Add runtime bounds checking for Array
Categories
(Core :: MFBT, defect)
Tracking
()
Tracking | Status | |
---|---|---|
firefox94 | --- | fixed |
People
(Reporter: mccr8, Assigned: truber)
References
Details
(Keywords: sec-want, Whiteboard: [adv-main94-])
Attachments
(1 file)
It would be nice if we had bounds checking for this class. Right now, there's just assertions. We didn't see any measurable overhead for nsTArray, so hopefully we could add it here, too, without causing perf issues.
Comment 1•5 years ago
|
||
Linking to nsTArray bounds checking bugs: bug 1159244, bug 1373371, and bug 1348123.
They abort using an out-of-line function InvalidArrayIndex_CRASH()
:
Which was whitelisted for rooting hazard analysis:
Comment 2•4 years ago
|
||
Because this bug's Severity has not been changed from the default since it was filed, and it's Priority is --
(Backlog,) indicating it has has not been previously triaged, the bug's Severity is being updated to --
(default, untriaged.)
Comment 3•4 years ago
|
||
Because this bug's Severity has not been changed from the default since it was filed, and it's Priority is --
(Backlog,) indicating it has has not been previously triaged, the bug's Severity is being updated to --
(default, untriaged.)
Comment 4•4 years ago
|
||
Because this bug's Severity has not been changed from the default since it was filed, and it's Priority is --
(Backlog,) indicating it has has not been previously triaged, the bug's Severity is being updated to --
(default, untriaged.)
Comment 5•4 years ago
|
||
The severity of these bugs was changed, mistakenly, from normal
to S3
.
Because these bugs have a priority of --
, indicating that they have not been previously triaged, these bugs should be changed to Severity of --
.
Assignee | ||
Comment 6•3 years ago
|
||
Updated•3 years ago
|
Comment 8•3 years ago
|
||
bugherder |
Updated•3 years ago
|
Description
•