From 378c0da05d8b1a74d021d2471ea50a620759f133 Mon Sep 17 00:00:00 2001
From: "gavin%gavinsharp.com" <gavin%gavinsharp.com>
Date: Sat, 22 Apr 2006 13:32:25 +0000
Subject: [PATCH] Bug 334319: buffer overrun in nsPermissionManager::Read when
 reading an invalid cookperm.txt file, r=mvl, sr=darin

---
 extensions/cookie/nsPermissionManager.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/extensions/cookie/nsPermissionManager.cpp b/extensions/cookie/nsPermissionManager.cpp
index aeb6f1eb40c..9c9c7c1743e 100644
--- a/extensions/cookie/nsPermissionManager.cpp
+++ b/extensions/cookie/nsPermissionManager.cpp
@@ -757,6 +757,10 @@ nsPermissionManager::Read()
           type = 10*type + (c-'0');
           c = permissionString.CharAt(++index);
         }
+
+        if (type >= NUMBER_OF_TYPES)
+          continue; // invalid type for this permission entry
+
         if (index >= permissionString.Length())
           continue; // bad format for this permission entry