Bug 805797 - Validate sp before unwinding to fix crash in mozilla::FramePointerStackWalk. r=ehsan

2025-02-26 12:20:56 +00:00 · 2012-11-21 16:24:39 -05:00 · 2012-11-21 16:24:39 -05:00 · 6e776e6d55
commit 6e776e6d55
parent bd2ae43bd9
1 changed files with 3 additions and 1 deletions
--- a/tools/profiler/TableTicker.cpp
+++ b/tools/profiler/TableTicker.cpp
@ -800,7 +800,9 @@ void TableTicker::doBacktrace(ThreadProfile &aProfile, TickSample* aSample)
  void *stackEnd = reinterpret_cast<void*>(-1);
  if (pt)
    stackEnd = static_cast<char*>(pthread_get_stackaddr_np(pt));
-  nsresult rv = FramePointerStackWalk(StackWalkCallback, 0, &array, reinterpret_cast<void**>(aSample->fp), stackEnd);
+  nsresult rv = NS_OK;
+  if (aSample->fp >= aSample->sp && aSample->fp <= stackEnd)
+    rv = FramePointerStackWalk(StackWalkCallback, 0, &array, reinterpret_cast<void**>(aSample->fp), stackEnd);
 #else
  nsresult rv = NS_StackWalk(StackWalkCallback, 0, &array, thread);
 #endif