Bug 1649306 - webcrypto: avoid passing null to memcpy (even when length is 0) r=jschanck

Differential Revision: https://phabricator.services.mozilla.com/D185855

dom/crypto/CryptoBuffer.cpp

@@ -128,7 +128,12 @@ bool CryptoBuffer::ToSECItem(PLArenaPool* aArena, SECItem* aItem) const {
   if (!::SECITEM_AllocItem(aArena, aItem, Length())) {
     return false;
   }
-
+  // If this CryptoBuffer is of 0 length, aItem->data will be null. Passing
+  // null to memcpy is not valid, even if the length is 0, so return early.
+  if (!aItem->data) {
+    MOZ_ASSERT(Length() == 0);
+    return true;
+  }
   memcpy(aItem->data, Elements(), Length());
   return true;
 }
@@ -141,20 +146,6 @@ JSObject* CryptoBuffer::ToArrayBuffer(JSContext* aCx) const {
   return ArrayBuffer::Create(aCx, Length(), Elements());
 }
 
-bool CryptoBuffer::ToNewUnsignedBuffer(uint8_t** aBuf,
-                                       uint32_t* aBufLen) const {
-  MOZ_ASSERT(aBuf);
-  MOZ_ASSERT(aBufLen);
-
-  uint32_t dataLen = Length();
-  uint8_t* tmp = reinterpret_cast<uint8_t*>(moz_xmalloc(dataLen));
-
-  memcpy(tmp, Elements(), dataLen);
-  *aBuf = tmp;
-  *aBufLen = dataLen;
-  return true;
-}
-
 // "BigInt" comes from the WebCrypto spec
 // ("unsigned long" isn't very "big", of course)
 // Likewise, the spec calls for big-endian ints

dom/crypto/CryptoBuffer.h

@@ -37,7 +37,6 @@ class CryptoBuffer : public FallibleTArray<uint8_t> {
   bool ToSECItem(PLArenaPool* aArena, SECItem* aItem) const;
   JSObject* ToUint8Array(JSContext* aCx) const;
   JSObject* ToArrayBuffer(JSContext* aCx) const;
-  bool ToNewUnsignedBuffer(uint8_t** aBuf, uint32_t* aBufLen) const;
 
   bool GetBigIntValue(unsigned long& aRetVal);