nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity

Bug 1748482 - Check XML parser for brokenness in various methods. r=smaug

Browse source 
Differential Revision: https://phabricator.services.mozilla.com/D135096
This commit is contained in:
Henri Sivonen 2022-01-05 13:43:35 +00:00
parent 98277bd23e
commit 09d38d1170
1 changed files with 68 additions and 1 deletions
repo.diff.show_diff_stats Download patch file Download diff file Expand all files Collapse all files

69
parser/htmlparser/nsParser.cpp
View file

@ -394,6 +394,12 @@ nsParser::CancelParsingEvents() {
nsresult nsParser::WillBuildModel(nsString& aFilename) {
if (!mParserContext) return NS_ERROR_HTMLPARSER_INVALIDPARSERCONTEXT;
if (mInternalState == NS_ERROR_OUT_OF_MEMORY) {
// Checking NS_ERROR_OUT_OF_MEMORY instead of NS_FAILED
// to avoid introducing unintentional changes to behavior.
return mInternalState;
}
if (eUnknownDetect != mParserContext->mAutoDetectStatus) return NS_OK;
if (eDTDMode_unknown == mParserContext->mDTDMode ||
@ -562,6 +568,12 @@ nsParser::Terminate(void) {
NS_IMETHODIMP
nsParser::ContinueInterruptedParsing() {
if (mInternalState == NS_ERROR_OUT_OF_MEMORY) {
// Checking NS_ERROR_OUT_OF_MEMORY instead of NS_FAILED
// to avoid introducing unintentional changes to behavior.
return mInternalState;
}
// If there are scripts executing, then the content sink is jumping the gun
// (probably due to a synchronous XMLHttpRequest) and will re-enable us
// later, see bug 460706.
@ -680,6 +692,12 @@ NS_IMETHODIMP
nsParser::Parse(nsIURI* aURL, void* aKey) {
MOZ_ASSERT(aURL, "Error: Null URL given");
if (mInternalState == NS_ERROR_OUT_OF_MEMORY) {
// Checking NS_ERROR_OUT_OF_MEMORY instead of NS_FAILED
// to avoid introducing unintentional changes to behavior.
return mInternalState;
}
nsresult result = NS_ERROR_HTMLPARSER_BADURL;
if (aURL) {
@ -690,7 +708,8 @@ nsParser::Parse(nsIURI* aURL, void* aKey) {
}
nsString theName; // Not nsAutoString due to length and usage
if (!CopyUTF8toUTF16(spec, theName, mozilla::fallible)) {
return NS_ERROR_OUT_OF_MEMORY;
mInternalState = NS_ERROR_OUT_OF_MEMORY;
return mInternalState;
}
nsScanner* theScanner = new nsScanner(theName, false);
@ -719,6 +738,12 @@ nsresult nsParser::Parse(const nsAString& aSourceBuffer, void* aKey,
bool aLastCall) {
nsresult result = NS_OK;
if (mInternalState == NS_ERROR_OUT_OF_MEMORY) {
// Checking NS_ERROR_OUT_OF_MEMORY instead of NS_FAILED
// to avoid introducing unintentional changes to behavior.
return mInternalState;
}
// Don't bother if we're never going to parse this.
if (mInternalState == NS_ERROR_HTMLPARSER_STOPPARSING) {
return result;
@ -826,6 +851,12 @@ nsresult nsParser::Parse(const nsAString& aSourceBuffer, void* aKey,
NS_IMETHODIMP
nsParser::ParseFragment(const nsAString& aSourceBuffer,
nsTArray<nsString>& aTagStack) {
if (mInternalState == NS_ERROR_OUT_OF_MEMORY) {
// Checking NS_ERROR_OUT_OF_MEMORY instead of NS_FAILED
// to avoid introducing unintentional changes to behavior.
return mInternalState;
}
nsresult result = NS_OK;
nsAutoString theContext;
uint32_t theCount = aTagStack.Length();
@ -929,6 +960,12 @@ nsParser::ParseFragment(const nsAString& aSourceBuffer,
*/
nsresult nsParser::ResumeParse(bool allowIteration, bool aIsFinalChunk,
bool aCanInterrupt) {
if (mInternalState == NS_ERROR_OUT_OF_MEMORY) {
// Checking NS_ERROR_OUT_OF_MEMORY instead of NS_FAILED
// to avoid introducing unintentional changes to behavior.
return mInternalState;
}
nsresult result = NS_OK;
if (!mBlocked && mInternalState != NS_ERROR_HTMLPARSER_STOPPARSING) {
@ -1043,6 +1080,12 @@ nsresult nsParser::ResumeParse(bool allowIteration, bool aIsFinalChunk,
* tokenization phase, and try to make sense out of them.
*/
nsresult nsParser::BuildModel() {
if (mInternalState == NS_ERROR_OUT_OF_MEMORY) {
// Checking NS_ERROR_OUT_OF_MEMORY instead of NS_FAILED
// to avoid introducing unintentional changes to behavior.
return mInternalState;
}
nsITokenizer* theTokenizer = nullptr;
nsresult result = NS_OK;
@ -1065,6 +1108,12 @@ nsresult nsParser::BuildModel() {
*******************************************************************/
nsresult nsParser::OnStartRequest(nsIRequest* request) {
if (mInternalState == NS_ERROR_OUT_OF_MEMORY) {
// Checking NS_ERROR_OUT_OF_MEMORY instead of NS_FAILED
// to avoid introducing unintentional changes to behavior.
return mInternalState;
}
MOZ_ASSERT(eNone == mParserContext->mStreamListenerState,
"Parser's nsIStreamListener API was not setup "
"correctly in constructor.");
@ -1252,6 +1301,12 @@ static nsresult ParserWriteFunc(nsIInputStream* in, void* closure,
nsresult nsParser::OnDataAvailable(nsIRequest* request,
nsIInputStream* pIStream,
uint64_t sourceOffset, uint32_t aLength) {
if (mInternalState == NS_ERROR_OUT_OF_MEMORY) {
// Checking NS_ERROR_OUT_OF_MEMORY instead of NS_FAILED
// to avoid introducing unintentional changes to behavior.
return mInternalState;
}
MOZ_ASSERT((eOnStart == mParserContext->mStreamListenerState ||
eOnDataAvail == mParserContext->mStreamListenerState),
"Error: OnStartRequest() must be called before OnDataAvailable()");
@ -1321,6 +1376,12 @@ nsresult nsParser::OnDataAvailable(nsIRequest* request,
* has been collected from the net.
*/
nsresult nsParser::OnStopRequest(nsIRequest* request, nsresult status) {
if (mInternalState == NS_ERROR_OUT_OF_MEMORY) {
// Checking NS_ERROR_OUT_OF_MEMORY instead of NS_FAILED
// to avoid introducing unintentional changes to behavior.
return mInternalState;
}
nsresult rv = NS_OK;
CParserContext* pc = mParserContext;
@ -1377,6 +1438,12 @@ bool nsParser::WillTokenize(bool aIsFinalChunk) {
* you run out of data.
*/
nsresult nsParser::Tokenize(bool aIsFinalChunk) {
if (mInternalState == NS_ERROR_OUT_OF_MEMORY) {
// Checking NS_ERROR_OUT_OF_MEMORY instead of NS_FAILED
// to avoid introducing unintentional changes to behavior.
return mInternalState;
}
nsITokenizer* theTokenizer;
nsresult result = NS_ERROR_NOT_AVAILABLE;