This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 23140 - Further Boundary Checking is Necessary on Slice Calls
Summary: Further Boundary Checking is Necessary on Slice Calls
Alias: None
Product: WebAppsWG
Classification: Unclassified
Component: File API (show other bugs)
Version: unspecified
Hardware: PC All
: P2 normal
Target Milestone: ---
Assignee: Arun
QA Contact: public-webapps-bugzilla
Depends on:
Reported: 2013-09-03 15:09 UTC by Arun
Modified: 2013-09-05 17:57 UTC (History)
1 user (show)

See Also:


Description Arun 2013-09-03 15:09:29 UTC showcases a slice call on a Blob of size 4 of the sort:

slice(0, Number.MAX_SIZE) 

on which on Fx returns a Blob of size 0, but only because of the 'long long' threshold being reached.

This bug is to introduce further boundary checks on slice calls, disallowing a slice bigger than the original blob for example.
Comment 1 Arun 2013-09-03 15:35:21 UTC
Additionally, the spec should use [Clamp] on long long arguments to slice.
Comment 2 Arun 2013-09-03 16:35:23 UTC
Clarification: the spec already disallows end > size and the equivalent for start.  This bug is to add [Clamp] to the IDL to ensure that a call of the sort

slice(0, Number.MAX_SIZE) 

ends up being equivalent to

slice(0, thisBlob.size)
Comment 3 Arun 2013-09-05 17:57:12 UTC uses [Clamp] in slice method IDL definition.