23140 2013-09-03 15:09:29 +0000 Further Boundary Checking is Necessary on Slice Calls 2013-09-05 17:57:12 +0000 1 1 1 Unclassified WebAppsWG File API unspecified PC All RESOLVED FIXED P2 normal --- 1 arun arun public-webapps public-webapps-bugzilla oldest_to_newest 92882 0 arun 2013-09-03 15:09:29 +0000 https://bugzilla.mozilla.org/show_bug.cgi?id=906413 showcases a slice call on a Blob of size 4 of the sort: slice(0, Number.MAX_SIZE) on which on Fx returns a Blob of size 0, but only because of the 'long long' threshold being reached. This bug is to introduce further boundary checks on slice calls, disallowing a slice bigger than the original blob for example. 92884 1 arun 2013-09-03 15:35:21 +0000 Additionally, the spec should use [Clamp] on long long arguments to slice. 92887 2 arun 2013-09-03 16:35:23 +0000 Clarification: the spec already disallows end > size and the equivalent for start. This bug is to add [Clamp] to the IDL to ensure that a call of the sort slice(0, Number.MAX_SIZE) ends up being equivalent to slice(0, thisBlob.size) 93067 3 arun 2013-09-05 17:57:12 +0000 http://dev.w3.org/2006/webapi/FileAPI/#blob uses [Clamp] in slice method IDL definition.