Bug 1484988 - Avoid writing past the logical length of a string in Toolkit. r=froydnj

Also remove a useless call to SetCapacity(). MozReview-Commit-ID: LarsWKI3qwz Differential Revision: https://phabricator.services.mozilla.com/D3882 --HG-- extra : moz-landing-system : lando
2018-09-03 06:51:33 +00:00 · 2018-09-03 06:51:33 +00:00 · 791116f2af
--- a/services/crypto/component/IdentityCryptoService.cpp
+++ b/services/crypto/component/IdentityCryptoService.cpp
@ -33,8 +33,7 @@ namespace {
 void
 HexEncode(const SECItem * it, nsACString & result)
 {
-  const char * digits = "0123456789ABCDEF";
-  result.SetCapacity((it->len * 2) + 1);
+  static const char digits[] = "0123456789ABCDEF";
  result.SetLength(it->len * 2);
  char * p = result.BeginWriting();
  for (unsigned int i = 0; i < it->len; ++i) {
--- a/toolkit/components/url-classifier/Entries.h
+++ b/toolkit/components/url-classifier/Entries.h
@ -89,12 +89,9 @@ struct SafebrowsingHash
  void ToString(nsACString& aStr) const {
    uint32_t len = ((sHashSize + 2) / 3) * 4;

-    // Capacity should be one greater than length, because PL_Base64Encode
-    // will not be null-terminated, while nsCString requires it.
-    aStr.SetCapacity(len + 1);
-    PL_Base64Encode((char*)buf, sHashSize, aStr.BeginWriting());
-    aStr.BeginWriting()[len] = '\0';
    aStr.SetLength(len);
+    PL_Base64Encode((char*)buf, sHashSize, aStr.BeginWriting());
+    MOZ_ASSERT(aStr.BeginReading()[len] == '\0');
  }

  void ToHexString(nsACString& aStr) const {