diff options
| author | julien.pierre.boogz%sun.com <devnull@localhost> | 2008-02-14 22:06:12 +0000 |
|---|---|---|
| committer | julien.pierre.boogz%sun.com <devnull@localhost> | 2008-02-14 22:06:12 +0000 |
| commit | cb44c30ed913a06193f2e2206c58b036e5a66939 (patch) | |
| tree | 46241becfd32b2fca1380b41f77f47541ca86b6f | |
| parent | 1940a492168b6c7551ff515c4d17ae38aa0e0afe (diff) | |
| download | nss-hg-cb44c30ed913a06193f2e2206c58b036e5a66939.tar.gz | |
Fix for bug 373907 . Limit manifest size in JAR file. r=nelson
| -rw-r--r-- | security/nss/lib/jar/jarfile.c | 13 |
1 files changed, 5 insertions, 8 deletions
diff --git a/security/nss/lib/jar/jarfile.c b/security/nss/lib/jar/jarfile.c index 91ae4148d..fc3ed2ae9 100644 --- a/security/nss/lib/jar/jarfile.c +++ b/security/nss/lib/jar/jarfile.c @@ -631,7 +631,7 @@ static int jar_extract_mf (JAR *jar, jarArch format, JAR_FILE fp, char *ext) ZZList *list; char *fn, *e; - char ZHUGEP *manifest; + char ZHUGEP *manifest = NULL; long length; int status, ret = 0, num; @@ -683,13 +683,10 @@ static int jar_extract_mf (JAR *jar, jarArch format, JAR_FILE fp, char *ext) } /* Read in the manifest and parse it */ - /* FIX? Does this break on win16 for very very large manifest files? */ - -#ifdef XP_WIN16 - PORT_Assert( phy->length+1 < 0xFFFF ); -#endif - - manifest = (char ZHUGEP *) PORT_ZAlloc (phy->length + 1); + /* limit is per J2SE SDK */ + if (phy->length <= 0xFFFF) { + manifest = (char ZHUGEP *) PORT_ZAlloc (phy->length + 1); + } if (manifest) { JAR_FSEEK (fp, phy->offset, (PRSeekWhence)0); |