Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-24 13:21:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1159244 - Add release mode bounds checking with custom annotations to nsTArray, r=froydnj

Browse Source 
MozReview-Commit-ID: Ljx9PwBCyTT
This commit is contained in:
Michael Layzell 2016-08-10 14:40:00 -04:00
parent 50d538cc45
commit e1fc3b1773
3 changed files with 26 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
mfbt/Assertions.h
View File

@ -34,7 +34,7 @@ namespace CrashReporter {
void AnnotateMozCrashReason(const char* aReason);
} // namespace CrashReporter
# define MOZ_CRASH_ANNOTATE(...) CrashReporter::AnnotateMozCrashReason("" __VA_ARGS__)
# define MOZ_CRASH_ANNOTATE(...) CrashReporter::AnnotateMozCrashReason(__VA_ARGS__)
#else
# define MOZ_CRASH_ANNOTATE(...) do { /* nothing */ } while (0)
#endif

16
xpcom/glue/nsTArray.cpp
View File

@ -18,3 +18,19 @@ IsTwiceTheRequiredBytesRepresentableAsUint32(size_t aCapacity, size_t aElemSize)
using mozilla::CheckedUint32;
return ((CheckedUint32(aCapacity) * aElemSize) * 2).isValid();
}
MOZ_NORETURN MOZ_COLD void
InvalidArrayIndex_CRASH(size_t aIndex, size_t aLength)
{
const size_t CAPACITY = 512;
// Leak the buffer on the heap to make sure that it lives long enough, as
// MOZ_CRASH_ANNOTATE expects the pointer passed to it to live to the end of
// the program.
char* buffer = new char[CAPACITY];
snprintf(buffer, CAPACITY,
"ElementAt(aIndex = %llu, aLength = %llu)",
(long long unsigned) aIndex,
(long long unsigned) aLength);
MOZ_CRASH_ANNOTATE(buffer);
MOZ_REALLY_CRASH();
}

11
xpcom/glue/nsTArray.h
View File

@ -330,6 +330,9 @@ struct nsTArray_SafeElementAtHelper<mozilla::OwningNonNull<E>, Derived>
extern "C" void Gecko_EnsureTArrayCapacity(void* aArray, size_t aCapacity, size_t aElemSize);
MOZ_NORETURN MOZ_COLD void
InvalidArrayIndex_CRASH(size_t aIndex, size_t aLength);
//
// This class serves as a base class for nsTArray. It shouldn't be used
// directly. It holds common implementation code that does not depend on the
@ -989,7 +992,9 @@ public:
// @return A reference to the i'th element of the array.
elem_type& ElementAt(index_type aIndex)
{
MOZ_ASSERT(aIndex < Length(), "invalid array index");
if (MOZ_UNLIKELY(aIndex >= Length())) {
InvalidArrayIndex_CRASH(aIndex, Length());
}
return Elements()[aIndex];
}
@ -999,7 +1004,9 @@ public:
// @return A const reference to the i'th element of the array.
const elem_type& ElementAt(index_type aIndex) const
{
MOZ_ASSERT(aIndex < Length(), "invalid array index");
if (MOZ_UNLIKELY(aIndex >= Length())) {
InvalidArrayIndex_CRASH(aIndex, Length());
}
return Elements()[aIndex];
}