Bug 1381080 patch 4 - Assert that strings whose static type requires a null-terminated buffer aren't assign a non-null-terminated buffer. r=erahm

I actually couldn't figure out a way to trigger this assertion with the current string code without doing invalid casts, but there are things we may want to add to the string code in the future that might risk hitting this (e.g., move constructors, promoting various rebind methods to nsA[C]String), so I think it's worth asserting. MozReview-Commit-ID: 4R0dYuTfrFW --HG-- extra : transplant_source : %B6%87I%0E%7F%21%CC2%19%CD%A7%E6TRA%9D%AEO%90%D7
2017-07-20 15:46:59 -07:00 · 2017-07-20 15:46:59 -07:00 · 6a5b0be9fc
--- a/xpcom/string/nsTSubstring.cpp
+++ b/xpcom/string/nsTSubstring.cpp
@ -23,6 +23,7 @@ nsTSubstring_CharT::nsTSubstring_CharT(char_type* aData, size_type aLength,
                                       ClassFlags aClassFlags)
  : nsTStringRepr_CharT(aData, aLength, aDataFlags, aClassFlags)
 {
+  AssertValid();
  MOZ_RELEASE_ASSERT(CheckCapacity(aLength), "String is too large.");

  if (aDataFlags & DataFlags::OWNED) {
--- a/xpcom/string/nsTSubstring.h
+++ b/xpcom/string/nsTSubstring.h
@ -997,6 +997,15 @@ public:
    }
  }

+protected:
+  void AssertValid()
+  {
+    MOZ_ASSERT(!(mClassFlags & ClassFlags::NULL_TERMINATED) ||
+               (mDataFlags & DataFlags::TERMINATED),
+               "String classes whose static type guarantees a null-terminated "
+               "buffer must not be assigned a non-null-terminated buffer.");
+  }
+
 public:

  /**
@ -1006,6 +1015,7 @@ public:
  MOZ_IMPLICIT nsTSubstring_CharT(const substring_tuple_type& aTuple)
    : nsTStringRepr_CharT(nullptr, 0, DataFlags(0), ClassFlags(0))
  {
+    AssertValid();
    Assign(aTuple);
  }

@ -1046,6 +1056,7 @@ protected:
    : nsTStringRepr_CharT(char_traits::sEmptyBuffer, 0, DataFlags::TERMINATED,
                          ClassFlags(0))
  {
+    AssertValid();
  }

  // copy-constructor, constructs as dependent on given object
@ -1055,6 +1066,7 @@ protected:
                          aStr.mDataFlags & (DataFlags::TERMINATED | DataFlags::VOIDED),
                          ClassFlags(0))
  {
+    AssertValid();
  }

  // initialization with ClassFlags
@ -1062,6 +1074,7 @@ protected:
    : nsTStringRepr_CharT(char_traits::sEmptyBuffer, 0, DataFlags::TERMINATED,
                          aClassFlags)
  {
+    AssertValid();
  }

 /**
@ -1077,6 +1090,7 @@ protected:
 #undef XPCOM_STRING_CONSTRUCTOR_OUT_OF_LINE
    : nsTStringRepr_CharT(aData, aLength, aDataFlags, aClassFlags)
  {
+    AssertValid();
    MOZ_RELEASE_ASSERT(CheckCapacity(aLength), "String is too large.");
  }
 #endif /* DEBUG || FORCE_BUILD_REFCNT_LOGGING */
@ -1086,6 +1100,7 @@ protected:
    mData = char_traits::sEmptyBuffer;
    mLength = 0;
    mDataFlags = DataFlags::TERMINATED;
+    AssertValid();
  }

  void SetData(char_type* aData, size_type aLength, DataFlags aDataFlags)
@ -1093,6 +1108,7 @@ protected:
    mData = aData;
    mLength = aLength;
    mDataFlags = aDataFlags;
+    AssertValid();
  }

  /**