Mercurial > mozreview > gecko / changeset / 870d55bf2bdf2bd976ed9e7764264aaf6c7ea35d
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1268929: Limit memory allocated for media to 2GiB max. r?gerald draft
authorJean-Yves Avenard <jyavenard@mozilla.com>
Tue, 03 May 2016 10:03:18 +1000
changeset 362693 870d55bf2bdf2bd976ed9e7764264aaf6c7ea35d
parent 362692 a570df0230f1d0d51f82e0ef18c41010bd8ba592
child 362714 55ebcaa9ffda232a470c64594b4bc51f832b0e79
push id17019
push userbmo:jyavenard@mozilla.com
push dateTue, 03 May 2016 00:28:27 +0000
reviewersgerald
bugs1268929
milestone49.0a1
Bug 1268929: Limit memory allocated for media to 2GiB max. r?gerald MozReview-Commit-ID: JGJLZrGFRe2
dom/media/MediaData.h file | annotate | diff | comparison | revisions 
--- a/dom/media/MediaData.h
+++ b/dom/media/MediaData.h
@@ -218,18 +218,18 @@ private:
   // aligned and that it has sufficient end padding to allow for Alignment bytes
   // block read as required by some data decoders.
   // Returns false if memory couldn't be allocated.
   bool EnsureCapacity(size_t aLength)
   {
     const CheckedInt<size_t> sizeNeeded =
       CheckedInt<size_t>(aLength) * sizeof(Type) + AlignmentPaddingSize();
 
-    if (!sizeNeeded.isValid()) {
-      // overflow.
+    if (!sizeNeeded.isValid() || sizeNeeded.value() >= INT32_MAX) {
+      // overflow or over an acceptable size.
       return false;
     }
     if (mData && mCapacity >= sizeNeeded.value()) {
       return true;
     }
     auto newBuffer = MakeUniqueFallible<uint8_t[]>(sizeNeeded.value());
     if (!newBuffer) {
       return false;
gecko
Deployed from 4e825768105f at 2024-04-08T16:23:58Z.