSupport::ConvertNoBuff(const char * aSrc,
int32_t * aSrcLength,
char16_t * aDest,
int32_t * aDestLength)
NS_IMETHODIMP nsMultiTableDecoderSupport::ConvertNoBuff(const char* aSrc,
int32_t* aSrcLength,
char16_t* aDest,
int32_t* aDestLength)
{
return nsUnicodeDecodeHelper::ConvertByMultiTable(aSrc, aSrcLength,
aDest, aDestLength,
@ -272,7 +272,7 @@ NS_IMETHODIMP nsMultiTableDecoderSupport::ConvertNoBuff(const char * aSrc,
// Class nsOneByteDecoderSupport [implementation]
nsOneByteDecoderSupport::nsOneByteDecoderSupport(
uMappingTable * aMappingTable)
uMappingTable* aMappingTable)
: nsBasicDecoderSupport()
, mMappingTable(aMappingTable)
, mFastTableCreated(false)
@ -287,10 +287,10 @@ nsOneByteDecoderSupport::~nsOneByteDecoderSupport()
//----------------------------------------------------------------------
// Subclassing of nsBasicDecoderSupport class [implementation]
NS_IMETHODIMP nsOneByteDecoderSupport::Convert(const char * aSrc,
int32_t * aSrcLength,
char16_t * aDest,
int32_t * aDestLength)
NS_IMETHODIMP nsOneByteDecoderSupport::Convert(const char* aSrc,
int32_t* aSrcLength,
char16_t* aDest,
int32_t* aDestLength)
{
if (!mFastTableCreated) {
// Probably better to make this non-lazy and get rid of the mutex
@ -310,9 +310,9 @@ NS_IMETHODIMP nsOneByteDecoderSupport::Convert(const char * aSrc,
mErrBehavior == kOnError_Signal);
}
NS_IMETHODIMP nsOneByteDecoderSupport::GetMaxLength(const char * aSrc,
NS_IMETHODIMP nsOneByteDecoderSupport::GetMaxLength(const char* aSrc,
int32_t aSrcLength,
int32_t * aDestLength)
int32_t* aDestLength)
{
// single byte to Unicode converter
*aDestLength = aSrcLength;
@ -368,16 +368,16 @@ nsEncoderSupport::~nsEncoderSupport()
delete [] mBuffer;
}
NS_IMETHODIMP nsEncoderSupport::ConvertNoBuff(const char16_t * aSrc,
int32_t * aSrcLength,
char * aDest,
int32_t * aDestLength)
NS_IMETHODIMP nsEncoderSupport::ConvertNoBuff(const char16_t* aSrc,
int32_t* aSrcLength,
char* aDest,
int32_t* aDestLength)
{
// we do all operations using pointers internally
const char16_t * src = aSrc;
const char16_t * srcEnd = aSrc + *aSrcLength;
char * dest = aDest;
char * destEnd = aDest + *aDestLength;
const char16_t* src = aSrc;
const char16_t* srcEnd = aSrc + *aSrcLength;
char* dest = aDest;
char* destEnd = aDest + *aDestLength;
int32_t bcr, bcw; // byte counts for read & write;
nsresult res;
@ -417,18 +417,18 @@ NS_IMETHODIMP nsEncoderSupport::ConvertNoBuff(const char16_t * aSrc,
return res;
}
NS_IMETHODIMP nsEncoderSupport::FinishNoBuff(char * aDest,
int32_t * aDestLength)
NS_IMETHODIMP nsEncoderSupport::FinishNoBuff(char* aDest,
int32_t* aDestLength)
{
*aDestLength = 0;
return NS_OK;
}
nsresult nsEncoderSupport::FlushBuffer(char ** aDest, const char * aDestEnd)
nsresult nsEncoderSupport::FlushBuffer(char** aDest, const char* aDestEnd)
{
int32_t bcr, bcw; // byte counts for read & write;
nsresult res = NS_OK;
char * dest = *aDest;
char* dest = *aDest;
if (mBufferStart < mBufferEnd) {
bcr = mBufferEnd - mBufferStart;
@ -449,16 +449,16 @@ nsresult nsEncoderSupport::FlushBuffer(char ** aDest, const char * aDestEnd)
//----------------------------------------------------------------------
// Interface nsIUnicodeEncoder [implementation]
NS_IMETHODIMP nsEncoderSupport::Convert(const char16_t * aSrc,
int32_t * aSrcLength,
char * aDest,
int32_t * aDestLength)
NS_IMETHODIMP nsEncoderSupport::Convert(const char16_t* aSrc,
int32_t* aSrcLength,
char* aDest,
int32_t* aDestLength)
{
