Peter Van der Beken 4641d9bef3 Bug 1751796 - XML parsererror eats two first letters. r=bholley ... We were calling XML_GetCurrentColumnNumber after ParseBuffer caused Expat to consume some data. XML_GetCurrentColumnNumber uses the buffer that was last passed to Expat. Before Expat was put in an RLBox sandbox the caller of ParseBuffer would keep the data in the scanner string until after the call to XML_GetCurrentColumnNumber. Now that we copy the data into the RLBox sandbox the data is freed when the TransferBuffer in ParseBuffer goes out of scope, so in the caller of ParseBuffer the call to XML_GetCurrentColumnNumber would cause us to read freed memory inside the sandbox. Moving the call to XML_GetCurrentColumnNumber to inside ParseBuffer, when TransferBuffer is still in scope, solves the issue. Differential Revision: https://phabricator.services.mozilla.com/D141795		2022-04-05 14:10:11 +00:00
..
expat	Bug 1754724 - Clear up even more computations in expat code. r=farre, a=tritter	2022-03-02 22:34:28 +00:00
html	Bug 1712928 - Gather telemetry about encoding-unlabeled pages and about Repair Text Encoding usage situations. r=emk	2022-03-29 08:04:25 +00:00
htmlparser	Bug 1751796 - XML parsererror eats two first letters. r=bholley	2022-04-05 14:10:11 +00:00
prototype	Bug 1749935 - Remove GetDTD. r=hsivonen	2022-02-14 13:03:52 +00:00
xml	…
moz.build	…
nsCharsetSource.h	Bug 1712928 - Gather telemetry about encoding-unlabeled pages and about Repair Text Encoding usage situations. r=emk	2022-03-29 08:04:25 +00:00