Closed Bug 1077465 Opened 11 years ago Closed 11 years ago

readFromClipboard() |dataLen.value / 2| isn't safe

Categories

(SeaMonkey :: General, defect)

Product:
SeaMonkey
Component:
General
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(seamonkey2.33 fixed)

Status:
RESOLVED FIXED
Milestone:
seamonkey2.33
Tracking Flags:
Tracking Status
seamonkey2.33 --- fixed

People

(Reporter: philip.chee, Assigned: philip.chee)

Details

Attachments

(1 file, 1 obsolete file)

Patch v2.0 fix review issues.
5.45 KB, patch
neil
: review+
Details | Diff | Splinter Review
https://bugzilla.mozilla.org/show_bug.cgi?id=326743#c59 (In reply to Blair McBride [:Unfocused] from comment #55) > /2 isn't safe. But, you don't need it anyway: > searchString = data.toString();
Attached patch Patch v1.0 Proposed fix (obsolete) — Splinter Review
Attachment #8499643 - Flags: review?(neil)
Comment on attachment 8499643 [details] [diff] [review] Patch v1.0 Proposed fix >+ var clipboard = Services.clipboard; Don't do this; if you're going to use Services.clipboard then replace the local variable completely. > data = data.value.QueryInterface(Components.interfaces.nsISupportsString); >- url = data.data.substring(0, dataLen.value / 2); >+ url = data.toString(); Stick to data.data, just don't substring it (data.data is slightly more efficient than data.toString() because it's an AString rather than a wstring). (Also applies to the other call site of course.)
Attachment #8499643 - Flags: review?(neil) → review-
>>+ var clipboard = Services.clipboard; > Don't do this; Reverted this change. >> data = data.value.QueryInterface(Components.interfaces.nsISupportsString); >>- url = data.data.substring(0, dataLen.value / 2); >>+ url = data.toString(); > Stick to data.data, just don't substring it (data.data is slightly more > efficient than data.toString() because it's an AString rather than a > wstring). (Also applies to the other call site of course.) Fixed.
Attachment #8499643 - Attachment is obsolete: true
Attachment #8507532 - Flags: review?(neil)
Comment on attachment 8507532 [details] [diff] [review] Patch v2.0 fix review issues. >- // Create tranferable that will transfer the text. >+ // Create a tranferable that will transfer the text. transferable > return str.value.QueryInterface(Components.interfaces.nsISupportsString) >- .data.substring(0, strLen.value / 2); >+ .data; Will this fit on one line?
Attachment #8507532 - Flags: review?(neil) → review+
Pushed to comm-central changeset c3c1bc2ecb51 http://hg.mozilla.org/comm-central/rev/c3c1bc2ecb51
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
status-seamonkey2.33: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → seamonkey2.33
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: