Closed Bug 907904 Opened 7 years ago Closed 7 years ago

Fix string API abuse in JarSignatureVerification.cpp

Categories

(Core :: Security: PSM, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla26
Tracking Status
b2g18 --- fixed

People

(Reporter: neil, Assigned: neil)

References

Details

Attachments

(1 file)

Bug #772365 misused the literal string API.

nsLiteralString is only used to declare members that are then constructed from string literals using NS_LITERAL_STRING_INIT. NS_LITERAL_STRING is used to convert a string literal to a const nsDependentString& object. However JarSignatureVerification.cpp is using nsLiteralString as a conversion operator on an expression of type const char*.

There was also an NS_LITERAL_CSTRING("") which can be better written EmptyCString().
Sorry, those should all be the "C" string types, of course (until you get to const char*, after which point the description is correct).
Is this a correctness issue, or are these just nits?
Component: DOM: Apps → Security: PSM
Attached patch Proposed patchSplinter Review
Assignee: nobody → neil
Status: NEW → ASSIGNED
Attachment #793663 - Flags: review?(brian)
Attachment #793663 - Flags: review?(brian) → review+
The misuse of nsLiteralCString is a correctness issue; we hope to make nsLiteralCString require a string literal (NS_LITERAL_STRING already does). The NS_LITERAL_CSTRING("") is more of a nit.
https://hg.mozilla.org/mozilla-central/rev/92beaab780c0
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla26
You need to log in before you can comment on or make changes to this bug.