Bug 716594 - Switch nsBinaryInputStream::ReadBytes back to using the fallible allocator because it correctly checks for allocation errors and streams are untrusted input we should try to work with, r=dbaron

xpcom/base/nsIMemory.idl

@@ -74,8 +74,8 @@ interface nsIMemory : nsISupports
 {
     /**
      * Allocates a block of memory of a particular size. If the memory 
-     * cannot be allocated (because of an out-of-memory condition), null
-     * is returned.
+     * cannot be allocated (because of an out-of-memory condition), the
+     * process aborts.
      *
      * @param size - the size of the block to allocate
      * @result the block of memory
@@ -93,8 +93,7 @@ interface nsIMemory : nsISupports
      * If s is the size of the block to which ptr points, the first
      * min(s, size) bytes of ptr's block are copied to the new block.
      * If the allocation succeeds, ptr is freed and a pointer to the 
-     * new block returned.  If the allocation fails, ptr is not freed
-     * and null is returned. The returned value may be the same as ptr.
+     * new block returned.  If the allocation fails, the process aborts.
      */
     [noscript, notxpcom] voidPtr realloc(in voidPtr ptr,
                                          in size_t newSize);

xpcom/build/nsXPCOM.h

@@ -240,7 +240,7 @@ NS_NewNativeLocalFile(const nsACString &path,
 
 /**
  * Allocates a block of memory of a particular size. If the memory cannot
- * be allocated (because of an out-of-memory condition), null is returned.
+ * be allocated (because of an out-of-memory condition), the process aborts.
  *
  * @param size   The size of the block to allocate
  * @result       The block of memory
@@ -262,8 +262,7 @@ NS_Alloc(PRSize size);
  * If s is the size of the block to which ptr points, the first min(s, size)
  * bytes of ptr's block are copied to the new block. If the allocation
  * succeeds, ptr is freed and a pointer to the new block is returned. If the
- * allocation fails, ptr is not freed and null is returned. The returned
- * value may be the same as ptr.
+ * allocation fails, the process aborts.
  */
 XPCOM_API(void*)
 NS_Realloc(void* ptr, PRSize size);

xpcom/io/nsBinaryStream.cpp

@@ -54,7 +54,6 @@
 #include "nsBinaryStream.h"
 #include "nsCRT.h"
 #include "nsIStreamBufferAccess.h"
-#include "nsMemory.h"
 #include "prlong.h"
 #include "nsString.h"
 #include "nsISerializable.h"
@@ -220,7 +219,7 @@ nsBinaryOutputStream::WriteWStringZ(const PRUnichar* aString)
     if (length <= 64) {
         copy = temp;
     } else {
-        copy = reinterpret_cast<PRUnichar*>(nsMemory::Alloc(byteCount));
+        copy = reinterpret_cast<PRUnichar*>(moz_malloc(byteCount));
         if (!copy)
             return NS_ERROR_OUT_OF_MEMORY;
     }
@@ -229,7 +228,7 @@ nsBinaryOutputStream::WriteWStringZ(const PRUnichar* aString)
         copy[i] = NS_SWAP16(aString[i]);
     rv = WriteBytes(reinterpret_cast<const char*>(copy), byteCount);
     if (copy != temp)
-        nsMemory::Free(copy);
+        moz_free(copy);
 #endif
 
     return rv;
@@ -725,17 +724,17 @@ nsBinaryInputStream::ReadBytes(PRUint32 aLength, char* *_rval)
     PRUint32 bytesRead;
     char* s;
 
-    s = reinterpret_cast<char*>(nsMemory::Alloc(aLength));
+    s = reinterpret_cast<char*>(moz_malloc(aLength));
     if (!s)
         return NS_ERROR_OUT_OF_MEMORY;
 
     rv = Read(s, aLength, &bytesRead);
     if (NS_FAILED(rv)) {
-        nsMemory::Free(s);
+        moz_free(s);
         return rv;
     }
     if (bytesRead != aLength) {
-        nsMemory::Free(s);
+        moz_free(s);
         return NS_ERROR_FAILURE;
     }