// we do all operations using pointers internally
const char16_t * src = aSrc;
const char16_t * srcEnd = aSrc + *aSrcLength;
char * dest = aDest;
char * destEnd = aDest + *aDestLength;
const char16_t* src = aSrc;
const char16_t* srcEnd = aSrc + *aSrcLength;
char* dest = aDest;
char* destEnd = aDest + *aDestLength;
int32_t bcr, bcw; // byte counts for read & write;
nsresult res;
@ -500,11 +500,11 @@ final:
return res;
}
NS_IMETHODIMP nsEncoderSupport::Finish(char * aDest, int32_t * aDestLength)
NS_IMETHODIMP nsEncoderSupport::Finish(char* aDest, int32_t* aDestLength)
{
// we do all operations using pointers internally
char * dest = aDest;
char * destEnd = aDest + *aDestLength;
char* dest = aDest;
char* destEnd = aDest + *aDestLength;
int32_t bcw; // byte count for write;
nsresult res;
@ -543,7 +543,7 @@ NS_IMETHODIMP nsEncoderSupport::Reset()
NS_IMETHODIMP nsEncoderSupport::SetOutputErrorBehavior(
int32_t aBehavior,
nsIUnicharEncoder * aEncoder,
nsIUnicharEncoder* aEncoder,
char16_t aChar)
{
if (aBehavior == kOnError_CallBack && !aEncoder)
@ -556,15 +556,15 @@ NS_IMETHODIMP nsEncoderSupport::SetOutputErrorBehavior(
}
NS_IMETHODIMP
nsEncoderSupport::GetMaxLength(const char16_t * aSrc,
nsEncoderSupport::GetMaxLength(const char16_t* aSrc,
int32_t aSrcLength,
int32_t * aDestLength)
int32_t* aDestLength)
{
mozilla::CheckedInt32 length = aSrcLength;
length *= mMaxLengthFactor;
if (!length.isValid()) {
return NS_ERROR_FAILURE;
return NS_ERROR_OUT_OF_MEMORY;
}
*aDestLength = length.value();
@ -576,8 +576,8 @@ nsEncoderSupport::GetMaxLength(const char16_t * aSrc,
// Class nsTableEncoderSupport [implementation]
nsTableEncoderSupport::nsTableEncoderSupport(uScanClassID aScanClass,
uShiftOutTable * aShiftOutTable,
uMappingTable * aMappingTable,
uShiftOutTable* aShiftOutTable,
uMappingTable* aMappingTable,
uint32_t aMaxLengthFactor)
: nsEncoderSupport(aMaxLengthFactor)
{
@ -587,7 +587,7 @@ nsTableEncoderSupport::nsTableEncoderSupport(uScanClassID aScanClass,
}
nsTableEncoderSupport::nsTableEncoderSupport(uScanClassID aScanClass,
uMappingTable * aMappingTable,
uMappingTable* aMappingTable,
uint32_t aMaxLengthFactor)
: nsEncoderSupport(aMaxLengthFactor)
{
@ -604,10 +604,10 @@ nsTableEncoderSupport::~nsTableEncoderSupport()
// Subclassing of nsEncoderSupport class [implementation]
NS_IMETHODIMP nsTableEncoderSupport::ConvertNoBuffNoErr(
const char16_t * aSrc,
int32_t * aSrcLength,
char * aDest,
int32_t * aDestLength)
const char16_t* aSrc,
int32_t* aSrcLength,
char* aDest,
int32_t* aDestLength)
{
return nsUnicodeEncodeHelper::ConvertByTable(aSrc, aSrcLength,
aDest, aDestLength,
@ -620,9 +620,9 @@ NS_IMETHODIMP nsTableEncoderSupport::ConvertNoBuffNoErr(
nsMultiTableEncoderSupport::nsMultiTableEncoderSupport(
int32_t aTableCount,
uScanClassID * aScanClassArray,
uShiftOutTable ** aShiftOutTable,
uMappingTable ** aMappingTable,
uScanClassID* aScanClassArray,
uShiftOutTable** aShiftOutTable,
uMappingTable** aMappingTable,
uint32_t aMaxLengthFactor)
: nsEncoderSupport(aMaxLengthFactor)
{
@ -640,10 +640,10 @@ nsMultiTableEncoderSupport::~nsMultiTableEncoderSupport()
// Subclassing of nsEncoderSupport class [implementation]
NS_IMETHODIMP nsMultiTableEncoderSupport::ConvertNoBuffNoErr(
const char16_t * aSrc,
int32_t * aSrcLength,
char * aDest,
int32_t * aDestLength)
const char16_t* aSrc,
int32_t* aSrcLength,
char* aDest,
int32_t* aDestLength)
{
return nsUnicodeEncodeHelper::ConvertByMultiTable(aSrc, aSrcLength,
aDest, aDestLength,