Closed
Bug 907904
Opened 11 years ago
Closed 11 years ago
Fix string API abuse in JarSignatureVerification.cpp
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla26
| Tracking | Status | |
|---|---|---|
| b2g18 | --- | fixed |
People
(Reporter: neil, Assigned: neil)
References
Details
Attachments
(1 file)
|
(deleted),
patch
|
briansmith
:
review+
|
Details | Diff | Splinter Review |
Bug #772365 misused the literal string API.
nsLiteralString is only used to declare members that are then constructed from string literals using NS_LITERAL_STRING_INIT. NS_LITERAL_STRING is used to convert a string literal to a const nsDependentString& object. However JarSignatureVerification.cpp is using nsLiteralString as a conversion operator on an expression of type const char*.
There was also an NS_LITERAL_CSTRING("") which can be better written EmptyCString().
|
Assignee | |
Comment 1•11 years ago
|
||
Sorry, those should all be the "C" string types, of course (until you get to const char*, after which point the description is correct).
|
||
Comment 2•11 years ago
|
||
Is this a correctness issue, or are these just nits?
Component: DOM: Apps → Security: PSM
|
|
Assignee | |
Comment 3•11 years ago
|
||
|
|
||
Updated•11 years ago
|
Attachment #793663 -
Flags: review?(brian) → review+
|
|
Assignee | |
Comment 4•11 years ago
|
||
The misuse of nsLiteralCString is a correctness issue; we hope to make nsLiteralCString require a string literal (NS_LITERAL_STRING already does). The NS_LITERAL_CSTRING("") is more of a nit.
|
|
Assignee | |
Comment 5•11 years ago
|
||
|
||
Comment 6•11 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla26
You need to log in
before you can comment on or make changes to this bug.
Description
•