$OpenBSD: patch-xpfe_components_history_src_nsGlobalHistory_cpp,v 1.1 2006/01/23 12:34:06 wilfried Exp $
--- xpfe/components/history/src/nsGlobalHistory.cpp.orig	Wed Oct 26 15:58:33 2005
+++ xpfe/components/history/src/nsGlobalHistory.cpp	Tue Dec 20 21:43:18 2005
@@ -111,6 +111,11 @@ nsIPrefBranch* nsGlobalHistory::gPrefBra
 
 #define FIND_BY_AGEINDAYS_PREFIX "find:datasource=history&match=AgeInDays&method="
 
+// see bug #319004 -- clamp title and URL to generously-large but not too large
+// length
+#define HISTORY_URI_LENGTH_MAX 65536
+#define HISTORY_TITLE_LENGTH_MAX 4096
+
 // sync history every 10 seconds
 #define HISTORY_SYNC_TIMEOUT (10 * PR_MSEC_PER_SEC)
 //#define HISTORY_SYNC_TIMEOUT 3000 // every 3 seconds - testing only!
@@ -589,6 +594,9 @@ nsGlobalHistory::AddURI(nsIURI *aURI, PR
   rv = aURI->GetSpec(URISpec);
   NS_ENSURE_SUCCESS(rv, rv);
 
+  if (URISpec.Length() > HISTORY_URI_LENGTH_MAX)
+     return NS_OK;
+
   nsCAutoString referrerSpec;
   if (aReferrer) {
     rv = aReferrer->GetSpec(referrerSpec);
@@ -1033,7 +1041,7 @@ nsGlobalHistory::SetPageTitle(nsIURI *aU
   nsresult rv;
   NS_ENSURE_ARG_POINTER(aURI);
 
-  const nsAFlatString& titleString = PromiseFlatString(aTitle);
+  nsAutoString titleString(StringHead(aTitle, HISTORY_TITLE_LENGTH_MAX));
 
   // skip about: URIs to avoid reading in the db (about:blank, especially)
   PRBool isAbout;
@@ -1333,6 +1341,9 @@ nsGlobalHistory::HidePage(nsIURI *aURI)
   rv = aURI->GetSpec(URISpec);
   NS_ENSURE_SUCCESS(rv, rv);
   
+  if (URISpec.Length() > HISTORY_URI_LENGTH_MAX)
+     return NS_OK;
+
   nsCOMPtr<nsIMdbRow> row;
 
   rv = FindRow(kToken_URLColumn, URISpec.get(), getter_AddRefs(row));
@@ -1365,6 +1376,9 @@ nsGlobalHistory::MarkPageAsTyped(nsIURI 
   nsCAutoString spec;
   nsresult rv = aURI->GetSpec(spec);
   if (NS_FAILED(rv)) return rv;
+
+  if (spec.Length() > HISTORY_URI_LENGTH_MAX)
+     return NS_OK;
 
   nsCOMPtr<nsIMdbRow> row;
   rv = FindRow(kToken_URLColumn, spec.get(), getter_AddRefs(row));
