From 09a66e143f3d67903af614f6d625ea3cd08953ad Mon Sep 17 00:00:00 2001
From: "julien.pierre.boogz%sun.com" <julien.pierre.boogz%sun.com>
Date: Thu, 14 Feb 2008 22:06:12 +0000
Subject: [PATCH] Fix for bug 373907 . Limit manifest size in JAR file.
 r=nelson

---
 security/nss/lib/jar/jarfile.c | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/security/nss/lib/jar/jarfile.c b/security/nss/lib/jar/jarfile.c
index 91ae4148dc6..fc3ed2ae93e 100644
--- a/security/nss/lib/jar/jarfile.c
+++ b/security/nss/lib/jar/jarfile.c
@@ -631,7 +631,7 @@ static int jar_extract_mf (JAR *jar, jarArch format, JAR_FILE fp, char *ext)
   ZZList *list;
 
   char *fn, *e;
-  char ZHUGEP *manifest;
+  char ZHUGEP *manifest = NULL;
 
   long length;
   int status, ret = 0, num;
@@ -683,13 +683,10 @@ static int jar_extract_mf (JAR *jar, jarArch format, JAR_FILE fp, char *ext)
         }
 
       /* Read in the manifest and parse it */
-      /* FIX? Does this break on win16 for very very large manifest files? */
-
-#ifdef XP_WIN16
-      PORT_Assert( phy->length+1 < 0xFFFF );
-#endif
-
-      manifest = (char ZHUGEP *) PORT_ZAlloc (phy->length + 1);
+      /* limit is per J2SE SDK */
+      if (phy->length <= 0xFFFF) {
+          manifest = (char ZHUGEP *) PORT_ZAlloc (phy->length + 1);
+      }
       if (manifest)
         {
         JAR_FSEEK (fp, phy->offset, (PRSeekWhence)0);