From e3af9ebeabfd33a5657912f1ea9b369b397cf233 Mon Sep 17 00:00:00 2001 From: "akhil.arora%sun.com" Date: Fri, 15 Oct 1999 21:25:56 +0000 Subject: [PATCH] 13260 r=akhil.arora@sun.com Fixed by Denis Sharypov Added checks for integer arguments being outside of legal range and throw exceptions if not. git-svn-id: svn://10.0.0.236/trunk@50861 18797224-902f-48f8-a5cc-f745e15eee43 --- mozilla/java/dom/jni/javaDOMGlobals.cpp | 9 ++++++- mozilla/java/dom/jni/javaDOMGlobals.h | 2 ++ .../jni/org_mozilla_dom_CharacterDataImpl.cpp | 24 +++++++++++++++++++ .../jni/org_mozilla_dom_NamedNodeMapImpl.cpp | 6 +++++ .../dom/jni/org_mozilla_dom_NodeListImpl.cpp | 6 +++++ .../java/dom/jni/org_mozilla_dom_TextImpl.cpp | 7 ++++++ mozilla/java/dom/nsJavaDOMImpl.cpp | 2 +- 7 files changed, 54 insertions(+), 2 deletions(-) diff --git a/mozilla/java/dom/jni/javaDOMGlobals.cpp b/mozilla/java/dom/jni/javaDOMGlobals.cpp index 3b4d40026bf..62c4ade3d42 100644 --- a/mozilla/java/dom/jni/javaDOMGlobals.cpp +++ b/mozilla/java/dom/jni/javaDOMGlobals.cpp @@ -77,6 +77,8 @@ PRLogModuleInfo* JavaDOMGlobals::log = NULL; PRCList JavaDOMGlobals::garbage = PR_INIT_STATIC_CLIST(&garbage); PRLock* JavaDOMGlobals::garbageLock = NULL; +PRInt32 JavaDOMGlobals::javaMaxInt = 0; + class jniDOMGarbage : public PRCList { public: jniDOMGarbage(nsISupports* p) { domObject = p; } @@ -234,6 +236,11 @@ void JavaDOMGlobals::Initialize(JNIEnv *env) runtimeExceptionInitMID = env->GetMethodID(runtimeExceptionClass, "", "(Ljava/lang/String;)V"); if (!runtimeExceptionInitMID) return; + + jclass integerClass = env->FindClass("java/lang/Integer"); + jfieldID javaMaxIntFID = + env->GetStaticFieldID(integerClass, "MAX_VALUE", "I"); + javaMaxInt = env->GetStaticIntField(integerClass, javaMaxIntFID); } void JavaDOMGlobals::Destroy(JNIEnv *env) @@ -545,7 +552,7 @@ void JavaDOMGlobals::ThrowException(JNIEnv *env, (jthrowable)env->NewObject(domExceptionClass, domExceptionInitMID, NS_ERROR_GET_CODE(rv), - message); + jmessage); } else { char buffer[256]; const char* msg = message; diff --git a/mozilla/java/dom/jni/javaDOMGlobals.h b/mozilla/java/dom/jni/javaDOMGlobals.h index a85eabdfa97..c869b185d21 100644 --- a/mozilla/java/dom/jni/javaDOMGlobals.h +++ b/mozilla/java/dom/jni/javaDOMGlobals.h @@ -77,6 +77,8 @@ class JavaDOMGlobals { static PRCList garbage; static PRLock* garbageLock; + static PRInt32 javaMaxInt; + static void Initialize(JNIEnv *env); static void Destroy(JNIEnv *env); static jobject CreateNodeSubtype(JNIEnv *env, diff --git a/mozilla/java/dom/jni/org_mozilla_dom_CharacterDataImpl.cpp b/mozilla/java/dom/jni/org_mozilla_dom_CharacterDataImpl.cpp index a84be223904..2ec6a07661d 100644 --- a/mozilla/java/dom/jni/org_mozilla_dom_CharacterDataImpl.cpp +++ b/mozilla/java/dom/jni/org_mozilla_dom_CharacterDataImpl.cpp @@ -67,6 +67,14 @@ JNIEXPORT void JNICALL Java_org_mozilla_dom_CharacterDataImpl_appendData JNIEXPORT void JNICALL Java_org_mozilla_dom_CharacterDataImpl_deleteData (JNIEnv *env, jobject jthis, jint offset, jint count) { + if (offset < 0 || offset > JavaDOMGlobals::javaMaxInt || + count < 0 || count > JavaDOMGlobals::javaMaxInt) { + JavaDOMGlobals::ThrowException(env, "", + NS_ERROR_DOM_INDEX_SIZE_ERR, + JavaDOMGlobals::EXCEPTION_DOM); + return; + } + nsIDOMCharacterData* data = (nsIDOMCharacterData*) env->GetLongField(jthis, JavaDOMGlobals::nodePtrFID); if (!data) { @@ -202,6 +210,14 @@ JNIEXPORT void JNICALL Java_org_mozilla_dom_CharacterDataImpl_insertData JNIEXPORT void JNICALL Java_org_mozilla_dom_CharacterDataImpl_replaceData (JNIEnv *env, jobject jthis, jint offset, jint count, jstring jvalue) { + if (offset < 0 || offset > JavaDOMGlobals::javaMaxInt || + count < 0 || count > JavaDOMGlobals::javaMaxInt) { + JavaDOMGlobals::ThrowException(env, "", + NS_ERROR_DOM_INDEX_SIZE_ERR, + JavaDOMGlobals::EXCEPTION_DOM); + return; + } + nsIDOMCharacterData* data = (nsIDOMCharacterData*) env->GetLongField(jthis, JavaDOMGlobals::nodePtrFID); if (!data) { @@ -281,6 +297,14 @@ JNIEXPORT void JNICALL Java_org_mozilla_dom_CharacterDataImpl_setData JNIEXPORT jstring JNICALL Java_org_mozilla_dom_CharacterDataImpl_substringData (JNIEnv *env, jobject jthis, jint offset, jint count) { + if (offset < 0 || offset > JavaDOMGlobals::javaMaxInt || + count < 0 || count > JavaDOMGlobals::javaMaxInt) { + JavaDOMGlobals::ThrowException(env, "", + NS_ERROR_DOM_INDEX_SIZE_ERR, + JavaDOMGlobals::EXCEPTION_DOM); + return NULL; + } + nsIDOMCharacterData* data = (nsIDOMCharacterData*) env->GetLongField(jthis, JavaDOMGlobals::nodePtrFID); if (!data) { diff --git a/mozilla/java/dom/jni/org_mozilla_dom_NamedNodeMapImpl.cpp b/mozilla/java/dom/jni/org_mozilla_dom_NamedNodeMapImpl.cpp index 21d4d0ecd88..086af32fbee 100644 --- a/mozilla/java/dom/jni/org_mozilla_dom_NamedNodeMapImpl.cpp +++ b/mozilla/java/dom/jni/org_mozilla_dom_NamedNodeMapImpl.cpp @@ -94,6 +94,12 @@ JNIEXPORT jobject JNICALL Java_org_mozilla_dom_NamedNodeMapImpl_getNamedItem JNIEXPORT jobject JNICALL Java_org_mozilla_dom_NamedNodeMapImpl_item (JNIEnv *env, jobject jthis, jint jindex) { + if (jindex < 0 || jindex > JavaDOMGlobals::javaMaxInt) { + PR_LOG(JavaDOMGlobals::log, PR_LOG_ERROR, + ("NamedNodeMap.item: invalid index value (%d)\n", jindex)); + return NULL; + } + nsIDOMNamedNodeMap* map = (nsIDOMNamedNodeMap*) env->GetLongField(jthis, JavaDOMGlobals::nodePtrFID); if (!map) { diff --git a/mozilla/java/dom/jni/org_mozilla_dom_NodeListImpl.cpp b/mozilla/java/dom/jni/org_mozilla_dom_NodeListImpl.cpp index 2a56ac8520c..1a063365149 100644 --- a/mozilla/java/dom/jni/org_mozilla_dom_NodeListImpl.cpp +++ b/mozilla/java/dom/jni/org_mozilla_dom_NodeListImpl.cpp @@ -160,6 +160,12 @@ JNIEXPORT jint JNICALL Java_org_mozilla_dom_NodeListImpl_getLength JNIEXPORT jobject JNICALL Java_org_mozilla_dom_NodeListImpl_item (JNIEnv *env, jobject jthis, jint jindex) { + if (jindex < 0 || jindex > JavaDOMGlobals::javaMaxInt) { + PR_LOG(JavaDOMGlobals::log, PR_LOG_ERROR, + ("NodeList.item: invalid index value (%d)\n", jindex)); + return NULL; + } + nsIDOMNodeList* nodes = (nsIDOMNodeList*) env->GetLongField(jthis, JavaDOMGlobals::nodeListPtrFID); if (!nodes) { diff --git a/mozilla/java/dom/jni/org_mozilla_dom_TextImpl.cpp b/mozilla/java/dom/jni/org_mozilla_dom_TextImpl.cpp index fdaabf39a2d..56bb164686a 100644 --- a/mozilla/java/dom/jni/org_mozilla_dom_TextImpl.cpp +++ b/mozilla/java/dom/jni/org_mozilla_dom_TextImpl.cpp @@ -29,6 +29,13 @@ Inc. All Rights Reserved. JNIEXPORT jobject JNICALL Java_org_mozilla_dom_TextImpl_splitText (JNIEnv *env, jobject jthis, jint joffset) { + if (joffset < 0 || joffset > JavaDOMGlobals::javaMaxInt) { + JavaDOMGlobals::ThrowException(env, "", + NS_ERROR_DOM_INDEX_SIZE_ERR, + JavaDOMGlobals::EXCEPTION_DOM); + return NULL; + } + nsIDOMText* text = (nsIDOMText*) env->GetLongField(jthis, JavaDOMGlobals::nodePtrFID); if (!text) { diff --git a/mozilla/java/dom/nsJavaDOMImpl.cpp b/mozilla/java/dom/nsJavaDOMImpl.cpp index bb3c227462a..d7389d8710b 100755 --- a/mozilla/java/dom/nsJavaDOMImpl.cpp +++ b/mozilla/java/dom/nsJavaDOMImpl.cpp @@ -108,7 +108,7 @@ nsJavaDOMImpl::nsJavaDOMImpl() vm_args.version = 0x00010001; vm_args.verifyMode = JNI_TRUE; #ifdef DEBUG - // vm_args.verbose = JNI_TRUE; + vm_args.verbose = JNI_TRUE; vm_args.enableVerboseGC = JNI_TRUE; #endif // DEBUG char* cp = PR_GetEnv("CLASSPATH");