Fix Class::IsInSamePackage to not read beyond the end of a StringPiece.

Fix length of string piece to be size_type rather than int because expecting
negatively sized strings is a bad idea and we should use unsigned types to
defensively guard against mistakes.
Remove max_size and capacity since the return type is inconsistent between
Google and the STL, and we don't need the functions.
Add a bound check in libartd to operator[] accesses.

Change-Id: I1b87a03d8fbd95e7dbb106745e304d1083898075

2 files changed, 4 insertions, 3 deletions

diff --git a/runtime/mirror/art_method.cc b/runtime/mirror/art_method.cc
index 159d04d..787c767 100644
--- a/runtime/mirror/art_method.cc
+++ b/runtime/mirror/art_method.cc
@@ -105,9 +105,9 @@ void ArtMethod::SetDexCacheResolvedTypes(ObjectArray<Class>* new_dex_cache_class
 }
 
 size_t ArtMethod::NumArgRegisters(const StringPiece& shorty) {
-  CHECK_LE(1, shorty.length());
+  CHECK_LE(1U, shorty.length());
   uint32_t num_registers = 0;
-  for (int i = 1; i < shorty.length(); ++i) {
+  for (size_t i = 1; i < shorty.length(); ++i) {
     char ch = shorty[i];
     if (ch == 'D' || ch == 'J') {
       num_registers += 2;
diff --git a/runtime/mirror/class.cc b/runtime/mirror/class.cc
index 0ee8fa8..3fcb188 100644
--- a/runtime/mirror/class.cc
+++ b/runtime/mirror/class.cc
@@ -294,7 +294,8 @@ void Class::SetReferenceInstanceOffsets(uint32_t new_reference_offsets) {
 
 bool Class::IsInSamePackage(const StringPiece& descriptor1, const StringPiece& descriptor2) {
   size_t i = 0;
-  while (descriptor1[i] != '\0' && descriptor1[i] == descriptor2[i]) {
+  size_t min_length = std::min(descriptor1.size(), descriptor2.size());
+  while (i < min_length && descriptor1[i] == descriptor2[i]) {
     ++i;
   }
   if (descriptor1.find('/', i) != StringPiece::npos ||