Closed Bug 1688616 Opened 4 years ago Closed 4 years ago

Check for large ArrayBuffers or views in WebIDL bindings

Categories

(Core :: DOM: Bindings (WebIDL), task, P3)

Product:
Core
Component:
DOM: Bindings (WebIDL)
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
87 Branch
Tracking Flags:
Tracking Status
firefox87 --- fixed

People

(Reporter: jandem, Assigned: jandem)

References

Details

Attachments

(2 files, 1 obsolete file)

Bug 1688616 part 1 - Add a browser pref for large ArrayBuffers. r?lth!
(deleted), text/x-phabricator-request
Details
Bug 1688616 part 2 - Check for large ArrayBuffer{View}s in WebIDL bindings. r?edgar!,lth!
(deleted), text/x-phabricator-request
Details
No description provided.

The pref is only checked on startup and sets a process-wide flag, so that we
don't have to worry about the value changing from under us.

The dom::TypedArray type currently represents its length as uint32_t. Changing
that to size_t/uint64_t would cause problems (truncation) for many 'Length()' callers.
Instead of requiring a length check for each of those call sites, for now check for
and reject large array buffers and views in the generated bindings.

Code and tests are based on the implementation of the [AllowShared] attribute.
Additional tests for the new JSAPIs will be added as part of bug 1674777.

Depends on D102911

Adds useRegisterOrIndexConstant to check this during lowering, and also uses
ArrayOffsetFitsInInt32 in codegen to assert no overflow.

Depends on D102738

Comment on attachment 9199488 [details]
Bug 1688616 part 22 - Guard against int32 overflow in offset computations. r?anba!

Revision D103154 was moved to bug 1687441. Setting attachment 9199488 [details] to obsolete.

Attachment #9199488 - Attachment is obsolete: true
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/7985fd012bc7
part 1 - Add a browser pref for large ArrayBuffers. r=lth
https://hg.mozilla.org/integration/autoland/rev/560718ce8d2c
part 2 - Check for large ArrayBuffer{View}s in WebIDL bindings. r=edgar,lth

Oh oops, these testing functions are only available in debug builds. I'll fix the test.

Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/61e9fa98634c
part 1 - Add a browser pref for large ArrayBuffers. r=lth
https://hg.mozilla.org/integration/autoland/rev/d31e8c40be6a
part 2 - Check for large ArrayBuffer{View}s in WebIDL bindings. r=edgar,lth

https://hg.mozilla.org/mozilla-central/rev/61e9fa98634c
https://hg.mozilla.org/mozilla-central/rev/d31e8c40be6a

Status: ASSIGNED → RESOLVED
Closed: 4 years ago
status-firefox87: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 87 Branch
Flags: needinfo?(jdemooij)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: