238455 - warning C4244: 'argument' : conversion from 'PRInt64' to 'size_t', possible loss of data

Status: RESOLVED FIXED

(Core :: XUL, defect)

Description

[timeless]

tip from now

r:/mozilla\widget\src\xpwidgets\nsTransferable.cpp(253) : warning 
C4244: 'argument' : conversion from 'PRInt64' to 'size_t', possible loss of data
r:/mozilla\widget\src\xpwidgets\nsTransferable.cpp(264) : warning 
C4244: 'argument' : conversion from 'PRInt64' to 'PRUint32', possible loss of 
data
r:/mozilla\widget\src\xpwidgets\nsTransferable.cpp(268) : warning C4244: '=' : 
conversion from 'PRInt64' to 'PRUint32', possible loss of data
r:/mozilla\widget\src\xpwidgets\nsTransferable.cpp(269) : warning 
C4244: 'argument' : conversion from 'PRInt64' to 'PRUint32', possible loss of 
data

PRInt64 may be a struct, and nsMemory only takes a 32bit creature. So this is 
silly

Comment 1

[timeless]

Attachment: limit to 32bits

Comment 2

[Daniel Veditz [:dveditz]]

Comment on attachment 144644 [details] [diff] [review]
limit to 32bits

Not sure who gives r= in widget these days but it's not me. Despot says roc,
who conveniently can see security bugs.

I don't think this is a security bug: nsIInputStream::Read truncates the
filesize the same way as nsMemory so I don't see how it could overrun. Plus,
even if it were exploitable, it's hard to imagine that an attack that depends
on first getting a >4Gb file into someone's cache at today's transfer speeds is
all that feasible.

>+    if ( NS_SUCCEEDED(rv) && *aDataLen == size) {
>+      *aDataLen = size; 

If *aDataLen already == size why assign? Emphatic but unnecessary.

sr=dveditz

Comment 3

[timeless]

mozilla/widget/src/xpwidgets/nsTransferable.cpp 	1.61