mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-11 12:25:53 +00:00
Bug 1396361 - Avoid crashing when some system library calls malloc_zone_free(zone, NULL). r=njn
Some system libraries call malloc_zone_free directly instead of free, and sometimes they do that with the wrong zone. When that happens, we circle back, trying to find the right zone, and call malloc_zone_free with the right one, but when we can't find one, we crash, which matches what the system free() would do. Except in one case where the pointer we're being passed is NULL, in which case we can't trace it back to any zone, but shouldn't crash (system free() explicitly doesn't crash in that case). --HG-- extra : rebase_source : 17efdcd80f1a53be7ab6b7293bfb6060a9aa4a48
This commit is contained in:
parent
d8b57ef9d7
commit
acb85e2b41
@ -153,6 +153,9 @@ other_zone_free(malloc_zone_t* original_zone, void* ptr)
|
|||||||
// one. We can't call libSystem's free directly because we're exporting
|
// one. We can't call libSystem's free directly because we're exporting
|
||||||
// free from libmozglue and we'd pick that one, so we manually find the
|
// free from libmozglue and we'd pick that one, so we manually find the
|
||||||
// right zone and free with it.
|
// right zone and free with it.
|
||||||
|
if (!ptr) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
malloc_zone_t* zone = malloc_zone_from_ptr(ptr);
|
malloc_zone_t* zone = malloc_zone_from_ptr(ptr);
|
||||||
// The system allocator crashes voluntarily by default when a pointer can't
|
// The system allocator crashes voluntarily by default when a pointer can't
|
||||||
// be traced back to a zone. Do the same.
|
// be traced back to a zone. Do the same.
|
||||||
|
Loading…
Reference in New Issue
Block a user